Ive followed all the steps in https://help.ubuntu.com/community/Postfix/DovecotLDAP but I am getting a > localhost postfix/smtpd: fatal: no SASL authentication > mechanisms in my **/var/log/mail.err** Is there a way to find out more specific root cause? Note: I have verified saslauthd is running properly using **testsaslauthd**. SASLAuthd is running fine. I'm struggling in trying to get deeper logs and exact cause on the postfix-sasl side, since I assume the issue will be there.

We are setting up a Postfix mail relay to accept only authenticated smtp sessions and forward them to our backend smarthosts. CentOS 6.8
postfix-2.6.6-6.el6_7.1.x86_64
cyrus-sasl-lib-2.1.23-15.el6_6.2.x86_64
cyrus-sasl-md5-2.1.23-15.el6_6.2.x86_64
cyrus-sasl-2.1.23-15.el6_6.2.x86_64
cyrus-sasl-plain-2.1.23-15.el6_6.2.x86_64
We have installed and configured Postfix as well as SASL according to a couple of tutorials and references from the postfix manual on postfix.org, although we seem to have a couple of configuration or permission errors. Any help would be appreciated. --- [root@server]# saslpasswd2 -c -u test.com test Password: test123 Again (for verification): test123 [root@server]# sasldblistusers2 test@test.com: userPassword [root@server]# testsaslauthd -u test@test.com -p test123 0: NO "authentication failed" [root@server]# tail -n1 /var/log/messages Jan 13 08:10:19 server saslauthd: do_auth : auth failure: [user=test@test.com] [service=imap] [realm=] [mech=pam] [reason=PAM auth error] [root@server]# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 html_directory = no inet_interfaces = all inet_protocols = all mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, localhost mydomain = testing.com myhostname = smtp.testing.com newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES relayhost = [mx01.testing.com]:25 sample_directory = /usr/share/doc/postfix-2.6.6/samples sender_dependent_relayhost_maps = hash:/etc/postfix/relayhost_map sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_fallback_relay = [mx02.testing.com]:25 smtp_tls_CAfile = /etc/postfix/ssl/smtp.testing.com.ca-file smtp_tls_cert_file = /etc/postfix/ssl/smtp.testing.com.crt smtp_tls_key_file = /etc/postfix/ssl/smtp.testing.com.key smtp_use_tls = yes smtpd_banner = $myhostname ESMTP ($mail_version) smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = smtpd_sasl_security_options = noanonymous smtpd_sasl_tls_security_options = noanonymous smtpd_tls_CAfile = /etc/postfix/ssl/smtp.testing.com.ca-file smtpd_tls_cert_file = /etc/postfix/ssl/smtp.testing.com.crt smtpd_tls_key_file = /etc/postfix/ssl/smtp.testing.com.key smtpd_tls_security_level = may unknown_local_recipient_reject_code = 550 [root@server]# cat /etc/sasl2/smtpd.conf pwcheck_method: auxprop auxprop_plugin: sasldb mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5 log_level: 7 [root@server]# cat /etc/postfix/master.cf smtp inet n - n - - smtpd -v #submission inet n - n - - smtpd # -o smtpd_tls_security_level=encrypt # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING smtps inet n - n - - smtpd -v # -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING SMTP Client Log Stat Connected. Recv 13/01/2017 8:34:12 AM: 220 smtp.test.com ESMTP (2.6.6) Sent 13/01/2017 8:34:12 AM: EHLO SendSMTPv2.19.0.1 Recv 13/01/2017 8:34:12 AM: 250-smtp.securmail.net.au250-PIPELINING250-SIZE 10240000250-VRFY250-ETRN250-STARTTLS250-AUTH LOGIN DIGEST-MD5 CRAM-MD5 PLAIN250-AUTH=LOGIN DIGEST-MD5 CRAM-MD5 PLAIN250-ENHANCEDSTATUSCODES250-8BITMIME250 DSN Sent 13/01/2017 8:34:12 AM: STARTTLS Recv 13/01/2017 8:34:12 AM: 220 2.0.0 Ready to start TLS Sent 13/01/2017 8:34:12 AM: EHLO SendSMTPv2.19.0.1 Recv 13/01/2017 8:34:12 AM: 250-smtp.test.com250-PIPELINING250-SIZE 10240000250-VRFY250-ETRN250-AUTH LOGIN DIGEST-MD5 CRAM-MD5 PLAIN250-AUTH=LOGIN DIGEST-MD5 CRAM-MD5 PLAIN250-ENHANCEDSTATUSCODES250-8BITMIME250 DSN Sent 13/01/2017 8:34:12 AM: MAIL FROM: Recv 13/01/2017 8:34:12 AM: 250 2.1.0 Ok Sent 13/01/2017 8:34:12 AM: RCPT TO: Recv 13/01/2017 8:34:12 AM: 554 5.7.1 : Relay access denied Sent 13/01/2017 8:34:12 AM: RSET Recv 13/01/2017 8:34:13 AM: 250 2.0.0 Ok [root@Sserver]# tail -n 50 /var/log/maillog Jan 13 08:34:23 server/smtpd: NOQUEUE: reject: RCPT from xx.xx.xx.xx.isp.com[xx.xx.xx.xx]: 554 5.7.1 : Relay access denied; from= to= proto=ESMTP helo= Jan 13 08:34:23 server/smtpd: generic_checks: name=reject_unauth_destination status=2 Jan 13 08:34:23 server/smtpd: > xx.xx.xx.xx.isp.com[xx.xx.xx.xx]: 554 5.7.1 : Relay access denied Please let me know if any more logs or configuration extracts would be helpful. Thanks in advance

