Postfix-sasl on FreeBSD will not authenticate

Wed Sep 9 11:51:13 UTC 2020

On Tue, 8 Sep 2020 22:12:50 +0000 (UTC), doug at safeport.com stated:
>On Tue, 3 Jul 2018, James B. Byrne via freebsd-questions wrote:
>
>> On Tue, July 3, 2018 18:12, Per olof Ljungmark wrote:  
>>>
>>> On 07/03/18 22:39, James B. Byrne via freebsd-questions wrote:  
>>>> On server A we have cyrus-imapd running with spiped listening on
>>>> TCP:143.  On server B we have postfix-sasl-3.3.0 running with
>>>> spiped listening on TCP:143 linked to server A.
>>>>
>>>> On server A saslauthd is configured in rc.conf to use rimap to the
>>>> localhost:
>>>>
>>>> saslauthd_flags="-a rimap \
>>>>                  -O localhost"    # Use Remote IMAP to authenticat
>>>>
>>>> Postfix is configured to use saslauth to authenticate outgoing
>>>> senders:
>>>>
>>>> smtpd_sasl_auth_enable = yes
>>>> smtpd_sasl_authenticated_header = no
>>>> smtpd_sasl_exceptions_networks =
>>>> smtpd_sasl_local_domain =
>>>> smtpd_sasl_path = smtpd
>>>> smtpd_sasl_security_options = noanonymous
>>>> smtpd_sasl_service = smtp
>>>> smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
>>>> smtpd_sasl_type = cyrus
>>>>
>>>> But I cannot find any such file named smtpd.conf which, according
>>>> to the Postfix documentation, should exist and should contain:
>>>>
>>>> pwcheck_method: saslauthd
>>>> mech_list: PLAIN
>>>>
>>>> It appears to me that postfix is directly looking in
>>>> /usr/local/etc/sasldb2.db itself and, finding no entries, failing
>>>> to authenticate.  How do I tell postfix to use the saslauthd daemon
>>>> instead?
>>>>  
>>>
>>> You must create the file yourself and adjust it to whatever mech you
>>> use, in our case it is saslauthd:
>>>
>>> cat /usr/local/lib/sasl2/smtpd.conf
>>> pwcheck_method: saslauthd
>>> mech_list: plain login
>>
>> Thank you.  Do you know where the path to the file location is
>> specified in the FreeBSD documentation?  
>
>It is in the postfix docs. As I recall it says put it in ../sasls (or
>some such).

This question really belongs on the Postfix forum. In any case, have
you investigated:

http://www.postfix.org/DEBUG_README.html

http://www.postfix.org/DEBUG_README.html#mail

http://www.postfix.org/SASL_README.html

I would highly recommend the following two suggestions:

Better, provide output from the postfinger tool. This can be found at
http://ftp.wl0.org/SOURCES/postfinger.

If the problem is SASL related, consider including the output from the
saslfinger tool. This can be found at
http://postfix.state-of-mind.de/patrick.koetter/saslfinger/.

-- 
Jerry

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20200909/db50bcb2/attachment.sig>