Help with SMTP AUTH
Drew Tomlinson
drew at mykitchentable.net
Sun Mar 16 00:49:28 UTC 2014
On 3/15/2014 12:06 PM, Reko Turja wrote:
> From: Drew Tomlinson
> Sent: Saturday, March 15, 2014 8:10 PM
> To: freebsd-questions at FreeBSD.org
> Subject: Help with SMTP AUTH
>
>> I'm running FreeBSD 10 with Postfix 2.11, Cyrus SASL 2.1.26, and
>> saslauthd 2.1.26 . I've followed various tutorials on the Net and
>> even checked my current configs against backups from a machine that
>> died but used to run smtp auth successfully.
>>
>> I've also tested using testsaslauthd and get the OK message:
>
> Edit /usr/local/lib/sasl2/smtpd.conf and put following in there (add
> additional mechs if needed/desired):
>
> pwcheck_method: saslauthd
> mech_list: plain login
>
> Then check that you have something like this in postfix/master.cf in
> addition of other settings:
>
> smtps inet n - n - - smtpd
> -o smtpd_sasl_auth_enable=yes
> -o smtpd_tls_wrappermode=yes
> -o smtpd_tls_security_level=encrypt
> # -o smtpd_etrn_restrictions=reject
> # Submission kept for older client conformity
> submission inet n - n - - smtpd
> -o smtpd_etrn_restrictions=reject
> -o smtpd_sasl_auth_enable=yes
> -o smtpd_tls_security_level=encrypt
>
> and in postfix main.cf something like this:
>
> smtpd_sasl_security_options = noanonymous
> smtpd_sasl_local_domain = $myhostname
> broken_sasl_auth_clients = yes
> smtpd_sasl_authenticated_header = yes
Thank you for your reply. Your post above gave me the clue I needed to
get sasl_auth listenting. Instead of "-o smtpd_sasl_auth_enable=yes "
in master.cf, I added "smtpd_sasl_auth_enable=yes" to main.cf. I only
had the smtp (client) version of that line in there before.
Now authentication is attempted but fails with these lines in my maillog:
Mar 15 17:40:39 blacklamb postfix/smtpd[91702]: warning: SASL
authentication failure: no user in db
I'm not sure if postfix is using saslauthd. I started it in debug mode
at the console and only got this output even when attempting to use
sasl_auth from a client:
# saslauthd -d -a pam
saslauthd[91714] :main : num_procs : 5
saslauthd[91714] :main : mech_option: NULL
saslauthd[91714] :main : run_path : /var/run/saslauthd
saslauthd[91714] :main : auth_mech : pam
saslauthd[91714] :ipc_init : using accept lock file:
/var/run/saslauthd/mux.accept
saslauthd[91714] :detach_tty : master pid is: 0
saslauthd[91714] :ipc_init : listening on socket:
/var/run/saslauthd/mux
saslauthd[91714] :main : using process model
saslauthd[91714] :have_baby : forked child: 91715
saslauthd[91715] :get_accept_lock : acquired accept lock
saslauthd[91714] :have_baby : forked child: 91716
saslauthd[91714] :have_baby : forked child: 91717
saslauthd[91714] :have_baby : forked child: 91718
I would have expected to see something during the sasl_auth attempt.
Should I have?
Thanks,
Drew
--
Like card tricks?
Visit The Alchemist's Warehouse to
learn card magic secrets for free!
http://alchemistswarehouse.com
More information about the freebsd-questions
mailing list