Postfix with SASL2 Problem
John Morgan Salomon
john at zog.net
Sun Apr 24 15:59:43 PDT 2005
Hi there, sorry if this is offtopic, but I'm a bit lost as to where
else to ask.
I have cyrus-sasl2, cyrus-sasl2-saslauthd and Postfix installed
from ports on a FreeBSD 5.3-R system. I'm trying to get SASL2
getpwent auth working with Postfix. Unfortunately, I keep getting
the following error:
Apr 25 00:12:46 shiva postfix/smtpd[2430]: warning: SASL
authentication failure: cannot connect to saslauthd server: No such
file or directory
All the mails I've seen with this error were related to chrooting
postfix and it not finding the sasl2 mux stuff. I'm not
doing any chrooting (yet). I'd be very grateful for any hints for
stupid stuff that I might be missing.
saslauthd is running (I use it to authenticate Apache2 users), and
testsaslauthd works. TLS with Postfix is also OK, as I see TLS
negotiations with other mail servers. Debug level 10 in Postfix
only shows me smtpd receiving the password, then the above error.
Postfix receives mail nicely,
Thanks for any help, I'm thoroughly confused at this point.
-John
----------------
Here's some info on my system:
shiva# pkg_info|grep -i sasl
cyrus-sasl-2.1.20_1 RFC 2222 SASL (Simple Authentication and
Security Layer)
cyrus-sasl-saslauthd-2.1.20_1 SASL authentication server for cyrus-sasl2
p5-Authen-SASL-2.08 Perl5 module for SASL authentication
shiva# pkg_info|grep -i postfix
postfix-2.2.1,1 A secure alternative to widely-used Sendmail
------------
shiva# uname -a
FreeBSD shiva 5.3-RELEASE-p6 FreeBSD 5.3-RELEASE-p6 #3: Mon Apr 4
14:50:36 CEST 2005 root at shiva:/usr/obj/usr/src/sys/SHIVA i386
shiva# cat /usr/local/lib/sasl2/smtpd.conf
pwcheck_method: saslauthd
mech_list: plain login
saslauthd_path: /var/state/saslauthd
shiva# grep -i sasl /etc/rc.conf
# SASL2
saslauthd_enable="YES" # Enable saslauthd
saslauthd_flags="-a getpwent" # Flags to saslauthd
program
saslauthd_runpath="/var/state/saslauthd" # Working directory
saslauthd_program="/usr/local/sbin/saslauthd" # Location of saslauthd
------------
>From Postfix master.cf:
smtp inet n - n - - smtpd
(not chrooted)
-------------
SASL and TLS bits from my Postfix main.cf (I've tried using
both sasl and sasl2 in all the sasl-related directives, to
the same result):
# SASL stuff
enable_sasl_authentication = yes
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtp_sasl_security_options = noanonymous
smtpd_sasl_application_name = smtpd
smtpd_sender_restrictions =
permit_sasl_authenticated
permit_mynetworks
smtpd_sender_login_maps = hash:/usr/local/etc/postfix/sender_login_maps
smtpd_client_restrictions =
permit_sasl_authenticated,
permit_mynetworks,
permit_auth_destination,
accept
smtpd_recipient_restrictions =
permit_sasl_authenticated,
permit_mynetworks
# TLS Stuff
#
# This will only allow authentication of users once TLS has been
# started and information being transferred is encrypted.
#
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtp_enforce_tls = no
smtpd_use_tls = yes
smtpd_enforce_tls = no
smtp_tls_loglevel = 1
smtpd_tls_received_header = yes
# keys
smtpd_tls_key_file = /usr/local/shiva/CA/smtpd.pem
smtpd_tls_cert_file = /usr/local/shiva/CA/smtpd.pem
smtpd_tls_CAfile = /usr/local/shiva/CA/cacert.pem
# session cache
sdbm:/usr/local/etc/postfix/smtp_scache
sdbm:/usr/local/etc/postfix/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
html_directory = no
More information about the freebsd-questions
mailing list