Error using LDAPS and SMTP auth on 587

Bugs and fixes announcements. Please post real bugs and fixes here. Ask in the help forums if unsure.

Moderators: FlorianB, mentor, Pascal, bourgeois

ithex
Posts: 2
Joined: Mon Apr 04, 2016 8:33 pm
How did you hear about Mailcleaner: google

Error using LDAPS and SMTP auth on 587

Postby ithex » Thu Jul 07, 2016 1:49 pm

I'm not sure but I think I might have stumpled on a bug:

If you have user authentication set to LDAP using encryption (LDAPS) you cannot use user authenticated smtp relay.

The log will state something like:
Authentication failed for user myuser on domain mydomain.com (Cannot contact LDAP/AD server at ldaps://xx.xx.xx.xx:38) [xxx.xxx.xxx.xxx] in 0.031 s.

Now as far as I know LDAPS does not use port 38 but port 636.

I'm thinking that maybe the number 38 originates from 389 but is somehow cut off so the 9 is left out... anyway 38 is not the correct port number nor is 389 when LDAPS is used.

The second I disable encryption in user authentication user authenticated SMTP relay work like a charm.

Other than that Mailcleaner has me on my knees in awe... thanks to Team Mailcleaner :-)
ithex
Posts: 2
Joined: Mon Apr 04, 2016 8:33 pm
How did you hear about Mailcleaner: google

FIX for: Error using LDAPS and SMTP auth on 587

Postby ithex » Thu Jan 12, 2017 2:19 pm

Please verify this fix yourself - I take no responsebility for any errors you may encounter.

In file: /usr/mailcleaner/lib/SMTPAuthenticator/LDAP.pm

Change from:

Code: Select all

my $this = {
       error_text => "",
       error_code => -1,
       server => '',
       port => 389,
       use_ssl => 0,
       base => '',
       attribute => 'uid',
       binduser => '',
       bindpassword => '',
       version => 3
   };


To this:

Code: Select all

my $this = {
       error_text => "",
       error_code => -1,
       server => '',
       port => '',
       use_ssl => '',
       base => '',
       attribute => 'uid',
       binduser => '',
       bindpassword => '',
       version => 3
   };


Spelled out remove port "389" and replace with '' (two single quotes). Remove use_ssl "0" and replace with '' (two single quotes).

Haven't tested that extensively, but it seems to be working with and without encryption on LDAP.
FlorianB
Posts: 83
Joined: Wed Apr 01, 2015 2:27 pm
How did you hear about Mailcleaner: boulot

Re: Error using LDAPS and SMTP auth on 587

Postby FlorianB » Wed Mar 08, 2017 5:12 pm

Hello,
Confirmed, we got the bug some month ago too from a customer, if i remember well i let the default value but added the port after the server in the destination server field: myldapserver.test.com:636.
I remember now that it was for IMAPS so probably exactly the same problem. Not really a bug but everybody has to think to add the port...
Regards,
Florian

Return to “Bugs and fixes”

Who is online

Users browsing this forum: No registered users and 0 guests