Postfix+TLS+SASL

Martin Hudec corwin at aeternal.net
Mon Jan 26 06:07:52 PST 2004 

Hello all,

I have postfix with tls and sasl2.
I am trying to use KMail with TLS + DIGEST-MD5 authentication set to send 
emails using localhost as mailserver. I did set:

saslpasswd2 -a postfix -u aeternal.net -c corwin

it created sasldb2.db but it shows in logfile following:

Jan 26 14:40:02 amber saslpasswd2: setpass succeeded for corwin
Jan 26 14:40:02 amber saslpasswd2: Couldn't update db

but sasldblistusers2 shows following:
corwin at aeternal.net: userPassword

That is my first question: why I see that Couldn't update db in logfile?

Second one is why I can't send emails using KMail with TLS+DIGEST-MD5..

Messages in logfile are:
Jan 26 14:52:23 amber postfix/smtpd[16912]: connect from localhost[127.0.0.1]
Jan 26 14:52:23 amber postfix/smtpd[16912]: setting up TLS connection from 
localhost[127.0.0.1]
Jan 26 14:52:24 amber postfix/smtpd[16912]: TLS connection established from 
localhost[127.0.0.1]: TLSv1 with cipher RC4-MD5 (128/128 bits)
Jan 26 14:52:24 amber postfix/smtpd[16912]: warning: SASL authentication 
failure: no user in db
Jan 26 14:52:24 amber postfix/smtpd[16912]: warning: SASL authentication 
failure: client response doesn't match what we generated
Jan 26 14:52:24 amber postfix/smtpd[16912]: warning: localhost[127.0.0.1]: 
SASL DIGEST-MD5 authentication failed
Jan 26 14:52:25 amber postfix/smtpd[16912]: disconnect from 
localhost[127.0.0.1]

Please kindly help me on this one..thank you


/usr/local/lib/sasl2/smtpd.conf has:
pwcheck_method:saslauthd

/etc/postfix/main.cf has:
# sasl config
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = aeternal.net

smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, 
reject_unauth_destination

# tls config
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_startssl_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.pem
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.pem
smtpd_tls_CA_file = /etc/postfix/ssl/smtpd.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

-- 
:
:. kind regards
:..                      Martin Hudec
:.:
:.: =w= http://www.aeternal.net
:.: =m= +421.907.303393
:.: =@= corwin at aeternal.net
:.:
:.: "When you want something, all the universe 
:.:   conspires in helping you to achieve it."
:.:                   - The Alchemist (Paulo Coelho)

More information about the freebsd-questions mailing list