I'm really not sure what my issue is. I've checked several guides, and I am sure I have set this up correctly, including config fails, restarting the service, permissions etc. OS is Ubuntu Server. When testing with testsaslauthd -u myemail@mydomain-p password I only ever get: 0: NO "authentication failed" My postfix.conf (comments deleted): smtpd_sasl_auth_enable = yes smtpd_sasl_type = cyrus smtpd_sasl_path = smtpd smtpd_sasl_local_domain = $mydomain smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no append_dot_mydomain = no readme_directory = no smtpd_use_tls=no smtpd_relay_restrictions = permit_mynetworks defer_unauth_destination myhostname = mydomain alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = $myhostname localhost.$mydomain localhost $mydomain relayhost = mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 172.16.0.0/16 mailbox_command = mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all mydomain = mydomain home_mailbox = Maildir/ My smtp.conf for sasl pwcheck_method:auxprop auxprop_plugin: sasldb mech_list: PLAIN LOGIN CRAM-MD5 My saslauthd config: START=yes DESC="SASL Authentication Daemon" NAME="saslauthd" MECHANISMS="sasldb" MECH_OPTIONS="" THREADS=5 OPTIONS="-c -m /var/run/saslauthd" All permissions are correct and I have restarted the services to ensure. mail.warn shows the following: warning: unknown[myip]: SASL LOGIN authentication failed: authentication failure What can I do to troubleshoot?

When I run mbsync from the command line it works fine. But if mbsync is run from the crontab, mbsync fails with this error "Error: SASL(-1): generic failure:". My guess is that mbsync's SASL authentication requires an environment variable that cron is not setting, but after much trying I have not been able to spot the problem. Any ideas?

I can't seem to figure out how to get mbsync to work with OAuth for Gmail because I can't get mbsync to find the xoauth2 sasl plugin on Ubuntu. I'm fairly confident that everything about my mbsync config for OAuth is working correctly (e.g. manually testing the PassCmd successfully generates an access token) edit: I have installed sasl-bin via apt, and https://github.com/robn/sasl2-oauth from source. --- **Questions** - How can I manually "register" a sasl plugin for mbsync? (aka add it to the list of 'available' SASL mechanisms in the first log pasted below) - Could this issue be due to another component in my "email stack"? Some threads I've read suggest recompiling mutt from source, but I don't understand why mutt would be causing auth problems. --- Using mbsync installed via nix-env, I haven't been able to get past

