subject:"saslfinger output, was Re\: postfix hangs when SASL enabled"

Re: saslfinger output, was Re: postfix hangs when SASL enabled

2008-10-14 Thread Travis

On Sat, Oct 11, 2008 at 03:36:01PM +0400, Nikita Kipriyanov wrote:
 Travis wrote:
 There are wrong permissions on saslauthd socket. From 
 http://www.postfix.org/SASL_README.html :
 
 IMPORTANT: saslauthd usually establishes a UNIX domain socket in 
 /var/run/saslauthd and waits for authentication requests. The Postfix 
 SMTP server must have read+execute permission to this directory or 
 authentication attempts will fail.

That fixed it.

I of course never set up the chrooted environment, the defaults for
Debian Linux 4.0 are wrong.

chmod a+rX /var/spool/postfix/var{,/run,/run/saslauthd} fixed it.

-- 
Crypto ergo sum.  http://www.subspacefield.org/~travis/
Truth does not fear scrutiny or competition, only lies do.
If you are a spammer, please email [EMAIL PROTECTED] to get blacklisted.

Re: saslfinger output, was Re: postfix hangs when SASL enabled

2008-10-11 Thread Nikita Kipriyanov


Travis wrote:

What's the meaning of:

Oct 10 22:40:55 lexus postfix/smtpd[13983]: warning: SASL authentication 
failure: cannot connect to saslauthd server: Permission denied
  
There are wrong permissions on saslauthd socket. From 
http://www.postfix.org/SASL_README.html :


IMPORTANT: saslauthd usually establishes a UNIX domain socket in 
/var/run/saslauthd and waits for authentication requests. The Postfix 
SMTP server must have read+execute permission to this directory or 
authentication attempts will fail.

Re: saslfinger output, was Re: postfix hangs when SASL enabled

2008-10-11 Thread mouss

Travis a écrit :
 On Fri, Oct 10, 2008 at 03:43:09PM -0500, Travis wrote:
   
 Closer... now Thunderbird prompts for my password over and over, but I've
 set it properly.
 

 What's the meaning of:

 Oct 10 22:40:55 lexus postfix/smtpd[13983]: warning: SASL authentication 
 failure: cannot connect to saslauthd server: Permission denied

   

It means exactly what it says. smtpd can't access saslauthd socket. 
This socket is probably in
/var/run/saslauthd if smtpd is not chrooted, and
/var/spool/postfix/var/run/saslauthd if smtpd is chrooted.

Once you find it, check ownership and permissions of that file as well
as those of its parent directories.

PS. next time, please use google before asking.

Re: saslfinger output, was Re: postfix hangs when SASL enabled

2008-10-11 Thread Patrick Ben Koetter

* Travis [EMAIL PROTECTED]:
 On Fri, Oct 10, 2008 at 03:43:09PM -0500, Travis wrote:
  Closer... now Thunderbird prompts for my password over and over, but I've
  set it properly.
 
 What's the meaning of:
 
 Oct 10 22:40:55 lexus postfix/smtpd[13983]: warning: SASL authentication 
 failure: cannot connect to saslauthd server: Permission denied

It probably means that the user postfix is not in the group sasl. If that's
the case it probably also means you should read the SASL Postfix documentation
that comes with your distribution. There are more traps when you run a Debian
based system e.g. chroot issues.

[EMAIL PROTECTED]

-- 
The Book of Postfix
http://www.postfix-book.com
saslfinger (debugging SMTP AUTH):
http://postfix.state-of-mind.de/patrick.koetter/saslfinger/

Re: saslfinger output, was Re: postfix hangs when SASL enabled

2008-10-10 Thread Travis

On Tue, Oct 07, 2008 at 11:32:50PM +0200, mouss wrote:
 Travis wrote:
 [snip]
 -- basics --
 Postfix: 2.3.8
 System: Debian GNU/Linux 4.0 \n \l
 [snip]
 
 -- listing of /usr/lib/sasl2 --
 total 116
 drwxr-xr-x  2 root root  4096 Oct  7 22:47 .
 drwxr-xr-x 60 root root 20480 Sep 28 02:03 ..
 -rw-r--r--  1 root root 21726 Dec 13  2006 libsasldb.a
 -rw-r--r--  1 root root   856 Dec 13  2006 libsasldb.la
 -rw-r--r--  1 root root 17980 Dec 13  2006 libsasldb.so
 -rw-r--r--  1 root root 17980 Dec 13  2006 libsasldb.so.2
 -rw-r--r--  1 root root 17980 Dec 13  2006 libsasldb.so.2.0.22
 -rw-rw  1 root root49 Oct  7 22:47 smtpd.conf
 
 
 # apt-get install libsasl2-modules
 
 [snip]

Closer... now Thunderbird prompts for my password over and over, but I've
set it properly.
-- 
Crypto ergo sum.  http://www.subspacefield.org/~travis/
Truth does not fear scrutiny or competition, only lies do.
If you are a spammer, please email [EMAIL PROTECTED] to get blacklisted.

