Facebook
Twitter
Chris1
Regular Pleskian
Hello 
I have a strange issue which is causing our clients to be banned by the "plesk-postfix" Fail2Ban jail.
These clients were recently migrated from Plesk 10 to the current Plesk 12 server.
We are seeing the following in /var/log/maillog
Notes:
For privacy reasons
Clients IP has been replaced with 111.111.111.111
Clients hostname has been replaced with hostname.isp.com
Our server name has been replaced with plesk-1
Email address has been changed to [email protected]
So it seems that the client attempts to authenticate with Postfix, it issues an authentication failure but then immediately successfully logs in, sends the email and then disconnects from the server.
Why are we getting a failure when they have the correct login details and are successfully logging in?
I have replicated this problem on a different computer on a different internet connection/IP.
Has anyone run into this problem before?
Update:
This also appears to be happening on our other Plesk 12 servers on domains that haven't been migrated from Plesk 10.
I've found that by removing DIGEST-MD5 from the mech_list in /usr/lib64/sasl2/smtpd.conf it prevents the authentication failure. Is this a proper fix though?
This is my /usr/lib64/sasl2/smtpd.conf file:
I've tested the following clients:
Samsung S4 - Uses Plain method by default, no problem
Outlook 2010 - Uses DIGEST-MD5 by default, problem as shown above
Outlook 2013 - Uses DIGEST-MD5 by default, problem as shown above
Thunderbird - Uses Plain method by default, no problem
I have a strange issue which is causing our clients to be banned by the "plesk-postfix" Fail2Ban jail.
These clients were recently migrated from Plesk 10 to the current Plesk 12 server.
We are seeing the following in /var/log/maillog
Code:
Sep 30 13:22:14 plesk-1 postfix/smtpd[276918]: connect from hostname.isp.com[111.111.111.111]
Sep 30 13:22:15 plesk-1 postfix/smtpd[276918]: warning: hostname.isp.com[111.111.111.111]: SASL DIGEST-MD5 authentication failed: authentication failure
Sep 30 13:22:15 plesk-1 postfix/smtpd[276918]: 423168A1213: client=hostname.isp.com[111.111.111.111], sasl_method=LOGIN, [email protected]
Sep 30 13:22:15 plesk-1 postfix/smtpd[276918]: disconnect from hostname.isp.com[111.111.111.111]Notes:
For privacy reasons
Clients IP has been replaced with 111.111.111.111
Clients hostname has been replaced with hostname.isp.com
Our server name has been replaced with plesk-1
Email address has been changed to [email protected]
So it seems that the client attempts to authenticate with Postfix, it issues an authentication failure but then immediately successfully logs in, sends the email and then disconnects from the server.
Why are we getting a failure when they have the correct login details and are successfully logging in?
I have replicated this problem on a different computer on a different internet connection/IP.
Has anyone run into this problem before?
Update:
This also appears to be happening on our other Plesk 12 servers on domains that haven't been migrated from Plesk 10.
I've found that by removing DIGEST-MD5 from the mech_list in /usr/lib64/sasl2/smtpd.conf it prevents the authentication failure. Is this a proper fix though?
This is my /usr/lib64/sasl2/smtpd.conf file:
Code:
pwcheck_method: auxprop saslauthd
auxprop_plugin: plesk
saslauthd_path: /var/spool/postfix/private/plesk_saslauthd
mech_list: DIGEST-MD5 CRAM-MD5 PLAIN LOGIN
sql_engine: intentionally disabled
log_level: 4I've tested the following clients:
Samsung S4 - Uses Plain method by default, no problem
Outlook 2010 - Uses DIGEST-MD5 by default, problem as shown above
Outlook 2013 - Uses DIGEST-MD5 by default, problem as shown above
Thunderbird - Uses Plain method by default, no problem
Last edited:
