Sasl/Postfix/SMTP AUTH
Shelley Waltz
shwaltz at cabm.rutgers.edu
Thu Mar 4 13:18:25 EST 2004
it's the space before the colon!
I changed
pwcheck_method : saslauthd
to
pwcheck_method: saslauthd
and it works.
On Thu, 4 Mar 2004, Shelley Waltz wrote:
/usr/lib/sasl2/smtpd.conf file has the following:
pwcheck_method : saslauthd
what else?
On Thu, 4 Mar 2004, Prentice Bisbal wrote:
Shelly,
Do you need to make any changes in /usr/lib/sasl2/smtpd.conf?
Prentice
Shelley Waltz wrote:
> I am running cyrus-sasl-2.1.17-1(Simon's rpms) with
> cyrus-imapd-2.2.3(Simon's rpms) and have authentication
> using saslauthd -ldap with mechanism plain with STARTTLS
> working fine.
>
> I am now tring to do the same with Postfix-2.0.18 such that it
> will relay if authenticated using SMTP AUTH.
> Even though saslauthd is started using "saslauthd -ldap",
> it appears as though postfix tries to get the password from
> sasldb ...
>
> Mar 4 10:05:21 chipmunk postfix/postfix-script: starting the Postfix mail
> system
> Mar 4 10:05:21 chipmunk postfix/master[12079]: daemon started -- version
> 2.0.18
> Mar 4 10:05:42 chipmunk imaps[11950]: accepted connection
> Mar 4 10:05:42 chipmunk imaps[11950]: TLS server engine: cannot load CA
> data
> Mar 4 10:05:48 chipmunk imaps[11950]: mystore: starting txn 2147483665
> Mar 4 10:05:48 chipmunk imaps[11950]: mystore: committing txn 2147483665
> Mar 4 10:05:48 chipmunk imaps[11950]: starttls: SSLv3 with cipher RC4-MD5
> (128/128 bits new) no authentication
> Mar 4 10:05:54 chipmunk imaps[11950]: login: raven.cabm.rutgers.edu
> [192.76.178.8] shelley plain+TLS User logged in
> Mar 4 10:05:54 chipmunk imaps[11950]: seen_db: user shelley opened
> /usr/cyrus/imap/user/s/shelley.seen
> Mar 4 10:05:54 chipmunk imaps[11950]: open: user shelley opened INBOX
> Mar 4 10:05:56 chipmunk master[8912]: process 11801 exited, status 0
> Mar 4 10:05:56 chipmunk master[12085]: about to exec
> /usr/lib/cyrus-imapd/imapd
> Mar 4 10:05:56 chipmunk imaps[12085]: executed
> Mar 4 10:06:29 chipmunk postfix/smtpd[12086]: connect from
> raven.cabm.rutgers.edu[192.76.178.8]
> Mar 4 10:06:29 chipmunk postfix/smtpd[12086]: warning: SASL
> authentication problem: unable to open Berkeley db /etc/sasldb2: No such
> file or directory
> Mar 4 10:06:29 chipmunk postfix/smtpd[12086]: warning: SASL
> authentication problem: unable to open Berkeley db /etc/sasldb2: No such
> file or directory
> Mar 4 10:06:29 chipmunk postfix/smtpd[12086]: warning: SASL
> authentication failure: Password verification failed
> Mar 4 10:06:29 chipmunk postfix/smtpd[12086]: warning:
> raven.cabm.rutgers.edu[192.76.178.8]: SASL PLAIN authentication failed
> Mar 4 10:06:53 chipmunk postfix/smtpd[12086]: warning: SASL
> authentication problem: unable to open Berkeley db /etc/sasldb2: No such
> file or directory
> Mar 4 10:06:53 chipmunk last message repeated 3 times
> Mar 4 10:06:53 chipmunk postfix/smtpd[12086]: warning: SASL
> authentication failure: Password verification failed
> Mar 4 10:06:53 chipmunk postfix/smtpd[12086]: warning:
> raven.cabm.rutgers.edu[192.76.178.8]: SASL PLAIN authentication failed
>
>
> If I then create a /usr/lib/sasl2/smtpd.conf file with the following:
> pwcheck_method : saslauthd
>
> the result is the following ...
>
> Mar 4 10:11:17 chipmunk postfix/master[12149]: daemon started -- version
> 2.0.18
> Mar 4 10:11:48 chipmunk imaps[12085]: accepted connection
> Mar 4 10:11:48 chipmunk imaps[12085]: TLS server engine: cannot load CA
> data
> Mar 4 10:11:53 chipmunk imaps[12085]: mystore: starting txn 2147483667
> Mar 4 10:11:53 chipmunk imaps[12085]: mystore: committing txn 2147483667
> Mar 4 10:11:53 chipmunk imaps[12085]: starttls: SSLv3 with cipher RC4-MD5
> (128/128 bits new) no authentication
> Mar 4 10:11:59 chipmunk imaps[12085]: login: raven.cabm.rutgers.edu
> [192.76.178.8] shelley plain+TLS User logged in
> Mar 4 10:11:59 chipmunk imaps[12085]: seen_db: user shelley opened
> /usr/cyrus/imap/user/s/shelley.seen
> Mar 4 10:11:59 chipmunk imaps[12085]: open: user shelley opened INBOX
> Mar 4 10:12:18 chipmunk postfix/smtpd[12155]: fatal: SASL per-process
> initialization failed
> Mar 4 10:12:19 chipmunk postfix/master[12149]: warning: process
> /usr/libexec/postfix/smtpd pid 12155 exit status 1
> Mar 4 10:12:19 chipmunk postfix/master[12149]: warning:
> /usr/libexec/postfix/smtpd: bad command startup -- throttling
> Mar 4 10:12:41 chipmunk master[8912]: process 11950 exited, status 0
>
>
> What is necessary in the configuration to get this to work. Below are my
> config files.
>
> [root at chipmunk sasl2]# more /etc/saslauthd.conf
> ldap_servers: ldap://localhost/
> ldap_search_base: dc=cabm.rutgers,dc=edu
> ldap_bind_dn: cn=chipmunk,dc=cabm.rutgers,dc=edu
> ldap_bind_pw: xxxxxx
> ldap_version: 3
> #ldap_timeout: 5
> #ldap_timelimit: 5
> ldap_restart: yes
> ldap_scope: sub
> ldap_search_base: dc=cabm.rutgers,dc=edu
> ldap_auth_method: bind
> #ldap_filter: (|(uid=%u)(mail=%u)(alias=%u))
> ldap_filter: (uid=%u)
> ldap_debug: 9
> ldap_verbose: 1
> ldap_ssl: no
>
>
> postfix/main.cf
> # sasl auth config
> broken_sasl_auth_clients = yes
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_security_options =
>
>
> Shelley Waltz
>
> ---
> Home Page: http://asg.web.cmu.edu/cyrus
> Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
---
Home Page: http://asg.web.cmu.edu/cyrus
Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
---
Home Page: http://asg.web.cmu.edu/cyrus
Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list