SMTP(postfix) authentication doesn't work

jongsic · October 13, 2015, 7:37am

environment

VERSION : 1.0.0
DOCKER IMAGE : self-build, because to use mysql-outside, use VOLUME to store data, and use smtp-outside

postfix

I used postfix to mail notification with docker image : https://github.com/catatnight/docker-postfix

docker run -e maildomain=mail.my.com -e smtp_user=smtp:userpass --name postfixhost -d catatnight/postfix

and test success ( authentication : smtp@mail.my.com / userpass )

configuration

"EmailSettings": {
        "SMTPUsername": "smtp@mail.my.com",
        "SMTPPassword": "userpass",
        "SMTPServer": "postfixhost",
        "SMTPPort": "25",
        "ConnectionSecurity": "",
    }

docker run --name mattermost --publish 8080:80 -v /docker/mattermost/data:/mattermost-data --link mysql:mysql --link postfixhost:postfixhost -d mattermost:1.0.0

it doesnt works

Failed to add to email address [details: 454 4.7.1 <MYID@gmail.com>: Relay access denied

resolved

I installed postfix locally with no authentication (just “apt-get install postfix” and start)

and

"EmailSettings": {
        "SMTPUsername": "",
        "SMTPPassword": "",
        "SMTPServer": "localhost",
        "SMTPPort": "25",
        "ConnectionSecurity": "",
    }

it works.

what is the problem?

coreyhulen · October 13, 2015, 4:30pm

maybe something similar to http://serverfault.com/questions/612159/smtp-dont-work-when-try-to-send-mail-from-mail-clinet

Basically mattermost is able to see and connect to the smtp server, but the email server is rejecting the “to address”. I suspect it’s the check_recipient_access property.

from http://serverfault.com/questions/42519/how-to-correct-postfix-relay-access-denied

The relaying denied message occurs because the smtpd_recipient_restrictions rules was not matched. One of those conditions must be fulfilled to allow the message to go through:

smtpd_recipient_restrictions =
    permit_sasl_authenticated
    check_recipient_access hash:/etc/postfix/filtered_domains
    permit_mynetworks
    reject_unauth_destination
To explain those rules:

permit_sasl_authenticated
permits authenticated senders through SASL. This will be necessary to authenticate users outside of your network which are normally blocked.

check_recipient_access
This will cause postfix to look in /etc/postfix/filtered_domains for rules based on the recipient address. (Judging by the file name on the file name, it is probably just blocking specific domains... Check to see if gmail.com is listed in there?)

permit_mynetworks
This will permit hosts by IP address that match IP ranges specified in $mynetworks. In the main.cf you posted, $mynetworks was set to 127.0.0.1, so it will only relay emails generated by the server itself.

jongsic · October 14, 2015, 6:35am

thank you for reply. im sorry you had to care,

I misunderstood GO’s smtp supports

i found the reason of that situation

github.com

mattermost/mattermost-server/blob/master/utils/mail.go

// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
// See License.txt for license information.

package utils

import (
	"crypto/tls"
	"mime"
	"net"
	"net/mail"
	"net/smtp"
	"time"

	"gopkg.in/gomail.v2"

	"net/http"

	l4g "github.com/alecthomas/log4go"
	"github.com/mattermost/html2text"
	"github.com/mattermost/mattermost-server/model"

This file has been truncated. show original

so i setup my postfix with no auth, and resolved.

coreyhulen · October 14, 2015, 2:32pm

Awesome, glad you found the issue.

jreimone · June 30, 2016, 9:34am

I also tried to use the catatnight/postfix image as the postfix host. I use the mattermost team edition and, thus, adjusted the docker-compose.yml file as follows:

postfix:
  image: catatnight/postfix
  environment:
    - maildomain=my.domain.com
    - smtp_user=user:pass
  expose:
    - 25
db:
  build: db
  volumes:
    - ./volumes/db/var/lib/postgresql/data:/var/lib/postgresql/data
    - /etc/localtime:/etc/localtime:ro
  # uncomment the following to enable backup
  #environment:
  #  - AWS_ACCESS_KEY_ID=XXXX
  #  - AWS_SECRET_ACCESS_KEY=XXXX
  #  - WALE_S3_PREFIX=s3://BUCKET_NAME/PATH
  #  - AWS_REGION=us-east-1
app:
  build: app
  links:
    - db:db
    - postfix
  volumes:
    - ./volumes/app/mattermost/config:/mattermost/config:rw
    - ./volumes/app/mattermost/data:/mattermost/data:rw
    - /etc/localtime:/etc/localtime:ro
web:
  build: web
  ports:
    - "8065:80"
    - "443:443"
  links:
    - app:app
  volumes:
      # This directory must have cert files
    - ./volumes/web/cert:/cert:ro
    - /etc/localtime:/etc/localtime:ro
  environment:
    - MATTERMOST_ENABLE_SSL=false
    - PLATFORM_PORT_80_TCP_PORT=80

@jongsic, can you clearify what you did exactly to deactivate authentication in the catatnight/postfix container?

Topic		Replies	Views
Failed to send password reset e-mail successfully to different domains Troubleshooting	3	1478	August 26, 2020
[Solved] Password reset without email Troubleshooting	6	22894	September 22, 2016
Self Host Dependencies Troubleshooting	6	267	July 4, 2023
[Solved] Ashamed and locked out :( Troubleshooting	2	165	February 8, 2024
SMTP Gmail connection Troubleshooting	2	2509	July 12, 2016