C: 0/1  B: 0/0  M: +0/0 *0/0 #0/0  S: +0/0 *0/0 #0/0
IMAP error: selected SASL mechanism(s) not available;
   selected: XOAUTH2
   available: GS2-IAKERB GS2-KRB5 SCRAM-SHA-1 SCRAM-SHA-256 GSS-SPNEGO GSSAPI DIGEST-MD5 EXTERNAL OTP CRAM-MD5 PLAIN LOGIN ANONYMOUS
C: 1/1  B: 0/0  M: +0/0 *0/0 #0/0  S: +0/0 *0/0 #0/0

I've also tried reinstalling mbsync/isync from apt, as well as building isync from the source. Both of which result in the following error.

Notice: Master/Slave are deprecated; use Far/Near instead.
C: 0/1  B: 0/0  F: +0/0 *0/0 #0/0  N: +0/0 *0/0 #0/0
Error: SASL(-1): generic failure: Unable to find a callback: 32775
C: 1/1  B: 0/0  F: +0/0 *0/0 #0/0  N: +0/0 *0/0 #0/0

At first I define a new OU with the following LDIF with ldapadd -x -D "cn=admin,dc=nodomain" -W -f ./ou.ldif : root@debian:~# cat ou.ldif dn: OU=People,DC=nodomain objectClass: organizationalUnit ou: People description: Organizational Unit for Sales Department After the Authentication, ldap added my OU to ldap. Then I added my users.ldif into ldap via: root@debian:~# ldapadd -x -H ldap:/// -D "cn=admin,dc=nodomain" -W -f ./users.ldif Enter LDAP Password: adding new entry "uid=root,ou=People,dc=nodomain" adding new entry "uid=daemon,ou=People,dc=nodomain" adding new entry "uid=man,ou=People,dc=nodomain" adding new entry "uid=noody,ou=People,dc=nodomain" adding new entry "uid=systemd_network,ou=People,dc=nodomain" adding new entry "uid=tss,ou=People,dc=nodomain" adding new entry "uid=systemd-coredump,ou=People,dc=nodomain" adding new entry "uid=systemd-timesync,ou=People,dc=nodomain" adding new entry "uid=messagebus,ou=People,dc=nodomain" adding new entry "uid=usbmux,ou=People,dc=nodomain" adding new entry "uid=sshd,ou=People,dc=nodomain" adding new entry "uid=dnsmasq,ou=People,dc=nodomain" adding new entry "uid=avahi,ou=People,dc=nodomain" adding new entry "uid=speech-dispacher,ou=People,dc=nodomain" adding new entry "uid=fwupd-refresh,ou=People,dc=nodomain" adding new entry "uid=saned,ou=People,dc=nodomain" adding new entry "uid=sddm,ou=People,dc=nodomain" adding new entry "uid=geoclue,ou=People,dc=nodomain" adding new entry "uid=polkitd,ou=People,dc=nodomain" adding new entry "uid=rtkit,ou=People,dc=nodomain" adding new entry "uid=colord,ou=People,dc=nodomain" adding new entry "uid=gnome-initial-setup,ou=People,dc=nodomain" adding new entry "uid=tcpdump,ou=People,dc=nodomain" adding new entry "uid=postgres,ou=People,dc=nodomain" adding new entry "uid=mohsen,ou=People,dc=nodomain" adding new entry "uid=redis,ou=People,dc=nodomain" adding new entry "uid=pulse,ou=People,dc=nodomain" adding new entry "uid=Debian-gdm,ou=People,dc=nodomain" adding new entry "uid=hplip,ou=People,dc=nodomain" adding new entry "uid=strongswan,ou=People,dc=nodomain" adding new entry "uid=libvirt-qemu,ou=People,dc=nodomain" adding new entry "uid=nobody,ou=People,dc=nodomain" adding new entry "uid=systemd-network,ou=People,dc=nodomain" adding new entry "uid=mysql,ou=People,dc=nodomain" adding new entry "uid=avahi-autoipd,ou=People,dc=nodomain" adding new entry "uid=_galera,ou=People,dc=nodomain" adding new entry "uid=ftp,ou=People,dc=nodomain" adding new entry "uid=speech-dispatcher,ou=People,dc=nodomain" adding new entry "uid=Debian-exim,ou=People,dc=nodomain" adding new entry "uid=gnome-remote-desktop,ou=People,dc=nodomain" adding new entry "uid=cups-pk-helper,ou=People,dc=nodomain" Everything is ok, but when I want to search via : root@debian:~# ldapsearch -L -H ldap:/// -b cn=People,dc=nodomain,cn=admin ou SASL/SCRAM-SHA-512 authentication started Please enter your password: ldap_sasl_interactive_bind: Invalid credentials (49) additional info: SASL(-13): user not found: no secret in database Before defining OU and adding users, I didn't have any problem with the authentication. How can I solve this?

