* Vince LaMonica <[EMAIL PROTECTED]>: > First off the problem: setting up a new server with Ubuntu 8.04; hand > compiling everything. Old server was Ubuntu 6.06 with hand-compiled > Postfix 2.4.6. For the new server, I did a fresh install of 2.5.5. > Apparently I'm missing something in the release notes though, as I'm > getting this error when I attempt to send an e.mail using authentication: > > Oct 27 07:31:35 aeryn postfix/master[26422]: daemon started -- version > 2.5.5, configuration /etc/postfix > Oct 27 07:33:50 aeryn postfix/smtpd[26557]: connect from > newserver.example.com[1.2.3.4] > Oct 27 07:33:50 aeryn postfix/smtpd[26557]: setting up TLS connection > from newserver.example.com[1.2.3.4] > Oct 27 07:33:50 aeryn postfix/smtpd[26557]: Anonymous TLS connection > established from newserver.example.com[1.2.3.4]: TLSv1 with cipher > AES128-SHA (128/128 bits) > Oct 27 07:33:50 aeryn postfix/smtpd[26557]: warning: SASL authentication > failure: Password verification failed > Oct 27 07:33:50 aeryn postfix/smtpd[26557]: warning: > newserver.example.com[1.2.3.4]: SASL PLAIN authentication failed: > authentication failure > Oct 27 07:33:50 aeryn postfix/smtpd[26557]: disconnect from > newserver.example.com[1.2.3.4] > > Yes, I'm typing my password correctly. :) > > Connecting to my old server with the same MUA and same userid/password > works fine. Both servers have the same postconf -n, which leads me to > believe that Something has Changed; either a postfix behavior or > something with my TLS, but I have not been able to find the right clue to > look in the right area. > > Here is my postconf -n output: > > --------------------------------8<--------------------------------8<------- > # postconf -n > alias_database = hash:/etc/aliases, hash:/home/mailman/data/aliases > alias_maps = hash:/etc/aliases, hash:/home/mailman/data/aliases > bounce_queue_lifetime = 3d > broken_sasl_auth_clients = yes > command_directory = /usr/sbin > config_directory = /etc/postfix > daemon_directory = /usr/libexec/postfix > data_directory = /var/lib/postfix > debug_peer_level = 2 > default_privs = nobody > delay_warning_time = 16h > html_directory = no > inet_interfaces = all > mail_owner = postfix > mail_spool_directory = /var/mail > mailbox_command = /usr/bin/procmail -Y -a $DOMAIN > mailbox_size_limit = 850200000 > mailq_path = /usr/bin/mailq > manpage_directory = /usr/local/man > maximal_queue_lifetime = 3d > message_size_limit = 21000000 > mydestination = $myhostname, localhost.$mydomain $mydomain, > mail.$mydomain, www.$mydomain, ftp.$mydomain > mydomain = example.com > myhostname = mail.example.com > mynetworks = 1.2.3.4/32, 1.2.3.5/32, 1.2.3.6/32, 127.0.0.1/32, 1.2.2.1/32 > mynetworks_style = host > myorigin = $mydomain > newaliases_path = /usr/bin/newaliases > owner_request_special = no > queue_directory = /var/spool/postfix > readme_directory = no > sample_directory = /etc/postfix > sendmail_path = /usr/sbin/sendmail > setgid_group = postdrop > smtpd_banner = $myhostname ESMTP $mail_name [Linux] > smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated > reject_unauth_destination > smtpd_sasl_auth_enable = yes > smtpd_sasl_security_options = noanonymous > smtpd_tls_CAfile = /etc/postfix/certs/ca2.pem > smtpd_tls_CApath = /etc/postfix/certs > smtpd_tls_auth_only = yes > smtpd_tls_cert_file = /etc/postfix/certs/server.pem > smtpd_tls_key_file = $smtpd_tls_cert_file > smtpd_tls_loglevel = 1 > smtpd_tls_received_header = yes > smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache > smtpd_tls_session_cache_timeout = 3600s > smtpd_use_tls = yes > tls_random_source = dev:/dev/urandom > unknown_local_recipient_reject_code = 550 > virtual_alias_maps = hash:/etc/postfix/virtual > --------------------------------8<--------------------------------8<----- > /etc/default/saslauthd: > > START=yes > DESC="SASL Authentication Daemon" > NAME="saslauthd" > MECHANISMS="shadow" > MECH_OPTIONS="" > THREADS=5 > OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd" > > /etc/postfix/master.cf: > > # > ========================================================================== > # service type private unpriv chroot wakeup maxproc command + args > # (yes) (yes) (yes) (never) (100) > # > ========================================================================== > smtp inet n - n - - smtpd
You are not running postfix chrooted, but your saslauthd settings ($OPTIONS) reflect a chroot setup. Remove "-m /var/spool/postfix/var/run/saslauthd" from OPTIONS, restart saslauthd and try again. [EMAIL PROTECTED] > 825 inet n - n - - smtpd > 587 inet n - n - - smtpd > #submission inet n - n - - smtpd > # -o smtpd_enforce_tls=yes > # -o smtpd_sasl_auth_enable=yes > # -o smtpd_client_restrictions=permit_sasl_authenticated,reject > #smtps inet n - n - - smtpd > # -o smtpd_tls_wrappermode=yes > # -o smtpd_sasl_auth_enable=yes > # -o smtpd_client_restrictions=permit_sasl_authenticated,reject > #628 inet n - n - - qmqpd > pickup fifo n - n 60 1 pickup > cleanup unix n - n - 0 cleanup > qmgr fifo n - n 300 1 qmgr > #qmgr fifo n - n 300 1 oqmgr > tlsmgr unix - - n 1000? 1 tlsmgr > rewrite unix - - n - - trivial-rewrite > bounce unix - - n - 0 bounce > defer unix - - n - 0 bounce > trace unix - - n - 0 bounce > verify unix - - n - 1 verify > flush unix n - n 1000? 0 flush > proxymap unix - - n - - proxymap > smtp unix - - n - - smtp > # When relaying mail as backup MX, disable fallback_relay to avoid MX > loops > relay unix - - n - - smtp > -o fallback_relay= > # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 > showq unix n - n - - showq > error unix - - n - - error > retry unix - - n - - error > discard unix - - n - - discard > local unix - n n - - local > virtual unix - n n - - virtual > lmtp unix - - n - - lmtp > anvil unix - - n - 1 anvil > scache unix - - n - 1 scache > > proxywrite unix - - n - 1 proxymap > tmail unix - n n - - pipe > flags=DR eol=\r\n user=nobody argv=/usr/sbin/tmail ${user} > > /etc/postfix/sasl2/smtpd.conf: > > log_level: 3 > mech_list: PLAIN LOGIN > pwcheck_method: saslauthd > # gretchen under mandrake: > #saslauthd_path: /var/lib/sasl2/mux > # ubuntu 6.06: > saslauthd_path: /var/run/saslauthd/mux > > Am I leaving anything out? Any bit of enlightenment would be most > appreciated! > > /vjl/ > > -- > Vince J. LaMonica Knowledge is knowing a street is one way. > [EMAIL PROTECTED] <*> Wisdom is still looking in both directions. > > Donate today, please: http://www.cancer.org/ -- The Book of Postfix <http://www.postfix-book.com> saslfinger (debugging SMTP AUTH): <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>