On Sun Mar 03, 2002 at 12:29:52AM -0800, David Guntner wrote: > > Without seeing the list of installed cyrus-sasl packages, I can't tell > > you if you're missing any. =) But it doesn't sound like you are (the > > plugins are for various different authentication methods or > > implementations, ie. to have the digest md5 password support, you need > > libsasl7-plug-digestmd5, etc.). > > Right. Just for the record: > > $ rpm -q -a|egrep sasl > libsasl7-1.5.27-2.1mdk > libsasl7-plug-anonymous-1.5.27-2.1mdk > libsasl7-plug-digestmd5-1.5.27-2.1mdk > libsasl7-plug-plain-1.5.27-2.1mdk > libsasl7-plug-login-1.5.27-2.1mdk > cyrus-sasl-1.5.27-2.1mdk > libsasl7-plug-crammd5-1.5.27-2.1mdk
Ok, this looks fine. > > I guess the next thing is how to do you have SASL support configured in > > postfix? Can you post the pertinent part of your main.cf that > > deals with the SASL options? > > > (At the end of main.cf) > > # Other configurable parameters. > > # Turn on authentication, to allow local users to relay from non-local > # locations. > # > #smtpd_sasl_auth_enable = yes > #smtpd_delay_reject = yes > > # Set RBL lookups and reject mail coming from sources listed there. > # > maps_rbl_domains = relays.visi.com, inputs.orbz.org, > relays.ordb.org > > smtpd_recipient_restrictions = reject_unknown_client, permit_mynetworks, > reject_maps_rbl, > check_client_access hash:/etc/postfix/client_access, > check_relay_domains, permit_sasl_authenticated > > smtpd_client_restrictions = hash:/etc/postfix/access, reject_unknown_client, > reject_unauth_pipelining, reject_maps_rbl, permit_sasl_authenticated > > > Currently, those first two lines are commented out because when they aren't, > then Postfix blows up as soon as I connect and issue an EHLO with the > symptoms I originally posted. The two permit_sasl_authenticated entries > above are not currently there since the first two lines are currently > commented out, but that's where I've had them when I uncommented the first > two lines above. > > Any ideas? Hmmm... well, you can try what I had in my postfix main.cf file for testing.. and I used cram and digest passwords using Evolution as the test client. # Other configurable parameters. smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_relay_domains smtpd_sasl_security_options = noanonymous smtp_sasl_auth_enable = yes I think you might be missing a few things like the smtpd_sasl_local_domain... that sounds like it might be important to it working. However, keep in mind that I had a very quick crash-course on SASL not too long ago and still know maybe 2% of what I would need if I were to actually configure it seriously... =) -- MandrakeSoft Security; http://www.mandrakesecure.net/ "lynx -source http://www.freezer-burn.org/bios/vdanen.gpg | gpg --import" 1024D/FE6F2AFD 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD Current Linux kernel 2.4.8-34.1mdk uptime: 40 days 18 hours 56 minutes.
msg50522/pgp00000.pgp
Description: PGP signature