I am trying to setup sender access maps for restricting mail from address. However want to allow specific users to use different mailfrom. Users are authenticated by sasl (AD authentication configured within sasl) to connect on port 587 to postfix. In our scenario the postfix server is being used as a relay host which is going to accept emails from multiple apps (using diff domains). Requirement for setting mailfrom map: user1: notify@abc.com no-reply@abc.com noreply@xyz.com noreply@def.com user2: noreply@example.com noreply@example1.com user3: @foo.org - can use any mailfrom address within this domain I am able to setup sasl authentication via AD and also able to setup sender access maps, however, in sender_login file I have to mention all from addresses together. But we want to allow according to above example. Is it possible to do so? So two questions: - Is it possible for sasl to look for local auth and then go to AD? - How do I setup above requirement to allow users to set particular mailfrom addresses? Configuration files: main.cf

compatibility_level = 2
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
myhostname = mail.example.com
mydomain = example.com
myorigin = $mydomain
mydestination = $myhostname, localhost.$mydomain, localhost, example.com, foo.com
unknown_local_recipient_reject_code = 550
mynetworks = 10.1.1.100, 127.0.0.0/8
relay_domains = $mydestination
alias_maps = hash:/etc/aliases
header_checks = regexp:/etc/postfix/header_checks
smtpd_banner = $myhostname ESMTP $mail_name
debug_peer_level = 1
debugger_command =
         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
         ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/local/man
sample_directory = /etc/postfix
readme_directory = no
inet_protocols = ipv4
meta_directory = /etc/postfix
shlib_directory = no
smtpd_tls_cert_file = /etc/ssl/example.com/server.pem
smtpd_tls_key_file = /etc/ssl/example.com/server.key
smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CDC3-SHA, KRB5-DE5, CBC3-SHA
smtpd_tls_dh1024_param_file = ${config_directory}/dh4096.pem
smtp_tls_mandatory_ciphers = high
smtpd_tls_security_level = may
smtpd_tls_auth_only = yes
smtpd_sasl_type = cyrus
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = smtpd
smtpd_error_sleep_time = 0
smtpd_data_restrictions = reject_unauth_pipelining
qmgr_message_active_limit = 40000
qmgr_message_recipient_limit = 40000
transport_maps = hash:/etc/postfix/transport
virtual_alias_maps = hash:/etc/postfix/virtual
mailbox_size_limit = 104857600
message_size_limit = 26214400
default_process_limit = 500
smtpd_client_connection_count_limit = 500
home_mailbox = Maildir/
recipient_bcc_maps = hash:/etc/postfix/recipient_bcc_maps
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination, reject_unauth_destination
smtpd_sender_login_maps = hash:/etc/postfix/sender_login
smtpd_sender_restrictions = permit_mynetworks, check_sender_access hash:/etc/postfix/sender_login, reject_sender_login_mismatch

master.cf:

smtp      inet  n       -       n       -       -       smtpd
2525      inet  n       -       n       -       -       smtpd -o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject,reject
submission inet n       -       n       -       -       smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_tls_auth_only=yes
  -o smtpd_reject_unlisted_recipient=no
  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject

