On 02.06.22 08:38, raf wrote:
>No. Perhaps in the past, but no longer. I grepped for
>/etc/postfix/sasl in every file on a debian11 system
>and it didn't appear in libsasl2 or anywhere
>interesting.
On Thu, Jun 02, 2022 at 03:45:01PM +0200, Matus UHLAR - fantomas wrote:
maybe it uses e.g. path like:
$config_directory/sasl/$smtpd_sasl_path
On 02.06.22 15:21, Viktor Dukhovni wrote:
That could happen in main.cf (or a master.cf override), via:
cyrus_sasl_config_path = $config_directory/sasl/$smtpd_sasl_path
and is most unlikely otherwise.
250-AUTH DIGEST-MD5 NTLM CRAM-MD5 PLAIN LOGIN
I have tested it now on debian 11 according to:
https://wiki.debian.org/PostfixAndSASL#Implementation_using_Cyrus_SASL
version without changing postfix options
and I was able to set up sasl authentication.
Can you show evidence that:
* No component of /etc/postfix/sasl/smtpd.conf is a symlink
% ls -ld /etc /etc/postfix /etc/postfix/sasl /etc/postfix/sasl/smtpd.conf
drwxr-xr-x 142 root root 12288 Jun 2 15:08 /etc/
drwxr-xr-x 5 root root 4096 Jun 2 15:00 /etc/postfix/
drwxr-xr-x 2 root root 4096 Jun 2 15:35 /etc/postfix/sasl/
-rw-r--r-- 1 root root 26 Jun 2 15:35 /etc/postfix/sasl/smtpd.conf
* There are no symlinks from /etc/sasl2 ors similar into /etc/postfix/sasl
% ls -ld /etc/sasl2
ls: cannot access '/etc/sasl2': No such file or directory
* cyrus_sasl_config_path is not set
% postconf cyrus_sasl_config_path
cyrus_sasl_config_path =
% postconf -d cyrus_sasl_config_path
cyrus_sasl_config_path =
* The /etc/postfix/sasl/smtpd.conf configuration is actually used,
e.g. by tweaking the mechanism list to either include or exclude
"LOGIN" and that this is reflected in the list of offered AUTH
mechanisms in response to EHLO.
I tried this before, auth did not work without "pwcheck_method", did without
"mech_list"
/etc/postfix/sasl/smtpd.conf
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
What happens when you remove "LOGIN" from this setting?
without mech_list line I get:
250-AUTH DIGEST-MD5 NTLM CRAM-MD5 PLAIN LOGIN
with the above in mech_list I get:
250-AUTH PLAIN LOGIN
postfix restart affects what I see, saslauth restart does not.
Also can you "apt-get source postfix", and post a link to the tarball?
this will unpack the tarball in local directory.
I use standard debian packages, there's SASL related patch but it doesn't
seem to affect this issue
https://sources.debian.org/patches/postfix/3.5.6-1/
https://sources.debian.org/patches/postfix/3.5.6-1/07_sasl_config.diff/
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
10 GOTO 10 : REM (C) Bill Gates 1998, All Rights Reserved!