[TriLUG] MTA to MTA through mail.trilug.org

Ken Mink ken.mink at gmail.com
Tue May 16 17:11:17 EDT 2006


On 5/16/06, Tanner Lovelace <clubjuggler at gmail.com> wrote:
>
> On 5/16/06, Ken Mink <ken.mink at gmail.com> wrote:
> > Here's what's in my log:
> > May 16 15:41:57 bwg3 postfix/smtp[12635]: certificate verification
> failed
> > for mail.trilug.org: num=19:self signed certificate in certificate chain
> > May 16 15:41:57 bwg3 postfix/smtp[12635]: Server certificate could not
> be
> > verified
> > May 16 15:41:58 bwg3 postfix/smtp[12635]: 0A8474280D: to=<
> > address at other.domain>, relay=mail.trilug.org[64.244.27.142], delay=2,
> > status=deferred (Authentication failed: SASL authentication failed;
> server
> > mail.trilug.org[64.244.27.142] said: 535 Error: authentication failed)
>
> Ken,
>
> While it is try that you have an SSL error, that's not what's stopping
> your email from going through.  The last message is what's causing
> trilug not to relay.  As all good e-mail servers are configured, the
> TriLUG
> mail server is configured to NOT relay mail, except in one very special
> circumstance.  That circumstance is when you've authenticated with
> a valid username and password (alternatively, I think it may relay when
> mail is sent from localhost too, but we may want to reconsider that).
> So, your postfix must be configured with your username and password
> for the TriLUG mail server to relay.  This means you will have to store
> it in plaintext on your server at home and that, sadly, is a violation
> of the TriLUG Terms of Service (or at least it would be if we had
> ever written them down completely).  So, I would suggest what
> Chris suggested that you relay through the RoadRunner SMTP
> servers, since that's what they're their for when you have RR service.


I understand that postfix needs to be set up for an authenticated
connection. I believe I've got that configured correctly with the
smtp_sasl_password_maps
variable. But I guess not.

As for using RR was a relay, I'm slightly tinfoil hatish and I don't want RR
storing every email I send.

Oh well, thanks for the help.

Ken

Cheers,
> Tanner
> P.S. TriLUG switched to a CACert SSL Cert for the web server
> during the last meeting but we should now also go ahead and
> do the same thing for smtp, imap and pop too at some point.
> One more thing to add to the agenda of the soon to be formed
> Sys Admin committee?
>
> --
> Tanner Lovelace
> clubjuggler at gmail dot com
> http://wtl.wayfarer.org/
> (fieldless) In fess two roundels in pale, a billet fesswise and an
> increscent, all sable.
> --
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
>



-- 
---------------------------------------------
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."--Benjamin Franklin
" 'Necessity' is the plea for every infringement of human liberty; it
is the argument of tyrants; it is the creed of slaves."--William Pitt



More information about the TriLUG mailing list