sender_login:

noreply@example.com OK
noreply@abc.com OK
noreply@def.com OK

# cat /etc/saslauthd.conf
ldap_servers: ldaps://10..1.11
ldap_search_base: ccccccc
ldap_filter: (sAMAccountName=%u)
ldap_bind_dn: ccccccc
ldap_password: cccccc
ldap_tls_reqcert: never

ldapsearch always outputs an authentication message with every query at the beginning: SASL/GSS-SPNEGO authentication started SASL username: user.principal@DOMAIN.NAME SASL SSF: 56 SASL data security layer installed. ... if I do ldapsearch -o ldif-wrap=no -b cn=,cn=groups,dc=lan,dc=,dc=de "(cn=.nextcloud.users)"|grep -v SASL it doesn't disappear. If append 2> /dev/null it doesn't help either. This is annoying I am looking for some way to not show this SASL output when I do ldapsearch queries. The ldapsearch command ist executed against a samba4-LDAP

I was going through a sg_format low-level format from 520-byte to 4096 native byte sectors - during the process, the system lost power and the server went down hard. Now in the the kernel, I'm getting the following errors and now I can't get a /dev device to try to re-try the low-level format again. Any help?

28 14:15:33 nas kernel: hpsa 0000:03:00.0: Acknowledging event: 0x80000000 (HP SSD Smart Path configuration change)
Aug 28 14:15:48 nas kernel: hpsa 0000:03:00.0: Acknowledging event: 0x80000002 (HP SSD Smart Path configuration change)
Aug 28 14:15:48 nas kernel: hpsa 0000:03:00.0: scsi 0:0:6:0: added Direct-Access     SAMSUNG  P043S1T9 EMC1920 PHYS DRV SSDSmartPathC                                 ap- En- Exp=1
Aug 28 14:15:48 nas kernel: hpsa can't handle SMP requests
Aug 28 14:15:48 nas kernel: scsi 0:0:6:0: Direct-Access     SAMSUNG  P043S1T9 EMC1920 ESFA PQ: 0 ANSI: 7
Aug 28 14:15:48 nas kernel: sd 0:0:6:0: [sde] 468975616 4096-byte logical blocks: (1.92 TB/1.75 TiB)
Aug 28 14:15:48 nas kernel: sd 0:0:6:0: Attached scsi generic sg8 type 0
Aug 28 14:15:48 nas kernel: sd 0:0:6:0: [sde] Write Protect is off
Aug 28 14:15:48 nas kernel: sd 0:0:6:0: [sde] Write cache: enabled, read cache: enabled, supports DPO and FUA
Aug 28 14:15:48 nas kernel: sd 0:0:6:0: [sde] Attached SCSI disk
Aug 28 14:15:49 nas kernel: hpsa 0000:03:00.0: CDB 28001bf3fff000000100000000000000 : protocol error
Aug 28 14:15:49 nas kernel: sd 0:0:6:0: [sde] tag#775 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
Aug 28 14:15:49 nas kernel: sd 0:0:6:0: [sde] tag#775 CDB: Read(10) 28 00 1b f3 ff f0 00 00 01 00
Aug 28 14:15:49 nas kernel: blk_update_request: I/O error, dev sde, sector 3751804800 op 0x0:(READ) flags 0x80700 phys_seg 1 prio cla                                 ss 0
Aug 28 14:15:49 nas kernel: sd 0:0:6:0: [sde] tag#304 FAILED Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK cmd_age=0s
Aug 28 14:15:49 nas kernel: sd 0:0:6:0: [sde] tag#304 Sense Key : Illegal Request [current]
Aug 28 14:15:49 nas kernel: sd 0:0:6:0: [sde] tag#304 Add. Sense: Logical unit not supported
Aug 28 14:15:49 nas kernel: sd 0:0:6:0: [sde] tag#304 CDB: Read(10) 28 00 1b f3 ff f0 00 00 01 00

