# Postfix settings - somethings not right.

## CurtE

The instructions state to verify settings by:

# telnet localhost 25

Trying 127.0.0.1...

Connected to localhost.

Escape character is '^]'.

220 mail.domain.com ESMTP Postfix

EHLO domain.com

250-mail.domain.com

250-PIPELINING

250-SIZE 10240000

250-VRFY

250-ETRN

250-STARTTLS

250-AUTH LOGIN PLAIN

250-AUTH=LOGIN PLAIN

250-XVERP

250 8BITMIME

Mine is:

csmn1 misc # telnet localhost 25

Trying 127.0.0.1...

Connected to localhost.

Escape character is '^]'.

220 csmn1.cs-mn.com ESMTP Postfix

EHLO cs-mn.com

250-csmn1.cs-mn.com

250-PIPELINING

250-SIZE 10240000

250-VRFY

250-ETRN

250-STARTTLS

250-ENHANCEDSTATUSCODES

250-8BITMIME

250 DSN

Why am I not getting AUTH LOGIN PLAIN?

----------

## Mike Hunt

Do you have dev-libs/cyrus-sasl installed and configured and tls support configured in postfix?

This should provide some clues

----------

## malern

Do you have "smtpd_tls_auth_only = yes" in your main.cf? That will stop postfix from allowing plain logins http://www.postfix.org/postconf.5.html#smtpd_tls_auth_only

Really, if all your clients support TLS then you're better off without plain logins anyway.

----------

## CurtE

Thanks Malern, that was it.  The doc that Mike refered to is what I'm using but I had tested it before and it work.  Later, I had uncommented the line you mentioned.

I'm still having an issue with SquirrelMail and going over all the settings before I cry for help.

----------

## CurtE

Additional Postfix item, this (only a partial of log) appears in my /var/log/messages and displays a lot of info (including MySQL passwords).  It looks like a debug or verbose mode, how do I turn it off?

```
Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  permit_inet_interfaces

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: expand $smtpd_sasl_security_options -> noanonymous

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  /etc/postfix/newcert.pem

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  /etc/postfix/newkey.pem

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: expand $smtpd_tls_dcert_file -> 

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  /etc/postfix/cacert.pem

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  medium

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  SSLv3, TLSv1

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  md5

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  cyrus

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  j {daemon_name} v

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  {tls_version} {cipher} {cipher_bits} {cert_subject} {cert_issuer}

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  i {auth_type} {auth_authen} {auth_author} {mail_addr}

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  i {rcpt_addr}

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  i

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  i

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  i

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  2

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: const  tempfail

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: expand $myhostname -> csmn1.cs-mn.com

Sep  8 23:56:24 csmn1 postfix/smtpd[7056]: dict_eval: expand $mail_name $mail_version -> Postfix 2.5.7
```

----------

## malern

Comment out the "smtpd_tls_loglevel = 3" line.

The docs say it should only be set to 3 if you are having problems, http://www.postfix.org/postconf.5.html#smtpd_tls_loglevel

----------

## CurtE

Sorry for not responding sooner, it looks like my Squirrel Mail issue is due to an IMAP problem.

"smtpd_tls_loglevel = 3" was changed to "smtpd_tls_loglevel = 0" 

Also,

"smtp_tls_loglevel = 3" was changed to "smtp_tls_loglevel = 0" 

Some of the output has disappeared.

Still have many of these:

```
postfix/smtpd[13803]: generic_checks: name=permit_sasl_authentication

Sep 22 22:59:17 csmn1 postfix/smtpd[13803]: warning: unknown smtpd restriction: "permit_sasl_authentication"

Sep 22 22:59:17 csmn1 postfix/smtpd[13803]: NOQUEUE: reject: RCPT from avh230.internetdsl.tpnet.pl[83.18.33.230]: 451 4.3.5 Server configuration error; from=<DorakennecottGarland@lubbockonline.com> to=<forum@reunions-with-flair.com> proto=SMTP helo=<osm8147044b22b>

Sep 22 22:59:17 csmn1 postfix/smtpd[13803]: > avh230.internetdsl.tpnet.pl[83.18.33.230]: 451 4.3.5 Server configuration error

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: smtp_get: EOF

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: match_hostname: avh230.internetdsl.tpnet.pl ~? 70.89.201.10

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: match_hostaddr: 83.18.33.230 ~? 70.89.201.10

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: match_hostname: avh230.internetdsl.tpnet.pl ~? 127.0.0.0/8

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: match_hostaddr: 83.18.33.230 ~? 127.0.0.0/8

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: match_list_match: avh230.internetdsl.tpnet.pl: no match

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: match_list_match: 83.18.33.230: no match

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: send attr request = disconnect

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: send attr ident = smtp:83.18.33.230

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: private/anvil: wanted attribute: status

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: input attribute name: status

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: input attribute value: 0

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: private/anvil: wanted attribute: (list terminator)

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: input attribute name: (end)

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: lost connection after RCPT from avh230.internetdsl.tpnet.pl[83.18.33.230]

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: smtpd_chat_notify: notify postmaster

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: connect to subsystem public/cleanup

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: public/cleanup socket: wanted attribute: queue_id

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: input attribute name: queue_id

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: input attribute value: 2B3B61B478D

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: public/cleanup socket: wanted attribute: (list terminator)

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: input attribute name: (end)

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: send attr flags = 32

Sep 22 22:59:18 csmn1 postfix/cleanup[13808]: 2B3B61B478D: message-id=<20090923035918.2B3B61B478D@csmn1.cs-mn.com>

Sep 22 22:59:18 csmn1 postfix/qmgr[6749]: 2B3B61B478D: from=<double-bounce@csmn1.cs-mn.com>, size=1096, nrcpt=1 (queue active)

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: public/cleanup socket: wanted attribute: status

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: input attribute name: status

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: input attribute value: 0

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: public/cleanup socket: wanted attribute: (list terminator)

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: input attribute name: reason

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: input attribute value: (end)

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: public/cleanup socket: wanted attribute: (list terminator)

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: input attribute name: (end)

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: disconnect from avh230.internetdsl.tpnet.pl[83.18.33.230]

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: master_notify: status 1

Sep 22 22:59:18 csmn1 postfix/smtpd[13803]: connection closed

Sep 22 22:59:18 csmn1 postfix/local[13810]: 2B3B61B478D: to=<postmaster@cs-mn.com>, orig_to=<postmaster>, relay=local, delay=0.05, delays=0.02/0.01/0/0.01, dsn=2.0.0, status=sent (delivered to maildir)

Sep 22 22:59:18 csmn1 postfix/qmgr[6749]: 2B3B61B478D: removed

Sep 22 22:59:20 csmn1 postfix/smtpd[13803]: auto_clnt_close: disconnect private/tlsmgr stream

Sep 22 22:59:22 csmn1 postfix/smtpd[13803]: rewrite stream disconnect

```

These all seem to be double-bounce messages.  Is there a place to turn off this "debug" type messaging until I get the IMAP staightened out?

----------

