Re: Postfix+TLS+SASL
Hello Martin, I am using almost the same setup, but with sasl version 1 (I selected only sasl1 and ssl/tls support in the postfix port). My /usr/local/etc/postfix/saslpasswd file looks like this (you need to create a .db file with `postmap') domain name of mail server or ip-adressuser name:password My main.cf is as follows --- main.cf --- inet_interfaces = localhost relayhost = your mail relay myorigin= $mydomain mydestination = localhost localhost.my.domain hostname hostname.my.domain virtual_maps = hash:/usr/local/etc/postfix/virtual alias_maps = hash:/etc/mail/aliases alias_database = hash:/etc/mail/aliases sender_canonical_maps = hash:/usr/local/etc/postfix/sender_canonical readme_directory = no append_at_myorigin=yes append_dot_mydomain=yes sample_directory = /usr/local/etc/postfix sendmail_path = /usr/local/sbin/sendmail command_directory = /usr/local/sbin manpage_directory = /usr/local/man daemon_directory = /usr/local/libexec/postfix newaliases_path = /usr/local/bin/newaliases mailq_path = /usr/local/bin/mailq queue_directory = /var/spool/postfix setgid_group = maildrop mail_owner = postfix unknown_local_recipient_reject_code = 450 #SMTP Auth smtp_sasl_auth_enable = no smtp_sasl_security_options = smtp_sasl_password_maps = hash:/usr/local/etc/postfix/saslpasswd smtp_tls_note_starttls_offer = yes smtp_tls_loglevel = 0 -- There's no need to run a sasld daemon (check /usr/local/etc/rc.d whether the port installed a start-up script there). Simon signature.asc Description: Digital signature
Re: Postfix+TLS+SASL
Hello Simon, I am using SASL2, because my OpenLDAP required it :). Postfix is not from ports, it is compiled with TLS patch.. SASLAUTHD is running (.sh script in /usr/local/etc/rc.d/) cheers, M. On Tuesday 27 January 2004 12:02, Simon Barner wrote: Hello Martin, I am using almost the same setup, but with sasl version 1 (I selected only sasl1 and ssl/tls support in the postfix port). -- : :. kind regards :.. Martin Hudec :.: :.: =w= http://www.aeternal.net :.: =m= +421.907.303393 :.: [EMAIL PROTECTED] [EMAIL PROTECTED] :.: :.: When you want something, all the universe :.: conspires in helping you to achieve it. :.: - The Alchemist (Paulo Coelho) ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Postfix+TLS+SASL
Hello all, I have postfix with tls and sasl2. I am trying to use KMail with TLS + DIGEST-MD5 authentication set to send emails using localhost as mailserver. I did set: saslpasswd2 -a postfix -u aeternal.net -c corwin it created sasldb2.db but it shows in logfile following: Jan 26 14:40:02 amber saslpasswd2: setpass succeeded for corwin Jan 26 14:40:02 amber saslpasswd2: Couldn't update db but sasldblistusers2 shows following: [EMAIL PROTECTED]: userPassword That is my first question: why I see that Couldn't update db in logfile? Second one is why I can't send emails using KMail with TLS+DIGEST-MD5.. Messages in logfile are: Jan 26 14:52:23 amber postfix/smtpd[16912]: connect from localhost[127.0.0.1] Jan 26 14:52:23 amber postfix/smtpd[16912]: setting up TLS connection from localhost[127.0.0.1] Jan 26 14:52:24 amber postfix/smtpd[16912]: TLS connection established from localhost[127.0.0.1]: TLSv1 with cipher RC4-MD5 (128/128 bits) Jan 26 14:52:24 amber postfix/smtpd[16912]: warning: SASL authentication failure: no user in db Jan 26 14:52:24 amber postfix/smtpd[16912]: warning: SASL authentication failure: client response doesn't match what we generated Jan 26 14:52:24 amber postfix/smtpd[16912]: warning: localhost[127.0.0.1]: SASL DIGEST-MD5 authentication failed Jan 26 14:52:25 amber postfix/smtpd[16912]: disconnect from localhost[127.0.0.1] Please kindly help me on this one..thank you /usr/local/lib/sasl2/smtpd.conf has: pwcheck_method:saslauthd /etc/postfix/main.cf has: # sasl config broken_sasl_auth_clients = yes smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = aeternal.net smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination # tls config smtp_use_tls = yes smtpd_use_tls = yes smtp_tls_note_startssl_offer = yes smtpd_tls_key_file = /etc/postfix/ssl/smtpd.pem smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.pem smtpd_tls_CA_file = /etc/postfix/ssl/smtpd.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom -- : :. kind regards :.. Martin Hudec :.: :.: =w= http://www.aeternal.net :.: =m= +421.907.303393 :.: [EMAIL PROTECTED] [EMAIL PROTECTED] :.: :.: When you want something, all the universe :.: conspires in helping you to achieve it. :.: - The Alchemist (Paulo Coelho) ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]