I have postfix + dovecot + pgsql. All has been working. Recently I've changed something in the config to combat spam. Now I see this in the logs: localhost postfix/smtpd: warning: restriction `reject_authenticated_sender_login_mismatch' ignored: no SASL support localhost postfix/smtpd: warning: restriction `reject_unauthenticated_sender_login_mismatch' ignored: no SASL support localhost postfix/smtpd: warning: restriction `reject_authenticated_sender_login_mismatch' ignored: no SASL support localhost postfix/smtpd: warning: restriction `reject_unauthenticated_sender_login_mismatch' ignored: no SASL support But! $ postconf -a cyrus dovecot And $ ldd /usr/sbin/postfix | grep sasl libsasl2.so.3 => /usr/lib/libsasl2.so.3 (0x00007f9508e75000) If I remember correctly, I installed postfix via "pacman". Why the warning and how to fix it? upd1: sudo postconf | grep -i smtpd_sasl smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = no smtpd_sasl_exceptions_networks = smtpd_sasl_local_domain = smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous, noplaintext smtpd_sasl_service = smtp smtpd_sasl_tls_security_options = noanonymous smtpd_sasl_type = dovecot upd2: in master.cf I've found this: smtp inet n - n - - smtpd -o smtpd_sasl_auth_enable=no Can this be the reason? upd3: also: submission inet n - y - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes -o smtpd_sasl_type=dovecot -o smtpd_sasl_path=private/auth -o smtpd_sasl_security_options=noanonymous -o milter_macro_daemon_name=ORIGINATING -o smtpd_sasl_local_domain=$myhostname -o smtpd_client_restrictions=permit_sasl_authenticated, reject -o smtpd_recipient_restrictions=permit_sasl_authenticated, reject

I am running a shell script via X command within a SAS macro. I want to use a macro variable defined in SAS macro, in my shell script. I know if I pass that macro variable as parameter to shell script, I can resolve that within X command. For example, the following will work fine, I know:

%macro a;

%let var1=test;

X "abc.sh &var1";

%mend;
%a;

with this shell script:

echo "value is $1" >  myfile.txt

--- ## What I want:

%macro a;

%let var1=test;

X "abc.sh";

%mend;

%a;

with this shell script:

echo "value is &val1" >  myfile.txt

--- Is there any way to resolve macro variable in shell script? I did my research but couldn't find anything.

I would like to use my Thunderbird client to send mails trough my Postfix server running on port 25 (SMTP). I would like an authenticated and encrypted connection. I followed these documentations: - http://www.postfix.org/SASL_README.html#auxprop_sasldb - https://wiki.debian.org/PostfixAndSASL#Using_auxprop_with_sasldb It's easy to configure:

$ sudo apt install libsasl2-modules sasl2-bin
$ sudo saslpasswd2 -c -u example.com yugiohjcj
$ sudo sasldblistusers2

$ sudo vim /etc/postfix/sasl/smtpd.conf
pwcheck_method: auxprop
auxprop_plugin: sasldb
mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5

$ sudo vim /etc/postfix/main.cf
# SASL
cyrus_sasl_config_path = /etc/postfix/sasl
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous

$ sudo bash /etc/init.d/postfix restart

Here is how I configure Thunderbird: - Edit > Account Setttings > Outgoing Server (SMTP) - Server Name: example.com - Port: 25 - Connection Security: STARTTLS - Authentication Method: Normal password - User Name: yugiohjcj@example.com When the mail is sent from Thunderbird, I can read this in the Postfix logs:

postfix/smtpd: connect from 1.2.3.4.subs.proxad.net[1.2.3.4]
postfix/smtpd: 39AB821458: client=1.2.3.4.subs.proxad.net[1.2.3.4], sasl_method=PLAIN, sasl_username=yugiohjcj@example.com
postfix/cleanup: 39AB821458: message-id=
opendkim: 39AB821458: DKIM-Signature field added (s=2023, d=example.com)
postfix/qmgr: 39AB821458: from=, size=690, nrcpt=1 (queue active)
postfix/smtpd: disconnect from 1.2.3.4.subs.proxad.net[1.2.3.4] ehlo=2 starttls=1 auth=1 mail=1 rcpt=1 data=1 quit=1 commands=8
postfix/smtp: 39AB821458: to=, relay=gmail-smtp-in.l.google.com[64.233.184.26]:25, delay=0.7, delays=0.08/0.01/0.31/0.3, dsn=2.0.0, status=sent (250 2.0.0 OK  1678874625 bh21-20020a05600c3d1500b003da0d302eb6si1264054wmb.27 - gsmtp)
postfix/qmgr: 39AB821458: removed

