Postfix SASL Authentication
FreeBSD 6.1 STABLE I have SASL and Postfix installed and for the most part they seem to work all right together. However, there is one small problem. When attempting to send a message from one of the PC's on the network, actually any PC on the network except for the one with Postfix installed on it, this error message is inserted into the maillog file. Aug 8 10:11:32 scorpio postfix/smtpd[1310]: connect from boss.seibercom.net[192.168.0.4] Aug 8 10:11:32 scorpio postfix/smtpd[1310]: warning: SASL authentication failure: no user in db Aug 8 10:11:32 scorpio postfix/smtpd[1310]: 859B9BD6C: client=boss.seibercom.net[192.168.0.4], sasl_method=LOGIN, [EMAIL PROTECTED] All of the users are authenticated. Exactly what is it referring to and how do I correct it? The mail does get relayed however, so it is not a fatal warning. -- Gerard Seibert [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix SASL Authentication
On 8/8/2006 9:20 AM, Gerard Seibert wrote: FreeBSD 6.1 STABLE I have SASL and Postfix installed and for the most part they seem to work all right together. However, there is one small problem. When attempting to send a message from one of the PC's on the network, actually any PC on the network except for the one with Postfix installed on it, this error message is inserted into the maillog file. Aug 8 10:11:32 scorpio postfix/smtpd[1310]: connect from boss.seibercom.net[192.168.0.4] Aug 8 10:11:32 scorpio postfix/smtpd[1310]: warning: SASL authentication failure: no user in db Aug 8 10:11:32 scorpio postfix/smtpd[1310]: 859B9BD6C: client=boss.seibercom.net[192.168.0.4], sasl_method=LOGIN, [EMAIL PROTECTED] All of the users are authenticated. Exactly what is it referring to and how do I correct it? The mail does get relayed however, so it is not a fatal warning. Which version of SASL? v1 or v2? The following is based on ym experience with v2, and I don't know if it applies to v1 or not. As far as the message in you log file, it's attempting to authenticate, but it's not connecting to the user database to verify the user. More than likely it's allowing you to send mail from the local server because you have Postfix configured to allow it to relay mail from localhost, and that this is allowing you to send the email even though authentication is failing. To determine which authentication methods Postfix will accept, telnet to localhost on port 25 and issue a EHLO: mail# telnet localhost 25 Trying ::1... Connected to localhost.domain.com. Escape character is '^]'. 220 mail.domain.com ESMTP Postfix EHLO localhost 250-mail.domain.com 250-PIPELINING 250-SIZE 1024 250-VRFY 250-ETRN 250-AUTH NTLM LOGIN PLAIN GSSAPI DIGEST-MD5 CRAM-MD5 250-AUTH=NTLM LOGIN PLAIN GSSAPI DIGEST-MD5 CRAM-MD5 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN In this instance, the AUTH line dictates which authentication mechanisms Postfix will accept. In this case: NTLM LOGIN PLAIN GSSAPI DIGEST-MD5 CRAM-MD5 Check your /usr/local/lib/sasl2/smtpd.conf file and make sure that you have the correct auth mechanism listed. For plain text login that's verified against your existing users, your smtpd.conf file would read as follows: pwcheck_method: saslauthd This will verify against your existing user accounts. There are other methods, such as pwcheck_method: sasldb, that will verify against SASL's own password database, which I've never used. Make sure that you have saslauthd running (which it appears you do). Issue the following: # /usr/local/sbin/testsaslauthd -u username -p password 0: OK Success. If saslauthd is operating correctly, you'll recieve the OK Success. If not, your problem is with saslauthd. If your AUTH line does not list the right AUTH mechanism, the problem is with Postfix. For instance, if you're trying to use SMTP-AUTH from a client on your network, and have pwcheck_method: saslauthd defined in your smtpd.conf file, you have to have PLAIN LOGIN appear in the AUTH line when telnetting. Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix SASL Authentication
