dslreports logo
    All Forums Hot Topics Gallery


how-to block ads

Search Topic:
share rss forum feed



[E-mail] SASL authentication failed; cannot authenticate to serv

SASL authentication failed; cannot authenticate to server smtp.comcast.net

I'm a Unix sysadmin and I run my own SMTP server. I have a DSL modem, which connects to a firewall, which connects to a SMTP server. For outbound email, Postfix goes through smtp.comcast.net:587, and authenticates using SASL.

This setup has been working fine for years. However, over the past 2 weeks, I've been experiencing sporadic problems. It appears the SASL auth sometimes fails, but eventually succeeds. This typically delays my outbound email by about 6 to 12 hours.

Is anyone else seeing this? Here's the full message from Postfix:

May 24 00:07:45 ebola postfix/smtp[21107]: warning: SASL authentication failure: No worthy mechs found
May 24 00:07:45 ebola postfix/smtp[21107]: 50A7C1873C5: to=, relay=smtp.comcast.net[]:587, delay=19763, delays=19763/0.09/0.07/0, dsn=4.7.0, status=deferred (SASL authentication failed; cannot authenticate to server smtp.comcast.net[]: no mechanism available)

There's sand in my tool bag

1 edit

1 recommendation

Re: [E-mail] SASL authentication failed; cannot authenticate to

So you are a non comcast customer trying to funnel outgoing mail from your server on an outside connection through comcasts servers? Or are you a valid comcast customer just using your account info to forward other mail traffic offsite through comcast? Why not just use the DSL providers upstream SMTP server?

I would hope this is blocked via Comcast, as it's not what they are for.

Edit: If you are a valid Comcast customer, can you increase the debug_peer_level to 3 and add Comcasts server to debug_peer_list in the postfix configs (don't forget to restart the service) and then post the logs?

Tech at the Beach.
I speak for myself, not my employer.



1 edit
Thanks for the logging tip. Yes, I am a Comcast customer, trying to send out my email.

Log in attachment (truncated otherwise?!), thanks!

Attachment deleted (destroyed) per request of renw. ~sorto'


reply to renw
Figured it out. Although Comcast advertises "AUTH LOGIN PLAIN", the Postfix SASL library won't do plain text auth by default. It needs to be told it's okay with:

smtp_sasl_security_options = noanonymous

See »www.postfix.org/SASL_README.html···l_policy.

Thanks for your help "beachintech"! I just needed to dig deeper.