Postfix error, SASL authentication failed; cannot authenticate to server, no mechanism available

Firman Azis Rauf asked:

I would like to set up postfix relay to my website hosting SMTP server, from my home server. It’s Centos 7, set up using dynamic IP and dynamic DNS. Because of limited space in my hosting site, I would like to host my own mailbox, while still using SMTP of the site because of its static IP.
I set up my postfix according to this tutorial.

However when I test send email to Gmail, my email is deferred. Where do I set up wrong? I use the email account using Thunderbird and it connects fine (STARTTLS, Normal Password)

warning: SASL authentication failure: No worthy mechs found
Mar 24 11:42:48 server.local postfix/error[4142]: D16F51084542: to=<******>, relay=none, delay=361, delays=361/0.02/0/0.02, dsn=4.7.0, status=deferred (delivery temporarily suspended: SASL authentication failed; cannot authenticate to server[202.52.***.***]: no mechanism available)

Here is my

smtpd_banner = $myhostname ESMTP $mail_name (CentOS)
biff = no
append_dot_mydomain = no
readme_directory = no
myhostname =
mydomain =
mynetworks = [::1]/128 [fe80::]/64
relayhost = []:587
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd
smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.crt
smtp_tls_security_level = encrypt
smtp_generic_maps = hash:/etc/postfix/map/generic_map, regexp:/etc/postfix/map/regex_map
smtpd_client_restrictions = permit_mynetworks, reject
smtpd_restriction_classes = mua_sender_restrictions, mua_client_restrictions, mua_helo_restrictions   
mua_client_restrictions = permit_sasl_authenticated, reject
mua_sender_restrictions = permit_sasl_authenticated, reject
mua_helo_restrictions = permit_mynetworks, reject_non_fqdn_hostname, reject_invalid_hostname, permit


[]:587       [email protected]:password


/[email protected]\.duckdns\.org/   [email protected]

postconf -df | grep sasl

broken_sasl_auth_clients = no
cyrus_sasl_config_path =
lmtp_sasl_auth_cache_name =
lmtp_sasl_auth_cache_time = 90d
lmtp_sasl_auth_enable = no
lmtp_sasl_auth_soft_bounce = yes
lmtp_sasl_mechanism_filter =
lmtp_sasl_password_maps =
lmtp_sasl_path =
lmtp_sasl_security_options = noplaintext, noanonymous
lmtp_sasl_tls_security_options = $lmtp_sasl_security_options
lmtp_sasl_tls_verified_security_options = $lmtp_sasl_tls_security_options
lmtp_sasl_type = cyrus
proxy_write_maps = $smtp_sasl_auth_cache_name $lmtp_sasl_auth_cache_name
send_cyrus_sasl_authzid = no
smtp_sasl_auth_cache_name =
smtp_sasl_auth_cache_time = 90d
smtp_sasl_auth_enable = no
smtp_sasl_auth_soft_bounce = yes
smtp_sasl_mechanism_filter =
smtp_sasl_password_maps =
smtp_sasl_path =
smtp_sasl_security_options = noplaintext, noanonymous
smtp_sasl_tls_security_options = $smtp_sasl_security_options
smtp_sasl_tls_verified_security_options = $smtp_sasl_tls_security_options
smtp_sasl_type = cyrus
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated,
smtpd_sasl_auth_enable = no
smtpd_sasl_authenticated_header = no
smtpd_sasl_exceptions_networks =
smtpd_sasl_local_domain =
smtpd_sasl_path = smtpd
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
smtpd_sasl_type = cyrus

My answer:

Install the package cyrus-sasl-plain to provide the SASL PLAIN authentication method.

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.