On Mon, 27 Oct 2008, Patrick Ben Koetter wrote:

[i wrote:]
} > /etc/default/saslauthd:
} >
} > START=yes
} > DESC="SASL Authentication Daemon"
} > NAME="saslauthd"
} > MECHANISMS="shadow"
} > MECH_OPTIONS=""
} > THREADS=5
} > OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"

} You are not running postfix chrooted, but your saslauthd settings ($OPTIONS)
} reflect a chroot setup. Remove "-m /var/spool/postfix/var/run/saslauthd" from
} OPTIONS, restart saslauthd and try again.

Thanks, Patrick. I forgot that I had listed saslauthd in chroot; my 
original setting [which does not work either] was:

OPTIONS="-c -m /var/run/saslauthd"

Note that in my older server, I did not have an OPTIONS entry. But 
apparently it is required:

# Other options (default: -c -m /var/run/saslauthd)
# Note: You MUST specify the -m option or saslauthd won't run!
#
# See /usr/share/doc/sasl2-bin/README.Debian for Debian-specific 
information.
# See the saslauthd man page for general information about these options.
#
# Example for postfix users: "-c -m /var/spool/postfix/var/run/saslauthd"

Sadly, there is no README.Debian for me to look at. :( 

When using:

OPTIONS="-c -m /var/run/saslauthd"

the error I am seeing in the logs is:

Oct 27 12:57:41 aeryn postfix/smtpd[19668]: setting up TLS connection from 
remotemachine.example.com[1.2.3.4]
Oct 27 12:57:41 aeryn postfix/smtpd[19668]: Anonymous TLS connection 
established from remotemachine.example.com[1.2.3.4]: 
TLSv1 with cipher AES128-SHA (128/128 bits)
Oct 27 12:57:41 aeryn postfix/smtpd[19668]: warning: SASL authentication 
failure: no secret in database
Oct 27 12:57:41 aeryn postfix/smtpd[19668]: warning: 
remotemachine.example.com[1.2.3.4]: SASL NTLM 
authentication failed: authentication failure
Oct 27 12:57:41 aeryn postfix/smtpd[19668]: disconnect from  
remotemachine.example.com[1.2.3.4]

Removing OPTIONS all together or just keeping -c gives me a complain that 
saslauthd can not be started. Should I really be running it with no 
options? I can adjust my /etc/init.d/saslauthd script, though it is the 
same as it was on my older Ubuntu server.

TIA once again,

/vjl/

Reply via email to