Gerard Seibert wrote: FreeBSD 6.1 STABLE I have SASL and Postfix installed and for the most part they seem to work all right together. However, there is one small problem. When attempting to send a message from one of the PC's on the network, actually any PC on the network except for the one with Postfix installed on it, this error message is inserted into the maillog file. Aug 8 10:11:32 scorpio postfix/smtpd[1310]: connect from boss.seibercom.net[192.168.0.4] Aug 8 10:11:32 scorpio postfix/smtpd[1310]: warning: SASL authentication failure: no user in db Aug 8 10:11:32 scorpio postfix/smtpd[1310]: 859B9BD6C: client=boss.seibercom.net[192.168.0.4], sasl_method=LOGIN, [EMAIL PROTECTED] All of the users are authenticated. Exactly what is it referring to and how do I correct it? The mail does get relayed however, so it is not a fatal warning. Sasl is attempting to use sasldb2 *before* it uses /etc/passwd (or pam, as the case may be.) It's harmless in any case. What do you have in the smtpd.conf file? (/usr/local/lib/sasl2/smtpd.conf) -- Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/ smime.p7s Description: S/MIME Cryptographic Signature
Re: Postfix SASL Authentication
Paul Schmehl wrote: Sasl is attempting to use sasldb2 *before* it uses /etc/passwd (or pam, as the case may be.) It's harmless in any case. What do you have in the smtpd.conf file? (/usr/local/lib/sasl2/smtpd.conf) This is the contents: ## Global Values pwcheck_method: auxprop auxprop_plugin: sasldb log_level: 7 mech_list: PLAIN LOGIN -- Gerard Seibert [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix SASL Authentication
Greg Groth wrote: On 8/8/2006 9:20 AM, Gerard Seibert wrote: FreeBSD 6.1 STABLE I have SASL and Postfix installed and for the most part they seem to work all right together. However, there is one small problem. When attempting to send a message from one of the PC's on the network, actually any PC on the network except for the one with Postfix installed on it, this error message is inserted into the maillog file. Aug 8 10:11:32 scorpio postfix/smtpd[1310]: connect from boss.seibercom.net[192.168.0.4] Aug 8 10:11:32 scorpio postfix/smtpd[1310]: warning: SASL authentication failure: no user in db Aug 8 10:11:32 scorpio postfix/smtpd[1310]: 859B9BD6C: client=boss.seibercom.net[192.168.0.4], sasl_method=LOGIN, [EMAIL PROTECTED] All of the users are authenticated. Exactly what is it referring to and how do I correct it? The mail does get relayed however, so it is not a fatal warning. Which version of SASL? v1 or v2? The following is based on ym experience with v2, and I don't know if it applies to v1 or not. As far as the message in you log file, it's attempting to authenticate, but it's not connecting to the user database to verify the user. More than likely it's allowing you to send mail from the local server because you have Postfix configured to allow it to relay mail from localhost, and that this is allowing you to send the email even though authentication is failing. To determine which authentication methods Postfix will accept, telnet to localhost on port 25 and issue a EHLO: mail# telnet localhost 25 Trying ::1... Connected to localhost.domain.com. Escape character is '^]'. 220 mail.domain.com ESMTP Postfix EHLO localhost 250-mail.domain.com 250-PIPELINING 250-SIZE 1024 250-VRFY 250-ETRN 250-AUTH NTLM LOGIN PLAIN GSSAPI DIGEST-MD5 CRAM-MD5 250-AUTH=NTLM LOGIN PLAIN GSSAPI DIGEST-MD5 CRAM-MD5 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN In this instance, the AUTH line dictates which authentication mechanisms Postfix will accept. In this case: NTLM LOGIN PLAIN GSSAPI DIGEST-MD5 CRAM-MD5 This is the output of mine: $ telnet localhost 25 Trying ::1... telnet: connect to address ::1: Connection refused Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 scorpio.seibercom.net ESMTP Postfix (2.4-20060727) ehlo localhost 250-scorpio.seibercom.net 250-PIPELINING 250-SIZE 1024 250-VRFY 250-ETRN 