Mailsend mit posteo.de Account

herbdan2025 · November 7, 2024, 7:21pm

Hallo,

ich bekomme es nicht hin das das Mail mit Mailsend versendet wird mit meinem posteo.de Account.

Folgende Settings:

mailsend -f "xyz@gmail.com" -t "xyz@xyz.com" -smtp "smtp.gmail.com" -starttls -auth-login -user "xyz@gmail.com" -pass "abcdefghijklmnop" -sub "Test from OpenWrt" -M "Test from OpenWrt"

-smtp "posteo.de"
-starttls
-auth-plain

Folgende Fehlermeldung kommt:

Error: AUTH PLAIN failed: '535 5.7.8 Error: authentication failed: '
Could not send mail

Wo könnte der Fehler liegen?
Über Nextcloud mit den gleichen Einstellung funktioniert der Mailversand?

golialive · November 7, 2024, 7:34pm

Please use english here.

Are you sure "xyz@gmail.com" is your posteo account? Posteo documentation always uses something@posteo.de usernames.

herbdan2025 · November 7, 2024, 7:44pm

Hello,

I can't get the mail to be sent with Mailsend with my posteo.de account.

The following settings:

mailsend -f “xyz@posteo.de” -t “xyz@xyz.com” -smtp “posteo.de” -starttls -auth-plain -user “xyz@posteo.de” -pass “abcdefghijklmnop” -sub “Test from OpenWrt” -M “Test from OpenWrt”

-smtp “posteo.de”
-starttls
-auth-plain

The following error message appears:

Error: AUTH PLAIN failed: '535 5.7.8 Error: authentication failed: '
Could not send mail

Where could the error be?
Sending mail via Nextcloud with the same settings works?

bluewavenet · November 7, 2024, 9:07pm

starttls was an old method of encrypting the message body, leaving headers in plain text. As such it has been deprecated for a very long time. Many smtp service providers are now removing, or have already removed, support for it.

Quite possibly posteo.de no longer supports or has never supported starttls.

Instead you should use tls/ssl directly using port 465 (most common) or port 587 (newer).

I don't know if mailsend supports smtp-ssl.

greem · November 7, 2024, 10:10pm

Sorry to correct you, but that's just plain wrong - I've been running email systems (from tens to millions of users) for almost 30 years and still do.

STARTTLS is very commonly offered on port 25 by most/many servers, also on port 587 for submission (rather than incoming internet email). The transaction starts in plain text but switches to TLS immediately the STARTTLS command is advertised and then used.

Port 465 is often referred to as "legacy TLS-on-connect", being a TLS connection from the outset - but this is also only normally used for submission from an MUA.

I suspect that the OP needs to use port 587. Offering AUTH on port 25 is incredibly rare.

brada4 · November 7, 2024, 10:15pm

Authentication failed means one of:
you sent them in plain before tls
your password is genuinely wrong

Either way trace commands you sent to mta too get multi-line response and adjust accordingly.

bluewavenet · November 8, 2024, 10:51am

No problem - I did miss-speak a little - I'll get to this later. It is always good to discuss things!

Me too.

Yes, but becoming less so as time goes by due to security issues such as MITM starttls stripping, mailbox spoofing, credential harvesting and many others.

As far as I can see, gmail now only accepts starttls on port 587... If I get time I will do some tests.

I miss spoke with this, I should have said "As such it should be considered deprecated and its use should be discouraged".

Things are moving, albeit slowly, to officially deprecate starttls in favour of impicit-tls.
For reference see: