On Mon, 27 Oct 2008, Patrick Ben Koetter wrote: [i wrote:] } > /etc/default/saslauthd: } > } > START=yes } > DESC="SASL Authentication Daemon" } > NAME="saslauthd" } > MECHANISMS="shadow" } > MECH_OPTIONS="" } > THREADS=5 } > OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"
} You are not running postfix chrooted, but your saslauthd settings ($OPTIONS) } reflect a chroot setup. Remove "-m /var/spool/postfix/var/run/saslauthd" from } OPTIONS, restart saslauthd and try again. Thanks, Patrick. I forgot that I had listed saslauthd in chroot; my original setting [which does not work either] was: OPTIONS="-c -m /var/run/saslauthd" Note that in my older server, I did not have an OPTIONS entry. But apparently it is required: # Other options (default: -c -m /var/run/saslauthd) # Note: You MUST specify the -m option or saslauthd won't run! # # See /usr/share/doc/sasl2-bin/README.Debian for Debian-specific information. # See the saslauthd man page for general information about these options. # # Example for postfix users: "-c -m /var/spool/postfix/var/run/saslauthd" Sadly, there is no README.Debian for me to look at. :( When using: OPTIONS="-c -m /var/run/saslauthd" the error I am seeing in the logs is: Oct 27 12:57:41 aeryn postfix/smtpd[19668]: setting up TLS connection from remotemachine.example.com[1.2.3.4] Oct 27 12:57:41 aeryn postfix/smtpd[19668]: Anonymous TLS connection established from remotemachine.example.com[1.2.3.4]: TLSv1 with cipher AES128-SHA (128/128 bits) Oct 27 12:57:41 aeryn postfix/smtpd[19668]: warning: SASL authentication failure: no secret in database Oct 27 12:57:41 aeryn postfix/smtpd[19668]: warning: remotemachine.example.com[1.2.3.4]: SASL NTLM authentication failed: authentication failure Oct 27 12:57:41 aeryn postfix/smtpd[19668]: disconnect from remotemachine.example.com[1.2.3.4] Removing OPTIONS all together or just keeping -c gives me a complain that saslauthd can not be started. Should I really be running it with no options? I can adjust my /etc/init.d/saslauthd script, though it is the same as it was on my older Ubuntu server. TIA once again, /vjl/