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN I noticed that the first attempt is refused. Why I wonder. Check your /usr/local/lib/sasl2/smtpd.conf file and make sure that you have the correct auth mechanism listed. For plain text login that's verified against your existing users, your smtpd.conf file would read as follows: pwcheck_method: saslauthd This will verify against your existing user accounts. There are other methods, such as pwcheck_method: sasldb, that will verify against SASL's own password database, which I've never used. Make sure that you have saslauthd running (which it appears you do). Issue the following: # /usr/local/sbin/testsaslauthd -u username -p password 0: OK Success. If saslauthd is operating correctly, you'll recieve the OK Success. If not, your problem is with saslauthd. If your AUTH line does not list the right AUTH mechanism, the problem is with Postfix. For instance, if you're trying to use SMTP-AUTH from a client on your network, and have pwcheck_method: saslauthd defined in your smtpd.conf file, you have to have PLAIN LOGIN appear in the AUTH line when telnetting. This is the contents of the smtpd.conf file: ## Global Values pwcheck_method: auxprop auxprop_plugin: sasldb log_level: 7 mech_list: PLAIN LOGIN -- Gerard Seibert [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix SASL Authentication
This is the contents of the smtpd.conf file: ## Global Values pwcheck_method: auxprop auxprop_plugin: sasldb log_level: 7 mech_list: PLAIN LOGIN From postfix.org: This will use the Cyrus SASL password file (default: /etc/sasldb in version 1.5.5, or /etc/sasldb2 in version 2.1.1), which is maintained with the saslpasswd or saslpasswd2 command (part of the Cyrus SASL software). On some poorly-supported systems the saslpasswd command needs to be run multiple times before it stops complaining. The Postfix SMTP server needs read access to the sasldb file - you may have to play games with group access permissions. With the OTP authentication mechanism, the SMTP server also needs WRITE access to /etc/sasldb2 or /etc/sasldb (or the back end SQL database, if used). Have you set up the SASL password file? If not, that's why you're getting the error. If you have, what happens when you test saslauthd on it's own? # /usr/local/sbin/testsaslauthd -u username -p password It should return: status 0: OK Success. If you'd rather authenticate against the exisiting system usernames passwords, change your smtpd.conf file to the following: pwcheck_method: saslauthd and delete the rest. You might have to restart both services if you update the smtpd.conf file: # /usr/local/etc/rc.d/saslauthd restart # postfix reload Best regards, Greg Groth ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix SASL Authentication
Gerard Seibert wrote: Paul Schmehl wrote: Sasl is attempting to use sasldb2 *before* it uses /etc/passwd (or pam, as the case may be.) It's harmless in any case. What do you have in the smtpd.conf file? (/usr/local/lib/sasl2/smtpd.conf) This is the contents: ## Global Values pwcheck_method: auxprop auxprop_plugin: sasldb log_level: 7 mech_list: PLAIN LOGIN Apparently you're using the sasldb2 database for logins? If so, the sasldb2 database needs to be readable by postfix, and it has to be populated with the [EMAIL PROTECTED] that you need. Have you populated the db? You would probably be better off using saslauthd as your pwcheck_method. Then start saslauthd with the -a sasldb flag. (See man 8 saslauthd.) Auxprop is an older method that wasn't very dependable. -- Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/ smime.p7s Description: S/MIME Cryptographic Signature
Re: Postfix SASL Authentication
