-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I'm having troubles to upgrade from SASL1 to SASL2 on my unstable Debian box. After upgrade SASL authorization stoped working, it is more than month or so, now I really need it working again.
main.cf: smtpd_use_tls = yes smtpd_tls_key_file = /etc/ssl/certs/smtp.pem smtpd_tls_cert_file = /etc/ssl/certs/smtp.pem smtpd_tls_loglevel = 0 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = semik broken_sasl_auth_clients = yes master.cf: smtp inet n - n - - smtpd -v sasl/smtpd.conf: pwcheck_method: saslauthd saslauthd_path: /var/run/saslauthd/mux /etc/defaults/saslauthd: # This needs to be uncommented before saslauthd will be run automatically START=yes # You must specify the authentication mechanisms you wish to use. # This defaults to "pam" for PAM support, but may also include # "shadow" or "sasldb", like this: # MECHANISMS="pam shadow" MECHANISMS="pam" /etc/pam.d/smtpd: auth required pam_unix.so [debug=1] account required pam_unix.so [debug=1] password required pam_unix.so session required pam_unix.so [debug=1] In maillog is: postfix/smtpd[9262]: < semik.cesnet.cz[195.113.134.138]: AUTH LOGIN postfix/smtpd[9262]: smtpd_sasl_authenticate: sasl_method LOGIN postfix/smtpd[9262]: smtpd_sasl_authenticate: uncoded challenge: Username: postfix/smtpd[9262]: > semik.cesnet.cz[195.113.134.138]: 334 VXNlcm5hbWU6 postfix/smtpd[9262]: < semik.cesnet.cz[195.113.134.138]: c2VtaWs= postfix/smtpd[9262]: smtpd_sasl_authenticate: decoded response: semik postfix/smtpd[9262]: smtpd_sasl_authenticate: uncoded challenge: Password: postfix/smtpd[9262]: > semik.cesnet.cz[195.113.134.138]: 334 XXX postfix/smtpd[9262]: < semik.cesnet.cz[195.113.134.138]: XXX= postfix/smtpd[9262]: smtpd_sasl_authenticate: decoded response: XXX postfix/smtpd[9262]: SASL LOGIN authentication failed postfix/smtpd[9262]: > semik.cesnet.cz[195.113.134.138]: 535 Error: authentication failed postfix/smtpd[9262]: watchdog_pat: 0x80733d0 postfix/smtpd[9262]: < semik.cesnet.cz[195.113.134.138]: QUIT postfix/smtpd[9262]: > semik.cesnet.cz[195.113.134.138]: 221 Bye smtp(pam_unix)[8007]: check pass; user unknown smtp(pam_unix)[8007]: authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= saslauthd[8007]: DEBUG: auth_pam: pam_authenticate failed: Authentication service cannot retrieve authentication info. saslauthd[8007]: AUTHFAIL: user=semik@semik service=smtp realm=semik [PAM auth error] It looks like, that pam for some strange reason did not receive user name. I tried to run smtp as root, but it don't help so problem is not in permissions. - -------------------------------------------------------------- Jan Tomasek aka Semik work: CESNET, z.s.p.o. http://www.tomasek.cz/ Zikova 4, 160 00 Praha 6 Czech Republic phone(work): +420 2 2435 5279 http://www.cesnet.cz/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: pgpenvelope 2.10.2 - http://pgpenvelope.sourceforge.net/ iD8DBQE92LfU79++DGvj6tMRAs6KAKCMD9N8McvKAx/gyJyfAGvSRLin/gCdHaR+ 67e+/aMroPLqVfG/OJBIbjw= =Iy8N -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
