My postfix does not send AUTH PLAIN to the outgoing relay server. It must have worked a couple of days ago, but now I get "relay not permitted" bounce mails.
The mail system runs in an Alpine Linux VM using postfix, fetchmail and dovecot. Postfix uses the Cyrus SASL lib, not the dovecot one.
Relevant part of main.cf:
relayhost = [RELAY_HOST]
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/mailsrv/etc/postfix/sasl_passwd
smtp_sasl_security_options =
sasl_passwd:
[RELAY_HOST] USER:PASSWORD
I captured an outgoing session with tcpdump and no AUTH PLAIN is sent. I tested sending mail manually with telnet using the proper AUTH PLAIN line and it worked.
So my interpretation is, that postfix does not decide to use SASL / AUTH PLAIN at some point.
What could be the problem?
Permissions should be ok, postmap has been called, postfix restarted and reloaded, libsasl is installed and postfix reports to have been built with cyrus. I know it is a cliche, but the system used to work a couple of days ago. Could some certificate expiry be a problem here, which I don't see in the logs?
EHLO
response? (I've seen some servers which let the admin "disable" authentication but really just remove it from the offer list...)220 ******************************************************************************************
. Maybe this is the reason why it suddenly did not work. The provider might have changed that.