postfix smtp auth TLS , cyrus sasl SSL/TLS
bruno schwander
bruno at tinkerbox.org
Tue Aug 24 15:57:01 PDT 2004
Trying to get cyrus with SSL/TLS, as well as postfix with smtp auth
what I did: follow the howtos
http://postfix.state-of-mind.de/patrick.koetter/smtpauth/sasldb_configuration.html
http://yocum.org/faqs/postfix-tls-sasl.html
things working so far:
I can login to imap accounts using SSL or TLS, and CRAM-MD5, etc. This is
with sasldb, as cyrus is configured with
sasl_pwcheck_method: auxprop
saslauthd is not running.
strange issue: whenever login in successfully, /var/log/messages shows (IP
changed)
Aug 24 13:55:55 www imaps[2004]: login:
adsl-X-X-X.pacbell.net [XX.XX.XX.XX] bruno CRAM-MD5+TLS User logged in
and in /var/log/auth:
Aug 24 13:55:55 www imaps[2004]: no user in db
sasldblistusers2 shows the user is there. Stranger: when
changing/adding/removing users to the sasldb database, I get this in
/var/log/messages:
Aug 24 14:04:37 www saslpasswd2: setpass succeeded for bruno
Aug 24 14:04:37 www saslpasswd2: Couldn't update db
Aug 24 14:04:37 www last message repeated 2 times
I do not know which db is not being updated, because I can list
users, and check they are in there.
Since encrypted login to imaps essentially works, I would not care, but
now that I am trying to get postfix smtp auth working through sasl, I
think it might be an issue.
When trying to login to postfix/smtp, the following message appears in
/var/log/messages:
Aug 24 15:49:50 www postfix/smtpd[2977]: warning: SASL authentication
failure: no user in db
Aug 24 15:49:50 www postfix/smtpd[2977]: warning: SASL authentication
failure: no user in db
Aug 24 15:49:50 www postfix/smtpd[2977]: warning: SASL authentication
failure: no secret in database
Aug 24 15:49:50 www postfix/smtpd[2977]: warning:
XXX.XXX.XXX.XXX.pacbell.net[XX.XX.XX.XX]:
SASL CRAM-MD5
authentication failed
So, the questions are:
- which db is not being updated ?
- why is authentication failing with smtp and not imap ?
Any help greatly appreciated !
bruno
More information about the freebsd-questions
mailing list