535 5.7.8 Error: authentication failed: authentication failure on AUTH LOGIN and AUTH PLAIN

Question

I have set up my mail server on a docker container. It works well without any problem with mutt. But I need this to authenticate without mutt.

Using Telnet

attempt 1: username = thxrxsh, password = 1010100

attempt 2: username = admin, password = admin@foodie

thxrxsh@foodie:~$ telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.foodie.zeroday ESMTP Postfix (Ubuntu)
EHLO localhost
250-mail.foodie.zeroday
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250-SMTPUTF8
250 CHUNKING
AUTH LOGIN
334 VXNlcm5hbWU6
dGh4cnhzaA==
334 UGFzc3dvcmQ6
MTAxMDEwMA==
535 5.7.8 Error: authentication failed: authentication failure
AUTH LOGIN
334 VXNlcm5hbWU6
YWRtaW4=
334 UGFzc3dvcmQ6
YWRtaW5AZm9vZGll
535 5.7.8 Error: authentication failed: authentication failure

Using openssl

Attempt 1: Username = thxrxsh@mail.foodie.zeroday , Password = 1010100

Attempt 2: Username = thxrxsh, Password = 1010100

thxrxsh@foodie:~$ openssl s_client -connect 192.168.85.219:25 -starttls smtp
CONNECTED(00000003)
Can't use SSL_get_servername
depth=0 CN = 794dfb4086c8
verify error:num=18:self signed certificate
verify return:1
depth=0 CN = 794dfb4086c8
verify return:1
---
Certificate chain
 0 s:CN = 794dfb4086c8
   i:CN = 794dfb4086c8
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIDATCCAemgAwIBAgIUdbyfx1OjMN9ufRXbZl/K7Tdsx7EwDQYJKoZIhvcNAQEL
BQAwFzEVMBMGA1UEAwwMNzk0ZGZiNDA4NmM4MB4XDTI0MTAyMDEzMzc1NVoXDTM0
MTAxODEzMzc1NVowFzEVMBMGA1UEAwwMNzk0ZGZiNDA4NmM4MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmH3Ox6QwBC/W593rAkD7GunwZpEO253uaIAi
dN8NB/np8ljtycdtvGFyReIMAVeDlEq+SmZpxwZV/reG/Mk0nFkmEJV7Q5genzCp
NL26kH0ruJV8bXJEtrg7BrBsrekxH4HXwnoRh/Bs7V9dbxRkGJps1x4h0rotuCLn
FRc9GWy1PKLnZe0VTUmpUfLXB6fzm9lKwBmSPGsFLcuCTEU1YKPl6H54E+pDIRdH
j+OGZCaxDhE9UaKgaeLz8Jeb+kqAtDeoantQvBveDF2G2qyXzaiMeA/v+ptGnJTV
1CoVUwEwZC6WUkf8UwuaAAPEMz6wShEbLlz7W8hRwSu9b/eEHwIDAQABo0UwQzAJ
BgNVHRMEAjAAMBcGA1UdEQQQMA6CDDc5NGRmYjQwODZjODAdBgNVHQ4EFgQU3Yjo
raMGP5uMzdacw9Y83L2CgtAwDQYJKoZIhvcNAQELBQADggEBAH6ctNb5R2iDkQ+X
QDNIWSmvcD/6LrhlEvouz7+NwVmewnnHZ6XkDVHLk/Xp5qbi4oVVYVgeHMhI2yfp
UDyoebvcAlKFSAZ7e72QiPzQUpAEnC8kHc50X99R9oMpC0HdJVAz9RhGkwUsv3f1
ceRjOand+DxnZNOPG0Ja4dv9YEjACFhMi9ToACyZMHyTTcPowq3DCKQLCC3C9w3c
H9YUO6wYAHqPbxCQZfYsjNzUnc0y0EADb9ktGtowTYXqtW7MWiXkZ/7bwW+czkgm
brw1MyoBXrgzjkn33x78eljW4/bARM7U+jvbRU0HaTQ1sh5C8dAah8VNMDoOQrz0
Kl2vV7o=
-----END CERTIFICATE-----
subject=CN = 794dfb4086c8