Paul Schmehl wrote: Apparently you're using the sasldb2 database for logins? If so, the sasldb2 database needs to be readable by postfix, and it has to be populated with the [EMAIL PROTECTED] that you need. Have you populated the db? You would probably be better off using saslauthd as your pwcheck_method. Then start saslauthd with the -a sasldb flag. (See man 8 saslauthd.) Auxprop is an older method that wasn't very dependable. Thanks, that is what I did. I had to modify the /usr/local/lib/smtpd.conf file, but that was about it. I do have one question though. The rc.d file has 'pam' listed rather than sasldb for the '-a ' flag. I changed it there although the directions said not too. Is there any reason that changing it in the rc.d file is a bad thing? I could not figure out what it meant to do otherwise. Was I suppose to create another file that would override that one? If so, what was the syntax of the file suppose to be? Anyway, it works, so that is all I am really interested in at the moment. Ciao! -- Gerard Seibert [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix SASL Authentication
On 8/9/06, Gerard Seibert [EMAIL PROTECTED] wrote: Paul Schmehl wrote: Apparently you're using the sasldb2 database for logins? If so, the sasldb2 database needs to be readable by postfix, and it has to be populated with the [EMAIL PROTECTED] that you need. Have you populated the db? You would probably be better off using saslauthd as your pwcheck_method. Then start saslauthd with the -a sasldb flag. (See man 8 saslauthd.) Auxprop is an older method that wasn't very dependable. Thanks, that is what I did. I had to modify the /usr/local/lib/smtpd.conf file, but that was about it. I do have one question though. The rc.d file has 'pam' listed rather than sasldb for the '-a ' flag. I changed it there although the directions said not too. Is there any reason that changing it in the rc.d file is a bad thing? I could not figure out what it meant to do otherwise. Was I suppose to create another file that would override that one? If so, what was the syntax of the file suppose to be? Anyway, it works, so that is all I am really interested in at the moment. try putting this in your rc.conf: saslauthd_enable=YES saslauthd_flags=-a getpwent HTH ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix SASL Authentication
--On August 8, 2006 7:40:20 PM -0400 Gerard Seibert [EMAIL PROTECTED] wrote: Paul Schmehl wrote: Apparently you're using the sasldb2 database for logins? If so, the sasldb2 database needs to be readable by postfix, and it has to be populated with the [EMAIL PROTECTED] that you need. Have you populated the db? You would probably be better off using saslauthd as your pwcheck_method. Then start saslauthd with the -a sasldb flag. (See man 8 saslauthd.) Auxprop is an older method that wasn't very dependable. Thanks, that is what I did. I had to modify the /usr/local/lib/smtpd.conf file, but that was about it. Glad to hear it. I do have one question though. The rc.d file has 'pam' listed rather than sasldb for the '-a ' flag. I changed it there although the directions said not too. Is there any reason that changing it in the rc.d file is a bad thing? Not a bad thing, but when the port gets updated, your changes will be overwritten. Instead, use /etc/rc.conf: saslauthd_enable=YES saslauthd_flags=-a sasldb I could not figure out what it meant to do otherwise. Was I suppose to create another file that would override that one? If so, what was the syntax of the file suppose to be? Anyway, it works, so that is all I am really interested in at the moment. In general, you want to put variables for startup scripts in /etc/rc.conf, rather than editing the individual startup files. The startup scripts will source the /etc/rc.conf file and get the values of those variables and use them when they run. Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/
Re: Mysql postfix SASL cyrus imap problem
