Relay implementation does not work on smtp outlook

Hello everyone, I finally saw the implementation of the relay on mail with the v 1.40

Unfortunately, compared to the previous tests, nothing has changed compared to the manual configuration with podman, that is, I always get the same error using TLS and port 587:

SASL authentication failed; cannot authenticate to server smtp-mail.outlook.com[52.98.159.22]: no mechanism available

On neth7 it always worked …Without further changes .

Where did you find this error? Is it from the UI validation or is it a Mail log line?

I don’t have an Outlook account to run a test, but from that server response AUTH LOGIN is available so I’d expect it works…

openssl s_client -starttls smtp -connect smtp-mail.outlook.com:587 -crlf
...
EHLO nethesis.it
250-MI1P293CA0024.outlook.office365.com Hello [80.17.99.73]
250-SIZE 157286400
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-AUTH LOGIN XOAUTH2
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250 SMTPUTF8
QUIT
DONE

Hi Davide and thank you for answering, what you read is from the gui, but to follow you will report an excerpt from the journal …

May 16 18:25:45 ns8 postfix/smtp[12141]: Untrusted TLS connection established to smtp-mail.outlook.com[52.98.163.38]:587: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (secp384r1) server-signature RSA-PSS (2048 bits) server-digest SHA256
May 16 18:25:45 ns8 postfix/smtp[12141]: warning: SASL authentication failure: No worthy mechs found
May 16 18:25:45 ns8 postfix/smtp[12141]: 0BAF0A4C31: SASL authentication failed; cannot authenticate to server smtp-mail.outlook.com[52.98.163.38]: no mechanism available

So you saved a relay rule but mail cannot be sent, can you confirm?

If so, there is probably a bug in the Postfix container.

Yes, here is the rule:

I don’t know but probably, as as previously written on neth7 it has been working wonderfully for years.

1 Like

Bug filed here

3 Likes
2 Likes

api-cli run update-module --data '{"module_url":"ghcr.io/nethserver/mail:1.4.1-dev.1","instances":["mail1"],"force":true}'

if you want to test the fix to help the development, adjust with the module_id of your mail module (check the status page of the module)