On Thu, Jun 02, 2022 at 03:45:01PM +0200, Matus UHLAR - fantomas wrote:
> On 02.06.22 08:38, raf wrote:
> >No. Perhaps in the past, but no longer. I grepped for
> >/etc/postfix/sasl in every file on a debian11 system
> >and it didn't appear in libsasl2 or anywhere
> >interesting.
>
> maybe it uses e.g. path like:
>
> $config_directory/sasl/$smtpd_sasl_path
That could happen in main.cf (or a master.cf override), via:
cyrus_sasl_config_path = $config_directory/sasl/$smtpd_sasl_path
and is most unlikely otherwise.
> I have tested it now on debian 11 according to:
> https://wiki.debian.org/PostfixAndSASL#Implementation_using_Cyrus_SASL
>
> version without changing postfix options
> and I was able to set up sasl authentication.
Can you show evidence that:
* No component of /etc/postfix/sasl/smtpd.conf is a symlink
* There are no symlinks from /etc/sasl2 ors similar into /etc/postfix/sasl
* cyrus_sasl_config_path is not set
* The /etc/postfix/sasl/smtpd.conf configuration is actually used,
e.g. by tweaking the mechanism list to either include or exclude
"LOGIN" and that this is reflected in the list of offered AUTH
mechanisms in response to EHLO.
> /etc/postfix/sasl/smtpd.conf
>
> pwcheck_method: saslauthd
> mech_list: PLAIN LOGIN
What happens when you remove "LOGIN" from this setting?
Also can you "apt-get source postfix", and post a link to the tarball?
--
Viktor.