As a short note - Try adding something like the following to your imapd.conf if you you want that Cyrus authenticates against your RDBMS as well ... #sasl_auxprop_plugin: sql #sasl_sql_engine: pgsql #sasl_sql_hostnames: postgresql.abyssworld.de #sasl_sql_user: haischt #sasl_sql_passwd: access4odin #sasl_sql_database: sasl2_auxprop #sasl_sql_select: SELECT %p FROM user_table WHERE username = '%u' and realm = '%r' ... and as a 2nd note - Make sure that the directory where the lmtp socket etc. should be created exists and is readable by the cyrus user account. Jason M aka Talon schrieb: Sorry if this was a double post my subscribe was not working :( Im not sure if the original mail went through. Hi All I have a problem with my cyrus imap / mysql install after 3 days on google looking around i am ripping my hair out I have tried everything i have found in the faq's / howto's but just cant seem to get it to work. Postfix works nicely and delivers to maildir etc when i use the sasldb for cyrus i have no problems users can log in auxprop has not been nice to me g. If any one has the time could they have a look at my configuration and give me a pointer on what I am doing wrong. Any help would be greatly appreciated Regards Jason M aka Talon (talonz[at]gmail.com) ### ## version information OS FreeBSD 5.3-RELEASE-p5 Postfix Version postfix 2.1.5 MySQL server version: 5.0.0-alpha Cyrus Version cyrus-imapd 2.2.10 SASL Version cyrus-sasl 2.1.20 All installed from ports ### ## /var/log/messages :: Errors when imapd is started forsaken master[60842]: process started forsaken ctl_cyrusdb[60843]: recovering cyrus databases forsaken ctl_cyrusdb[60843]: skiplist: recovered /var/imap/mailboxes.db (3 records, 584 bytes) in 0 seconds forsaken ctl_cyrusdb[60843]: skiplist: recovered /var/imap/annotations.db (0 records, 144 bytes) in 0 seconds forsaken ctl_cyrusdb[60843]: done recovering cyrus databases forsaken master[60842]: unable to create lmtpunix listener socket: No such file or directory forsaken master[60842]: ready for work forsaken ctl_cyrusdb[60844]: checkpointing cyrus databases forsaken ctl_cyrusdb[60844]: DBERROR: error listing log files: DB_NOTFOUND: No matching key/data pair found forsaken ctl_cyrusdb[60844]: DBERROR: archive /var/imap/db: cyrusdb error forsaken ctl_cyrusdb[60844]: DBERROR: error listing log files: DB_NOTFOUND: No matching key/data pair found forsaken ctl_cyrusdb[60844]: DBERROR: archive /var/imap/db: cyrusdb error forsaken ctl_cyrusdb[60844]: done checkpointing cyrus databases ### ## Login errors (after telnet localhost imap // o login test test) ## this is the bit that has me stumped forsaken imap[60846]: sql_select option missing forsaken imap[60846]: auxpropfunc error no mechanism available forsaken imap[60846]: no user in db forsaken imap[60846]: no user in db forsaken imap[60846]: badlogin: localhost [127.0.0.1] plaintext test SASL(-13): user not found: checkpass failed ### ## Start Configuration ### ## postfix main.cf queue_directory = /var/spool/postfix command_directory = /usr/local/sbin daemon_directory = /usr/local/libexec/postfix mail_owner = postfix myhostname = forsaken.unix.org.au mydomain = unix.org.au inet_interfaces = all mydestination = $myhostname, localhost.$mydomain, localhost unknown_local_recipient_reject_code = 550 relay_domains = $mydestination debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb $daemon_directory/$process_name $process_id sleep 5 sendmail_path = /usr/local/sbin/sendmail newaliases_path = /usr/local/bin/newaliases mailq_path = /usr/local/bin/mailq setgid_group = maildrop html_directory = no manpage_directory = /usr/local/man sample_directory = /usr/local/etc/postfix readme_directory = no # header/body checking header_checks = regexp:/usr/local/etc/postfix/header_checks body_checks = regexp:/usr/local/etc/postfix/body_checks # use cyrus or virtual mailbox_transport = cyrus virtual_alias_maps = mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf virtual_gid_maps = static:125 virtual_mailbox_base = /usr/local/virtual virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf virtual_mailbox_limit = 5120 virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf virtual_minimum_uid = 125 # use cyrus or
Mysql postfix SASL cyrus imap problem
