Results 1 to 3 of 3
Hello All,
Alright so I am going to need a vacuum to get all the hair out of my keyboard that I have ripped out of my head on this ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 06-26-2007 #1Just Joined!
- Join Date
- Jun 2007
- Location
- Oakland, CA
- Posts
- 11
SASLAUTHD and Postfix 2.4.1
Hello All,
Alright so I am going to need a vacuum to get all the hair out of my keyboard that I have ripped out of my head on this project. I have installed SASL2 and postfix 2.4.1 and I can't seem to get them to work. I have narrowed down the problem to the fact that for some reason Postfix is appending the realm on to the username. Here are all the dumps:
Test the password:
start in debug mode:# /usr/sbin/testsaslauthd -r floppy.mydomain.com -u test -p mypassword
0: OK "Success."
Telnet in to box and try to authenticate:# /usr/sbin/saslauthd -d -a shadow
saslauthd[11057] :main : num_procs : 5
saslauthd[11057] :main : mech_option: NULL
saslauthd[11057] :main : run_path : /var/run/saslauthd
saslauthd[11057] :main : auth_mech : shadow
saslauthd[11057] :ipc_init : using accept lock file: /var/run/saslauthd/mux.accept
saslauthd[11057] :detach_tty : master pid is: 0
saslauthd[11057] :ipc_init : listening on socket: /var/run/saslauthd/mux
saslauthd[11057] :main : using process model
saslauthd[11058] :get_accept_lock : acquired accept lock
saslauthd[11057] :have_baby : forked child: 11058
saslauthd[11057] :have_baby : forked child: 11059
saslauthd[11057] :have_baby : forked child: 11060
saslauthd[11057] :have_baby : forked child: 11061
I show this on the screen now:220 CA Business and Professions Code Section 17538.45 forbids use of this system for unsolicited electronic mail advertisements.
DEBUG SMTP: connected to host "xxx.xxx.xxx.xxx", port: 25
EHLO pingability.com
250-floppy.mydomain.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5 PLAIN LOGIN GSSAPI
250-AUTH=DIGEST-MD5 CRAM-MD5 PLAIN LOGIN GSSAPI
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
DEBUG SMTP: Found extension "PIPELINING", arg ""
DEBUG SMTP: Found extension "SIZE", arg "10240000"
DEBUG SMTP: Found extension "VRFY", arg ""
DEBUG SMTP: Found extension "ETRN", arg ""
DEBUG SMTP: Found extension "AUTH", arg "DIGEST-MD5 CRAM-MD5 PLAIN LOGIN GSSAPI"
DEBUG SMTP: Found extension "AUTH=DIGEST-MD5", arg "CRAM-MD5 PLAIN LOGIN GSSAPI"
DEBUG SMTP: Found extension "ENHANCEDSTATUSCODES", arg ""
DEBUG SMTP: Found extension "8BITMIME", arg ""
DEBUG SMTP: Found extension "DSN", arg ""
DEBUG SMTP: Attempt to authenticate
AUTH LOGIN
334 VXNlcm5hbWU6
bWxoZWlqbQ==
334 UGFzc3dvcmQ6
b3BlbjIzMjM=
535 5.7.0 Error: authentication failed: authentication failure
Authentication Failed Exception
The messages log shows:saslauthd[11057] :main : num_procs : 5
saslauthd[11057] :main : mech_option: NULL
saslauthd[11057] :main : run_path : /var/run/saslauthd
saslauthd[11057] :main : auth_mech : shadow
saslauthd[11057] :ipc_init : using accept lock file: /var/run/saslauthd/mux.accept
saslauthd[11057] :detach_tty : master pid is: 0
saslauthd[11057] :ipc_init : listening on socket: /var/run/saslauthd/mux
saslauthd[11057] :main : using process model
saslauthd[11058] :get_accept_lock : acquired accept lock
saslauthd[11057] :have_baby : forked child: 11058
saslauthd[11057] :have_baby : forked child: 11059
saslauthd[11057] :have_baby : forked child: 11060
saslauthd[11057] :have_baby : forked child: 11061
saslauthd[11058] :rel_accept_lock : released accept lock
saslauthd[11059] :get_accept_lock : acquired accept lock
saslauthd[11058] :do_auth : auth failure: [user=test@floppy.mydomain.com] [service=smtp] [realm=floppy.mydomain.com] [mech=shadow] [reason=Unknown]
saslauthd[11058] :do_request : response: NO
DOES ANYONE KNOW HOW TO DETACH THE DOMAIN FROM THE USERNAME?Jun 26 17:54:04 localhost saslauthd[11057]: detach_tty : master pid is: 0
Jun 26 17:54:04 localhost saslauthd[11057]: ipc_init : listening on socket: /var/run/saslauthd/mux
Jun 26 17:55:39 localhost saslauthd[11058]: do_auth : auth failure: [user=mlheijm@floppy.techtribe.com] [service=smtp] [realm=floppy.techtribe.com] [mech=shadow] [reason=Unknown]
Jun 26 17:58:30 localhost saslauthd[11057]: server_exit : master exited: 0
- 06-27-2007 #2Just Joined!
- Join Date
- May 2007
- Posts
- 16
I've only done it with a MySQL backend for the users, so I'm not entirely clear on how to do it using just SASL. This might help.
Just to let you know, I sympathize with your plight. I spent a week trying to narrow down a problem with Postfix and SASL before discovering it was PAM issue. Hope it helps!
- 06-27-2007 #3Just Joined!
- Join Date
- Jun 2007
- Location
- Oakland, CA
- Posts
- 11
I fixed it...Here is the dumb solution....lol
In the main.cf file I needed to comment out the smtp_sasl_local_domain = X section...
Old main.cf (relevent section)
New main.cf (relevent section) - Notice the new comment#AUTH FUNCTIONS
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
#Restrictions
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, check_relay_domains
#AUTH FUNCTIONS
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
#smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
#Restrictions
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, check_relay_domains
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