So, the mail is received on my Postfix server then forwarded to my @gmail.com address as expected (I am using a ~/.forward file for this). However, I see nothing about encryption. Is my connection to my Postfix server encrypted? If not, how can I fix that please? Thank you. Best regards.

Before I continue, I have looked at tons of posts online about saying that the protocols are not setup, and have tried what they have offered, but all of them do not help, and don't seem to resolve the issue. I am having some issues, with setting up dovecot. I have been following this guide: http://www.krizna.com/ubuntu/setup-mail-server-ubuntu-14-04/ to setup a mail server, and it was all working. Postfix is installed and configured correctly. As I was doing the Dovecot installation, it asked me about using telnet to connect and verify the connections were working (in the guide) and whether ports: **110,995,993,143** work. But only ports **995** and **993** allow me to connect, but they do not show any kind of: '+OK Dovecot (Ubuntu) ready.' on them. I see this in /var/log/mail.log: Jun 26 09:05:07 master: Info: Dovecot v2.2.9 starting up (core dumps disabled) Jun 26 09:05:07 config: Warning: service auth { client_limit=1000 } is lower than required under max. load (6000) Jun 26 09:05:07 config: Warning: service anvil { client_limit=1000 } is lower than required under max. load (6003) Even when I connect to the **993** and **995** ports. When I try the other ones, I just get: telnet: Unable to connect to remote host: Connection refused The process is running, and I can't see no errors. This is the output of **dovecot -n** # 2.2.9: /etc/dovecot/dovecot.conf doveconf: Warning: service auth { client_limit=1000 } is lower than required under max. load (6000) doveconf: Warning: service anvil { client_limit=1000 } is lower than required under max. load (6003) # OS: Linux 3.14.32-xxxx-grs-ipv6-64 x86_64 Ubuntu 14.04.5 LTS auth_mechanisms = plain login default_process_limit = 2000 first_valid_uid = 0 imap_idle_notify_interval = 4 mins listen = * :: log_path = /var/log/mail.log mail_access_groups = spampd mail_location = maildir:~/Maildir mail_privileged_group = mail namespace inbox { inbox = yes location = mailbox Archive { auto = subscribe special_use = \Archive } mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox INBOX { auto = subscribe } mailbox Junk { special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Spam { auto = subscribe special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { antispam_allow_append_to_spam = yes antispam_backend = pipe antispam_pipe_program = /bin/bash antispam_pipe_program_notspam_args = /usr/local/bin/sa-learn-pipe.sh;--ham antispam_pipe_program_spam_args = /usr/local/bin/sa-learn-pipe.sh;--spam antispam_spam_pattern_ignorecase = SPAM antispam_trash_pattern_ignorecase = trash;Deleted * fts = lucene fts_lucene = whitespace_chars=@. sieve = /home/user-data/mail/sieve/%d/%n.sieve sieve_after = /home/user-data/mail/sieve/global_after sieve_before = /etc/dovecot/sieve-spam.sieve sieve_before2 = /home/user-data/mail/sieve/global_before sieve_dir = /home/user-data/mail/sieve/%d/%n } postmaster_address = postmaster@mail.dannysmc.com protocols = imap pop3 imap pop3 service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } } service imap-login { inet_listener imap { port = 0 } } service lmtp { inet_listener lmtp { address = 127.0.0.1 port = 10026 } } service pop3-login { inet_listener pop3 { port = 0 } } ssl = required ssl_cert =