I just ran saslauthd with -d. I can see the auth requests if u run "/usr/sbin/testsaslauthd -u admin -p xxxx -s smtp -f /var/run/saslauthd/mux" as postfix user. But i DO NOT see any auth requests if I connect with my thunderbird client.
So i guess postfix somehow can`t or won't connect to my saslauthd for some reason. I am not using chroot now. I guess (debian) postfix reads /etc/postfix/sasl/smtpd.conf: saslauthd_path: /var/run/saslauthd/mux pwcheck_method: saslauthd mech_list: PLAIN log_level: 3 and then tries to connect via unix socket to saslauthd_path: /var/run/saslauthd/mux ? Since saslauthd does not show any auth requests there must be something wrong with my unix socket and its permissions, right? >> warning: SASL authentication problem: unknown password verifier >> warning: unknown[192.168.10.30]: SASL LOGIN authentication failed: >> no mechanism available > > When posting logs here, do not trim. That should have been preceded > by a "$DATE postfix/smtpd[$PID]". If it was NOT smtpd, read no > further. Also, the entire logging related to this connection might > have been useful. Sorry. Yes it was smtpd. > > Why are you using LOGIN authentication? PLAIN is the standard. Ok, i changed it to plain now: smtpd: SASL PLAIN authentication failed: no mechanism available > >> Basically i followed the howto from >> http://wiki.debian.org/PostfixAndSASLb > > See also the Cyrus SASL portions of the Postfix SASL_README. To be > precise, you should only view third party HOWTO documents as an > addition to the Postfix documentation. I did also have a look at SASL_README, however if you use Debian you also need to read their Documentation, too. > > You'll also need to see your distributor's documentation of their > non-standard Cyrus SASL package. Specifically they use non-standard > paths. > >> Saslauthd seems to work: >> /usr/sbin/testsaslauthd -u admin -p xxxx >> 0: OK "Success." > > I think you'll need to specify "-s smtpd" to ensure you're testing > your smtpd.conf file. No manual entry for testsaslauthd here, > unfortunately. This actually works too (non chroot here): su - postfix /usr/sbin/testsaslauthd -u admin -p xxxx -s smtp -f /var/run/saslauthd/mux 0: OK "Success." > >> ~# postconf -n I removed the obsolete lines. I will have a closer look at the virutal and transport stuff later since i am stuck with sasl smtpd now. >> cat /etc/postfix/sasl/smtpd.conf >> pwcheck_method: saslauthd >> mech_list: PLAIN LOGIN >> >> >> ~# grep ^smtp /etc/postfix/master.cf >> smtp inet n - - - - smtpd >> smtp unix - - - - - smt > > Take it out of the chroot if you do not know how to maintain the > chroot. This is an ongoing issue with Debian. You probably do not > need chroot anyway. I also did that, still the same error. > >> What does "unknown password verifier" mean and who creates the >> error and why? > > It was created by the daemon process whose name you snipped from the > log line above. It looks like your Cyrus SASL does not support LOGIN > mechanism. The answer to that might be found in the distributor's > Cyrus SASL documentation. > >> How can i verify if postfix smtpd and sasl are set up with the >> correct permissions, links and chroot? > > If by "links" you mean symbolic links, those don't work in a chroot > environment unless they are relative to the chroot (links pointing > within the chroot.) The Postfix DEBUG_README covers how to take it > out of chroot, and chroot examples are provided with the source code > package. Thanks, Mario