saslfinger output, was Re: postfix hangs when SASL enabled

2008-10-07 Thread Travis

 postconf -n when trying to use SASL

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
home_mailbox = Maildir/
inet_interfaces = all
mailbox_command = /usr/bin/procmail -t -a $EXTENSION -a $USER -a $DOMAIN 
-a $LOCAL
mailbox_size_limit = 0
mydestination = $myhostname, localhost.$mydomain, localhost,
$mydomain, mail.$mydomain, www.$mydomain, ftp.$mydomain, mx.$mydomain,  
  ntp.$mydomain, ping.$mydomain, smtp.$mydomain, ssh.$mydomain, 
   time.$mydomain, timehost.$mydomain, vpn.$mydomain, web.$mydomain,
 lists.$mydomain
myhostname = lexus.bitrot.info
mynetworks = 172.16.0.0/12, 127.0.0.0/8, 83.149.117.8/32
myorigin = $mydomain
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_client_restrictions = permit_mynetworks,reject_unauth_pipelining, 
   check_client_access hash:/etc/postfix/whitelist_client,
reject_unknown_reverse_client_hostname,permit
smtpd_helo_required = yes
smtpd_recipient_restrictions = reject_unknown_recipient_domain,
permit_mynetworks,permit_sasl_authenticated,
reject_unauth_destination,permit
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = no
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = smtpd
smtpd_sender_restrictions = permit_mynetworks,
permit_sasl_authenticated,check_sender_access 
hash:/etc/postfix/whitelist_sender,reject_non_fqdn_sender,
reject_unknown_sender_domain,permit
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes
unknown_local_recipient_reject_code = 550
virtual_alias_domains = hash:/etc/postfix/virtual_alias_domains
virtual_alias_maps = hash:/etc/postfix/virtual_alias_maps


 saslfinger -s when trying to use SASL

saslfinger - postfix Cyrus sasl configuration Tue Oct  7 23:25:23 CEST 2008
version: 1.0.2
mode: server-side SMTP AUTH

-- basics --
Postfix: 2.3.8
System: Debian GNU/Linux 4.0 \n \l

-- smtpd is linked to --
libsasl2.so.2 = /usr/lib/libsasl2.so.2 (0xb7dbb000)

-- active SMTP AUTH and TLS parameters for smtpd --
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = smtpd
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes


-- listing of /usr/lib/sasl2 --
total 116
drwxr-xr-x  2 root root  4096 Oct  7 22:47 .
drwxr-xr-x 60 root root 20480 Sep 28 02:03 ..
-rw-r--r--  1 root root 21726 Dec 13  2006 libsasldb.a
-rw-r--r--  1 root root   856 Dec 13  2006 libsasldb.la
-rw-r--r--  1 root root 17980 Dec 13  2006 libsasldb.so
-rw-r--r--  1 root root 17980 Dec 13  2006 libsasldb.so.2
-rw-r--r--  1 root root 17980 Dec 13  2006 libsasldb.so.2.0.22
-rw-rw  1 root root49 Oct  7 22:47 smtpd.conf

-- listing of /usr/local/lib/sasl2 --
total 116
drwxr-xr-x  2 root root  4096 Oct  7 22:47 .
drwxr-xr-x 60 root root 20480 Sep 28 02:03 ..
-rw-r--r--  1 root root 21726 Dec 13  2006 libsasldb.a
-rw-r--r--  1 root root   856 Dec 13  2006 libsasldb.la
-rw-r--r--  1 root root 17980 Dec 13  2006 libsasldb.so
-rw-r--r--  1 root root 17980 Dec 13  2006 libsasldb.so.2
-rw-r--r--  1 root root 17980 Dec 13  2006 libsasldb.so.2.0.22
-rw-rw  1 root root49 Oct  7 22:47 smtpd.conf




-- content of /usr/lib/sasl2/smtpd.conf --
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN

-- content of /usr/local/lib/sasl2/smtpd.conf --
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN

-- content of /etc/postfix/sasl/smtpd.conf --
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN


-- active services in /etc/postfix/master.cf --
# service type  private unpriv  chroot  wakeup  maxproc command + args
#   (yes)   (yes)   (yes)   (never) (100)
smtp  inet  n   -   -   -   -   smtpd
pickupfifo  n   -   -   60  1   pickup
cleanup   unix  n   -   -   -   0   cleanup
qmgr  fifo  n   -   n   300 1   qmgr
tlsmgrunix  -   -   -   1000?   1   tlsmgr
rewrite   unix  -   -   -   -   -   trivial-rewrite
bounceunix  -   -   -   -   0   bounce
defer unix  -   -   -   -   0   bounce
trace unix  -   -   -   -   0   bounce
verifyunix  -   -   -   -   1   verify
flush unix  n   -   -   1000?   0   flush
proxymap  unix  -   -   n   -   -   proxymap
smtp  unix  -   -   -   -   -   smtp
relay unix  -   -   -   -   -   smtp
-o fallback_relay=
showq unix  n   -   -   -   -   showq
error unix  -

Re: saslfinger output, was Re: postfix hangs when SASL enabled

Re: saslfinger output, was Re: postfix hangs when SASL enabled

Re: saslfinger output, was Re: postfix hangs when SASL enabled

Re: saslfinger output, was Re: postfix hangs when SASL enabled

Re: saslfinger output, was Re: postfix hangs when SASL enabled

saslfinger output, was Re: postfix hangs when SASL enabled

6 matches

Site Navigation

Mail list logo

Footer information