saslauthd stops working
Dan White
dwhite at olp.net
Tue Dec 1 12:40:49 EST 2009
On 01/12/09 09:51 -0600, Cliff Hayes wrote:
>We have 3200 users using a sendmail/dovecot/saslauthd server. I just
>upgraded to new hardware and Fedora 11. Since then saslauthd randomly stops
>working. I have tried auth modes of both pam and shadow and that has not
>helped. Currently using shadow.
>
>This morning users were complaining they could not send mail. Further
>research revealed log entries like the following started at 17:48 and
>continued on till morning for everyone until I did a service saslauthd
>restart:
>
>Nov 30 17:48:29 sendmail saslauthd[1646]: do_auth : auth failure:
>[user=sjcca1] [service=smtp] [realm=] [mech=shadow] [reason=Unknown]
>
>I can find no log entries other than the above so nothing to go on. The
>only thing I can see is that 99% of users have no realm in the log entries.
>Why a few do and most don't is a mystery to me.
>
>I am using version 2.1.22 - I have another server which has 2.1.23 so I know
>a new version is out there.
>When I run yum update it does not report that a newer version of saslauthd
>will be installed, so not sure how to get the newer version or if that will
>help.
Cliff,
I'm moving this discussion to the cyrus-sasl list since it appears to be
the most appropriate location.
Can you provide your saslauthd configuration or startup options (e.g.
/etc/default/saslauthd)? Also include your /etc/saslauthd.conf if you have
one.
Can you provide your sasl related sendmail config?
The existence of a realm may depend on the client implementation.
By default, saslauthd runs with 5 threads. You can increase it with the -n
option.
Try using testsaslauthd to help troubleshoot when the problem is happening.
--
Dan White
More information about the Cyrus-sasl
mailing list