Issues under FreeBSD 8.0

Corey Chandler lists at sequestered.net
Wed Dec 2 18:17:15 EST 2009 

Dan White wrote:
> On 02/12/09 10:03 -0800, Corey Chandler wrote:
>> I recently upgraded from FreeBSD 7.2 to 8.0.  This resulted in a 
>> strange  error with authdaemond when used in conjunction with 
>> postfix; I've  rebuilt all of the packages, but the config they're 
>> using has worked  since the 6.0 days.
>>
>> I attempt to send a message using SASL and get the following in my 
>> logs  (passwords and hashes have been consistently redacted; nothing 
>> else has  been altered):
>>
>> Dec  1 14:49:06 alcatraz authdaemond: Authenticated: 
>> sysusername=<null>,  sysuserid=1008, sysgroupid=1008, 
>> homedir=/usr/local/virtual/,  address=jay at sequestered.net, 
>> fullname=Jay Chandler,  maildir=sequestered.net/jay at sequestered.net/, 
>> quota=1024000000S,  options=<null>
>> Dec  1 14:49:06 alcatraz authdaemond: Authenticated:  
>> clearpasswd=omgponies, passwd=$1$6dICANHAZPONIEZ?$Z1ySHXcliB8vx0jqwZ9Bp1
>> Dec  1 14:49:06 alcatraz imapd-ssl: LOGIN, user=jay at sequestered.net,  
>> ip=[166.191.99.147], port=[52341], protocol=IMAP
>> Dec  1 14:49:07 alcatraz imapd-ssl: LOGOUT, 
>> user=jay at sequestered.net,  ip=[166.191.99.147], headers=0, body=0, 
>> rcvd=25, sent=699, time=1,  starttls=1
>> Dec  1 14:49:08 alcatraz imapd-ssl: LOGIN, user=jay at sequestered.net,  
>> ip=[166.191.99.147], port=[52342], protocol=IMAP
>> Dec  1 14:49:08 alcatraz authdaemond: Authenticated: 
>> sysusername=<null>,  sysuserid=1008, sysgroupid=1008, 
>> homedir=/usr/local/virtual/,  address=jay at sequestered.net, 
>> fullname=Jay Chandler,  maildir=sequestered.net/jay at sequestered.net/, 
>> quota=1024000000S,  options=<null>
>> Dec  1 14:49:08 alcatraz authdaemond: Authenticated:  
>> clearpasswd=omgponies, passwd=$1$6dICANHAZPONIEZ?$Z1ySHXcliB8vx0jqwZ9Bp1
>> Dec  1 14:49:11 alcatraz imapd-ssl: LOGIN, user=jay at sequestered.net,  
>> ip=[166.191.99.147], port=[52343], protocol=IMAP
>> Dec  1 14:49:11 alcatraz authdaemond: Authenticated: 
>> sysusername=<null>,  sysuserid=1008, sysgroupid=1008, 
>> homedir=/usr/local/virtual/,  address=jay at sequestered.net, 
>> fullname=Jay Chandler,  maildir=sequestered.net/jay at sequestered.net/, 
>> quota=1024000000S,  options=<null>
>> Dec  1 14:49:11 alcatraz authdaemond: Authenticated:  
>> clearpasswd=omgponies, passwd=$1$6dICANHAZPONIEZ?$Z1ySHXcliB8vx0jqwZ9Bp1
> <cut>
>> -- content of /usr/local/lib/sasl2/smtpd.conf --
>> pwcheck_method: authdaemond
>> log_level: 7
>> mech_list: PLAIN LOGIN
>> authdaemond_path: /var/run/authdaemond/socket
>
> Do the postfix syslog entries offer anything useful?
>
Bloody hell, thought they were in the same logfile; my apologies.  The 
issue is that while IMAP works correctly authenticating against 
authdaemond, any attempt I make to authenticate via SASL fails according 
to postfix, yet succeeds according to authdaemond.

As to logs, here you go:

Dec  2 15:10:03 alcatraz postfix/smtpd[16120]: warning: where.i.sit: 
address not listed for hostname HOSTNAME
Dec  2 15:10:03 alcatraz postfix/smtpd[16120]: connect from 
unknown[where.i.sit]
Dec  2 15:10:06 alcatraz postfix/smtpd[16120]: warning: SASL 
authentication failure: could not verify password
Dec  2 15:10:06 alcatraz postfix/smtpd[16120]: warning: SASL 
authentication failure: Password verification failed
Dec  2 15:10:06 alcatraz postfix/smtpd[16120]: warning: 
unknown[where.i.sit]: SASL PLAIN authentication failed: generic failure
Dec  2 15:10:06 alcatraz authdaemond: Authenticated: sysusername=<null>, 
sysuserid=1008, sysgroupid=1008, homedir=/usr/local/virtual/, 
address=jay at sequestered.net, fullname=Jay Chandler, 
maildir=sequestered.net/jay at sequestered.net/, quota=1024000000S, 
options=<null>
Dec  2 15:10:06 alcatraz authdaemond: Authenticated: 
clearpasswd=omgponies, passwd=$1$6dICANHAZPONIEZ?$Z1ySHXcliB8vx0jqwZ9Bp1
Dec  2 15:10:06 alcatraz postfix/smtpd[16120]: warning: SASL 
authentication failure: could not verify password
Dec  2 15:10:06 alcatraz postfix/smtpd[16120]: warning: 
unknown[where.i.sit]: SASL LOGIN authentication failed: generic failure
Dec  2 15:10:06 alcatraz authdaemond: Authenticated: sysusername=<null>, 
sysuserid=1008, sysgroupid=1008, homedir=/usr/local/virtual/, 
address=jay at sequestered.net, fullname=Jay Chandler, 
maildir=sequestered.net/jay at sequestered.net/, quota=1024000000S, 
options=<null>
Dec  2 15:10:06 alcatraz authdaemond: Authenticated: 
clearpasswd=omgponies, passwd=$1$6dICANHAZPONIEZ?$Z1ySHXcliB8vx0jqwZ9Bp1

Someone else reports the same issue at 
http://lists.freebsd.org/pipermail/freebsd-questions/2009-September/205525.html 
but there are no replies.

> smtptest (from cyrus imapd) may help in testing the SMTP AUTH login to
> Postfix.
>
I don't appear to have that anywhere on my box...  I'll see if I can 
track it down.

-- Corey / KB1JWQ

More information about the Cyrus-sasl mailing list