Warning: SBC Yahoo SMTP Auth possibly broken

Forums » Tech and Talk » OS and Software » All Things Unix » Warning: SBC Yahoo SMTP Auth possibly broken


Uniqs: 2958	Share Topic:	RSS topic:	toggle: flat / full normal / watch	Posting:	Post a:	Post a:

Links: ·Forum FAQ ·Attitude Adjustment ·Linux docs ·DistroWatch ·OPLM ·FreeBSD Handbook

blocking content »
« Richard Stallman was in town

MikeStammer
No prison can hold me
Premium
join:2002-12-26
Aurora, IL

1 edit

Warning: SBC Yahoo SMTP Auth possibly broken

(I post this here since its, in my case, postfix related)

seems they changed something recently.

I think SBC just broke SMTP AUTH again in things like sendmail and postfix. this morning I had errors at 2 sites.

Seems they changed the IP that smtp-sbc-v1.mail.vip.sc5.yahoo.com resolves to. I had to hard code the IP of what smtp-sbc-v1.mail.vip.sc5.yahoo used to resolve to to get it working again. The old IP (the one that works) is 63.230.177.41. If you resolve the IP based on the hostname now and try to SMTP auth (at least with sasl) it doesnt work. it complains that authentication is needed, etc.

anyone else seeing this and/or have info on how to fix this to NOT use IP addresses?

permalink · 2005-06-24 10:12:05 · Print ·

nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL

·AT&T U-Verse

·AT&T Midwest

Re: Warning: SBC Yahoo SMTP Auth possibly broken

I can't help you with postfix. I use sendmail.

I can comment for sendmail users.

I just tried sending mail, and it worked fine the first try. But it would not have worked if I had a default configuration.

I am supposed to send email to "smtp.ameritech.yahoo.com". That used to be a CNAME for "smtp-sbc-v1.mail.vip.sc5.yahoo.com" or something similar. Incidently, I just copied that name from MikeStammer

's post, since it looked familiar.

With a standard sendmail configuration, my authentication table entry would have needed to specify authentication for "smtp-sbc-v1.mail.vip.sc5.yahoo.com", or just for "yahoo.com" since it applies to abbreviations.

What has changed, is that now, "smtp.ameritech.yahoo.com" appears to be a CNAME for "smtp-sbc.mail.yahoo.com" which, in turn, is a CNAME for "smtp.sbc.mail.yahoo4.akadns.net". So my authentication table entry would need to specify "smtp.sbc.mail.yahoo4.akadns.net" as the host, or just "akadns.net" would do.

However, I have configured


define(`confDONT_EXPAND_CNAMES', `True')

and, as a result, sendmail does not expand CNAMEs. This way my authentication table entry should be for "smtp.ameritech.yahoo.com" or for just "yahoo.com". And that's likely to not change, even when they alter the CNAME. Or at least it is not likely to change without prior notification to SBC users.

I don't know if this will help you with postfix, but perhaps it at least helps explain part of what is going on.

permalink · 2005-06-25 19:47:14 · Print ·

sporkme drop the crantini and move it, sister Premium,MVM join:2000-07-01 Morristown, NJ	Just curious, on the one that does not work, is smtp-auth advertised when you say "EHLO"? ie: 250-AUTH LOGIN PLAIN XYMCOOKIE
	permalink · 2005-06-26 00:45:06 ·

MikeStammer
No prison can hold me
Premium
join:2002-12-26
Aurora, IL

Re: Warning: SBC Yahoo SMTP Auth possibly broken

said by sporkme

:

Just curious, on the one that does not work, is smtp-auth advertised when you say "EHLO"?

ie: 250-AUTH LOGIN PLAIN XYMCOOKIE

here is what i got:

Sun Jun 26 12:36:09>  telnet smtp-sbc-v1.mail.vip.sc5.yahoo.com 25
Trying 66.163.171.137...
Connected to smtp-sbc-v1.mail.vip.sc5.yahoo.com.
Escape character is '^]'.
220 smtp827.mail.sc5.yahoo.com ESMTP
EHLO foo.com
250-smtp827.mail.sc5.yahoo.com
250-AUTH LOGIN PLAIN XYMCOOKIE
250-PIPELINING
250 8BITMIME
quit
221 smtp827.mail.sc5.yahoo.com
Connection closed by foreign host.

i think it was the whole name resolving thing and the fact that i didnt have a matching entry in saslpass to use against the server

permalink · 2005-06-26 13:39:36 · Print ·

MikeStammer No prison can hold me Premium join:2002-12-26 Aurora, IL	ill check out the stuff you guys mention and let you know. good info!!!
	permalink · 2005-06-26 13:21:21 ·

MikeStammer No prison can hold me Premium join:2002-12-26 Aurora, IL	ok here is what i came up with. in my saslpass file i have the following: smtp.sbc.mail.yahoo4.akadns.net MyUsername@sbcglobal.net:MyPassWord in my transport file i have this: mikestammer.com : * smtp:[smtp.sbc.mail.yahoo4.akadns.net] once i put these in everything worked without needing the IP addresses (which is a good thing). nwrickert, you are the man! Thanks for the info.
	permalink · 2005-06-26 13:31:50 · Print ·

badams join:2005-07-03 San Jose, CA	Thank you sirs. I was on vacation when this happened. I opened a ticket with Yahoo saying they broke my sendmail, and was asked what email client I run. I used define(`confDONT_EXPAND_CNAMES', `True') and advised SBC Yahoo of the resolution. I hope my followup serves other SBC customers well. Bill
	permalink · 2005-07-03 12:21:14 ·

Crypto Premium join:2001-01-07 Saint Charles, MO	Re: Warning: SBC Yahoo SMTP Auth possibly broken Yeah, they dont support running your own MTA at home. I wouldnt ever expect tech support to either know, or care, about our mail server problems. -- I may not agree with what you say, but I'll defend your right to encrypt it.
	permalink · 2005-07-04 11:23:18 ·

your comment..

Forums » Tech and Talk » OS and Software » All Things Unix	blocking content » « Richard Stallman was in town


Monday, 14-Dec 17:00:05	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com.republican-creole page compression OFF