Sorry if this was a double post my subscribe was not working :( Im not sure if the original mail went through. Hi All I have a problem with my cyrus imap / mysql install after 3 days on google looking around i am ripping my hair out I have tried everything i have found in the faq's / howto's but just cant seem to get it to work. Postfix works nicely and delivers to maildir etc when i use the sasldb for cyrus i have no problems users can log in auxprop has not been nice to me g. If any one has the time could they have a look at my configuration and give me a pointer on what I am doing wrong. Any help would be greatly appreciated Regards Jason M aka Talon (talonz[at]gmail.com) ### ## version information OS FreeBSD 5.3-RELEASE-p5 Postfix Version postfix 2.1.5 MySQL server version: 5.0.0-alpha Cyrus Version cyrus-imapd 2.2.10 SASL Version cyrus-sasl 2.1.20 All installed from ports ### ## /var/log/messages :: Errors when imapd is started forsaken master[60842]: process started forsaken ctl_cyrusdb[60843]: recovering cyrus databases forsaken ctl_cyrusdb[60843]: skiplist: recovered /var/imap/mailboxes.db (3 records, 584 bytes) in 0 seconds forsaken ctl_cyrusdb[60843]: skiplist: recovered /var/imap/annotations.db (0 records, 144 bytes) in 0 seconds forsaken ctl_cyrusdb[60843]: done recovering cyrus databases forsaken master[60842]: unable to create lmtpunix listener socket: No such file or directory forsaken master[60842]: ready for work forsaken ctl_cyrusdb[60844]: checkpointing cyrus databases forsaken ctl_cyrusdb[60844]: DBERROR: error listing log files: DB_NOTFOUND: No matching key/data pair found forsaken ctl_cyrusdb[60844]: DBERROR: archive /var/imap/db: cyrusdb error forsaken ctl_cyrusdb[60844]: DBERROR: error listing log files: DB_NOTFOUND: No matching key/data pair found forsaken ctl_cyrusdb[60844]: DBERROR: archive /var/imap/db: cyrusdb error forsaken ctl_cyrusdb[60844]: done checkpointing cyrus databases ### ## Login errors (after telnet localhost imap // o login test test) ## this is the bit that has me stumped forsaken imap[60846]: sql_select option missing forsaken imap[60846]: auxpropfunc error no mechanism available forsaken imap[60846]: no user in db forsaken imap[60846]: no user in db forsaken imap[60846]: badlogin: localhost [127.0.0.1] plaintext test SASL(-13): user not found: checkpass failed ### ## Start Configuration ### ## postfix main.cf queue_directory = /var/spool/postfix command_directory = /usr/local/sbin daemon_directory = /usr/local/libexec/postfix mail_owner = postfix myhostname = forsaken.unix.org.au mydomain = unix.org.au inet_interfaces = all mydestination = $myhostname, localhost.$mydomain, localhost unknown_local_recipient_reject_code = 550 relay_domains = $mydestination debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb $daemon_directory/$process_name $process_id sleep 5 sendmail_path = /usr/local/sbin/sendmail newaliases_path = /usr/local/bin/newaliases mailq_path = /usr/local/bin/mailq setgid_group = maildrop html_directory = no manpage_directory = /usr/local/man sample_directory = /usr/local/etc/postfix readme_directory = no # header/body checking header_checks = regexp:/usr/local/etc/postfix/header_checks body_checks = regexp:/usr/local/etc/postfix/body_checks # use cyrus or virtual mailbox_transport = cyrus virtual_alias_maps = mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf virtual_gid_maps = static:125 virtual_mailbox_base = /usr/local/virtual virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf virtual_mailbox_limit = 5120 virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf virtual_minimum_uid = 125 # use cyrus or virtual virtual_transport = virtual virtual_uid_maps = static:125 virtual_create_maildirsize = yes virtual_mailbox_extended = yes virtual_mailbox_limit_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf virtual_mailbox_limit_override = yes virtual_maildir_limit_message = Sorry, Account Is Suspended. (This User Has Exeeded There Quota Limit). virtual_overquota_bounce = yes # sasl settings for cyrus broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname,
Postfix + SASL issue
