Postfix SASL SMTP Authentication problem

[linuxpyro]

I've got a Debian Etch mail server that I'm trying to get Cyrus-SASL to work on. I'm using Postfix 2.5.5 and 2.1.22 of saslauthd. No matter what I do, I can't seem to get any SMTP authentication to work.

I have the following in /etc/postfix/sasl/smtpd.conf:

Code:

mech_list: plain login digest-md5 cram-md5
pwcheck_method: saslauthd

Here is the relevant part of my main.cf for postfix:

Code:

smtpd_sasl_path = /etc/postfix/sasl:/usr/lib/sasl2:/usr/lib
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions =
        permit_sasl_authenticated,
        permit_mynetworks,
        check_policy_service inet:127.0.0.1:60000,
        reject_non_fqdn_hostname,
        reject_non_fqdn_sender,
        reject_non_fqdn_recipient,
        reject_invalid_hostname,
        reject_unauth_destination,
        reject_unauth_pipelining,
        reject_unknown_sender_domain,
        reject_unknown_address,
        reject_unknown_sender_domain,
        reject_unknown_recipient_domain,
        reject_rbl_client multihop.dsbl.org,
        reject_rbl_client list.dsbl.org,
        reject_rbl_client cbl.abuseat.org

Here is what I have in /etc/defaults/saslauthd:

Code:

START=yes
MECHANISMS="rimap -O localhost"
MECH_OPTIONS=""
THREADS=5
OPTIONS="-c"
PARAMS="-m /var/spool/postfix/var/run/saslauthd"

I have saslauthd authenticating to my IMAP server, and it seems to work fine. I can authenticate all my users both by directly logging in to the IMAP server, and using the testsaslauthd command. However, when I telnet to port 25 of my server and try to login in, I get an authentication failed error. I login by using the string from this command (replacing username and password with my own credentials, of course):
perl -MMIME::Base64 -e 'print encode_base64("username\0username\0password");'

Then, when I try to log in this is the error I get:

Code:

220 clamato.whatsmykarma.com ESMTP Postfix (Debian/GNU)
EHLO localhost
250-clamato.whatsmykarma.com
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-STARTTLS
250-AUTH DIGEST-MD5 LOGIN NTLM CRAM-MD5 PLAIN
250-AUTH=DIGEST-MD5 LOGIN NTLM CRAM-MD5 PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH PLAIN dXNlcm5hbWUAdXNlcm5hbWUAcGFzc3dvcmQ=
535 5.7.8 Error: authentication failed: authentication failure

This is what I get in /var/log/maillog:

Code:

May 21 16:19:41 clamato postfix/smtpd[25045]: warning: localhost[127.0.0.1]: SASL PLAIN authentication failed: authentication failure
May 21 16:20:02 clamato postfix/smtpd[25045]: disconnect from localhost[127.0.0.1]

I thought at first it could be that Postfix is running in a chroot and can't access the sasl mux, but it should be able to reach it from where I have it set. Also, the error doesn't really suggest that's the case. Any ideas? I've been struggling with this for a while.

[Riel]

A bit late, but I think this can work, it did work for me:

I login by using the string from this command (replacing username and password with my own credentials, of course):


perl -MMIME::Base64 -e 'print encode_base64("username\000username\000password");'

Or just

perl -MMIME::Base64 -e 'print encode_base64("username");'
perl -MMIME::Base64 -e 'print encode_base64("password");'

and past them after each other

AUTH LOGIN
334 encrypt 1
334 encrypt 2