issuer=CN = 794dfb4086c8

---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 1599 bytes and written 396 bytes
Verification error: self signed certificate
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 18 (self signed certificate)
---
250 CHUNKING
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS_AES_256_GCM_SHA384
    Session-ID: FA65268384EB88113FF0E1BAFFD5045BE9717F9F88C1DF0586E259D61F8B2CAF
    Session-ID-ctx:
    Resumption PSK: E46B41C22C244ACAF8CDBF827AF19A212AC01EC99DA89F1783602E03BA6CE21385EAF40D8E12A522E12C64B04D33763D
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 7200 (seconds)
    TLS session ticket:
    0000 - cd 3a c4 40 5a 52 af c1-f9 1b 0a 13 f5 28 3b 16   .:.@ZR.......(;.
    0010 - 6d 1b 4c 91 ec b3 90 d3-33 96 71 27 c8 3b 63 e3   m.L.....3.q'.;c.
    0020 - 51 08 24 3b 16 d7 fb ed-f1 b9 27 5b 55 15 00 66   Q.$;......'[U..f
    0030 - d4 79 4c 50 6a 44 ba 69-00 bd d5 3d 5d b9 0f 66   .yLPjD.i...=]..f
    0040 - f3 6f 4b 64 d7 a3 62 58-c2 c7 63 31 57 83 f2 55   .oKd..bX..c1W..U
    0050 - d9 e1 0d c0 f3 47 cd de-10 11 75 25 9a d2 ac 7b   .....G....u%...{
    0060 - 5c 14 1b d1 27 ef 0e 03-66 d7 58 82 8c 53 d9 5e   \...'...f.X..S.^
    0070 - 38 cc c2 4b f3 dc a2 75-19 3c a1 32 20 bb a0 c7   8..K...u.<.2 ...
    0080 - dc d5 26 e6 17 7a 80 d8-dc 6c ef a2 34 11 64 be   ..&..z...l..4.d.
    0090 - f0 16 31 e4 63 91 76 ac-f4 68 c0 97 85 77 2f 6b   ..1.c.v..h...w/k
    00a0 - e2 cb df de 51 15 9b e0-a8 bc ff 8f a2 cb be 39   ....Q..........9
    00b0 - 31 ce 91 ae d1 fb e4 47-3c 86 04 30 94 91 5e fc   1......G<..0..^.
    00c0 - ee a3 9f b5 ea 25 60 ff-07 4e 52 ed c4 55 7d 14   .....%`..NR..U}.

    Start Time: 1733047605
    Timeout   : 7200 (sec)
    Verify return code: 18 (self signed certificate)
    Extended master secret: no
    Max Early Data: 0
---
read R BLOCK
EHLO localhost
250-mail.foodie.zeroday
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250-SMTPUTF8
250 CHUNKING
AUTH LOGIN
334 VXNlcm5hbWU6
dGh4cnhzaEBtYWlsLmZvb2RpZS56ZXJvZGF5
334 UGFzc3dvcmQ6
MTAxMDEwMA==
535 5.7.8 Error: authentication failed: authentication failure
AUTH LOGIN
334 VXNlcm5hbWU6
dGh4cnhzaA==
334 UGFzc3dvcmQ6
MTAxMDEwMA==
535 5.7.8 Error: authentication failed: authentication failure

But mutt works well. This is my .muttrc,

set smtp_url = "smtp://mail.foodie.zeroday:25"
set from = "thxrxsh@mail.foodie.zeroday"
set realname = "Tharusha Piyumal"

set folder = "imaps://mail.foodie.zeroday:993"
set spoolfile = "+INBOX"
set record = "+sent"
set smtp_authenticators = "login, plain"

The MailServer runs on a docker container.

thxrxsh@foodie:~$ docker ps
CONTAINER ID   IMAGE        COMMAND                  CREATED       STATUS       PORTS                                                                                                             NAMES
e2f7a873d98e   mailserver   "/bin/sh -c 'service…"   5 weeks ago   Up 4 hours   0.0.0.0:25->25/tcp, :::25->25/tcp, 0.0.0.0:110->110/tcp, :::110->110/tcp, 0.0.0.0:143->143/tcp, :::143->143/tcp   MailServer

This is my main.cf,

# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 3.6 on
# fresh installs.
compatibility_level = 3.6



# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_security_level=may

smtp_tls_CApath=/etc/ssl/certs
smtp_tls_security_level=may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache


smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = mail.foodie.zeroday
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = $myhostname, localhost.$mydomain, localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = ipv4
mydomain = foodie.zeroday
home_mailbox = Maildir/


smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_tls_loglevel = 2
smtpd_sasl_mechanism_filter = LOGIN, PLAIN