SMTP(postfix) authentication doesn't work

jongsic · October 13, 2015, 7:37am

environment

VERSION : 1.0.0
DOCKER IMAGE : self-build, because to use mysql-outside, use VOLUME to store data, and use smtp-outside

postfix

I used postfix to mail notification with docker image : https://github.com/catatnight/docker-postfix

docker run -e maildomain=mail.my.com -e smtp_user=smtp:userpass --name postfixhost -d catatnight/postfix

and test success ( authentication : smtp@mail.my.com / userpass )

configuration

"EmailSettings": {
        "SMTPUsername": "smtp@mail.my.com",
        "SMTPPassword": "userpass",
        "SMTPServer": "postfixhost",
        "SMTPPort": "25",
        "ConnectionSecurity": "",
    }

docker run --name mattermost --publish 8080:80 -v /docker/mattermost/data:/mattermost-data --link mysql:mysql --link postfixhost:postfixhost -d mattermost:1.0.0

it doesnt works

Failed to add to email address [details: 454 4.7.1 <MYID@gmail.com>: Relay access denied

resolved

I installed postfix locally with no authentication (just “apt-get install postfix” and start)

and

"EmailSettings": {
        "SMTPUsername": "",
        "SMTPPassword": "",
        "SMTPServer": "localhost",
        "SMTPPort": "25",
        "ConnectionSecurity": "",
    }

it works.

what is the problem?

coreyhulen · October 13, 2015, 4:30pm

maybe something similar to http://serverfault.com/questions/612159/smtp-dont-work-when-try-to-send-mail-from-mail-clinet

Basically mattermost is able to see and connect to the smtp server, but the email server is rejecting the “to address”. I suspect it’s the check_recipient_access property.

from http://serverfault.com/questions/42519/how-to-correct-postfix-relay-access-denied

The relaying denied message occurs because the smtpd_recipient_restrictions rules was not matched. One of those conditions must be fulfilled to allow the message to go through:

smtpd_recipient_restrictions =
    permit_sasl_authenticated
    check_recipient_access hash:/etc/postfix/filtered_domains
    permit_mynetworks
    reject_unauth_destination
To explain those rules:

permit_sasl_authenticated
permits authenticated senders through SASL. This will be necessary to authenticate users outside of your network which are normally blocked.

check_recipient_access
This will cause postfix to look in /etc/postfix/filtered_domains for rules based on the recipient address. (Judging by the file name on the file name, it is probably just blocking specific domains... Check to see if gmail.com is listed in there?)

permit_mynetworks
This will permit hosts by IP address that match IP ranges specified in $mynetworks. In the main.cf you posted, $mynetworks was set to 127.0.0.1, so it will only relay emails generated by the server itself.

jongsic · October 14, 2015, 6:35am

thank you for reply. im sorry you had to care,

I misunderstood GO’s smtp supports

i found the reason of that situation

github.com

mattermost/mattermost-server/blob/master/utils/mail.go

// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
// See License.txt for license information.

package utils

import (
	"crypto/tls"
	"mime"
	"net"
	"net/mail"
	"net/smtp"
	"time"

	"gopkg.in/gomail.v2"

	"net/http"

	l4g "github.com/alecthomas/log4go"
	"github.com/mattermost/html2text"
	"github.com/mattermost/mattermost-server/model"

This file has been truncated. show original

so i setup my postfix with no auth, and resolved.

coreyhulen · October 14, 2015, 2:32pm

Awesome, glad you found the issue.

jreimone · June 30, 2016, 9:34am

I also tried to use the catatnight/postfix image as the postfix host. I use the mattermost team edition and, thus, adjusted the docker-compose.yml file as follows:

postfix:
  image: catatnight/postfix
  environment:
    - maildomain=my.domain.com
    - smtp_user=user:pass
  expose:
    - 25
db:
  build: db
  volumes:
    - ./volumes/db/var/lib/postgresql/data:/var/lib/postgresql/data
    - /etc/localtime:/etc/localtime:ro
  # uncomment the following to enable backup
  #environment:
  #  - AWS_ACCESS_KEY_ID=XXXX
  #  - AWS_SECRET_ACCESS_KEY=XXXX
  #  - WALE_S3_PREFIX=s3://BUCKET_NAME/PATH
  #  - AWS_REGION=us-east-1
app:
  build: app
  links:
    - db:db
    - postfix
  volumes:
    - ./volumes/app/mattermost/config:/mattermost/config:rw
    - ./volumes/app/mattermost/data:/mattermost/data:rw
    - /etc/localtime:/etc/localtime:ro
web:
  build: web
  ports:
    - "8065:80"
    - "443:443"
  links:
    - app:app
  volumes:
      # This directory must have cert files
    - ./volumes/web/cert:/cert:ro
    - /etc/localtime:/etc/localtime:ro
  environment:
    - MATTERMOST_ENABLE_SSL=false
    - PLATFORM_PORT_80_TCP_PORT=80

@jongsic, can you clearify what you did exactly to deactivate authentication in the catatnight/postfix container?

Topic		Replies	Views
Mattermost wont connect to postfix Troubleshooting	16	5529	August 2, 2017
SMTP / Email configuration needs improvment Design Feedback Request	0	1041	January 12, 2020
Mattermost won't send email with Postfix Troubleshooting	2	888	August 25, 2022
How do I change default email settings? Installation	3	4045	July 28, 2015
Private SMTP email is not working in v4.5.0 Troubleshooting	5	1246	January 4, 2018