saslauthd stops working

Dan White dwhite at olp.net
Tue Dec 1 12:40:49 EST 2009


On 01/12/09 09:51 -0600, Cliff Hayes wrote:
>We have 3200 users using a sendmail/dovecot/saslauthd server.  I just
>upgraded to new hardware and Fedora 11.  Since then saslauthd randomly stops
>working.  I have tried auth modes of both pam and shadow and that has not
>helped.  Currently using shadow.
>
>This morning users were complaining they could not send mail.  Further
>research revealed log entries like the following started at 17:48 and
>continued on till morning for everyone until I did a service saslauthd
>restart:
>
>Nov 30 17:48:29 sendmail saslauthd[1646]: do_auth         : auth failure:
>[user=sjcca1] [service=smtp] [realm=] [mech=shadow] [reason=Unknown]
>
>I can find no log entries other than the above so nothing to go on.  The
>only thing I can see is that 99% of users have no realm in the log entries.
>Why a few do and most don't is a mystery to me.
>
>I am using version 2.1.22 - I have another server which has 2.1.23 so I know
>a new version is out there.
>When I run yum update it does not report that a newer version of saslauthd
>will be installed, so not sure how to get the newer version or if that will
>help.

Cliff,

I'm moving this discussion to the cyrus-sasl list since it appears to be
the most appropriate location.

Can you provide your saslauthd configuration or startup options (e.g.
/etc/default/saslauthd)? Also include your /etc/saslauthd.conf if you have
one.

Can you provide your sasl related sendmail config?

The existence of a realm may depend on the client implementation.

By default, saslauthd runs with 5 threads. You can increase it with the -n
option.

Try using testsaslauthd to help troubleshoot when the problem is happening.

-- 
Dan White


More information about the Cyrus-sasl mailing list