Hello, I seem to be having some issue with saslauthd and postfix on 5.3-R... When I try to send mail out, it fails, and puts this in /var/log/maillog: Jan 4 05:56:17 n00330 postfix/smtpd[8103]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory Jan 4 05:56:17 n00330 postfix/smtpd[8103]: warning: SASL authentication failure: Password verification failed It's weird, because it was working before, and then I tweaked something, and it broke. I've recompiled postfix and cyrus-sasl2-saslauthd, to no avail. Make a make deinstall broke something along the way? I don't even know what to suspect. I think it might be a permissions issue, since saslauthd is running -- but I can't be sure. Does this sound familiar to anyone? - ben ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix + SASL issue
Might want to send an email to the postfix list on this one... ;) -Jordan artware wrote: Hello, I seem to be having some issue with saslauthd and postfix on 5.3-R... When I try to send mail out, it fails, and puts this in /var/log/maillog: Jan 4 05:56:17 n00330 postfix/smtpd[8103]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory Jan 4 05:56:17 n00330 postfix/smtpd[8103]: warning: SASL authentication failure: Password verification failed It's weird, because it was working before, and then I tweaked something, and it broke. I've recompiled postfix and cyrus-sasl2-saslauthd, to no avail. Make a make deinstall broke something along the way? I don't even know what to suspect. I think it might be a permissions issue, since saslauthd is running -- but I can't be sure. Does this sound familiar to anyone? - ben -- Warm regards, Jordan Michaels Vivio Technologies http://www.viviotech.net/ [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix + SASL issue
On 01/03/05 04:13 PM, artware sat at the `puter and typed: Hello, I seem to be having some issue with saslauthd and postfix on 5.3-R... When I try to send mail out, it fails, and puts this in /var/log/maillog: Jan 4 05:56:17 n00330 postfix/smtpd[8103]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory Jan 4 05:56:17 n00330 postfix/smtpd[8103]: warning: SASL authentication failure: Password verification failed It's weird, because it was working before, and then I tweaked something, and it broke. I've recompiled postfix and cyrus-sasl2-saslauthd, to no avail. Make a make deinstall broke something along the way? What did you tweak? I do this ALL THE TIME, and it almost always comes back to my tweak. Ok, not almost; always. I don't even know what to suspect. I think it might be a permissions issue, since saslauthd is running -- but I can't be sure. Does this sound familiar to anyone? I'd probably start with the tweak you made. I could be wrong, but the errors you provided may also indicate that your saslauthd daemon wasn't even running, possibly because of an upgrade or config change that made it fail to (re)start. Silly mistake, I know, but I've done it more than once. Finally, check the following configs in main.cf: smtp_sasl_auth_enable = yes smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = $var_smtp_sasl_opts smtp_sasl_tls_verified_security_options = $var_smtp_sasl_tls_opts smtpd_sasl_application_name = smtpd smtp_sasl_password_maps = hash:/usr/local/etc/postfix/sasl_passwd BTW, the values there are what I have configured; these values may or may not be valid for your setup. HTH Lou -- Louis LeBlanc [EMAIL PROTECTED] Fully Funded Hobbyist, KeySlapper Extrordinaire :) http://www.keyslapper.org ԿԬ QOTD: I've just learned about his illness. Let's hope it's nothing trivial. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Postfix - Sasl - mysql
Hi ! I'm sending you this mail because you've fixed a postfix problem at the same stage that I have problems now. What ./configure parameters did you use to get Cyrus SASL2 to work with MySQL ? Mvh Svein Gullby ICT Teamleader - Technology Astrup Fearnley AS Tlf22 93 60 00Fax: 22 93 60 93 Dir: 22 93 60 75Mobil: 99164918 PB 1158, Sentrum, 0107 Oslo Besøksadresse: Grev Wedels plass 9 [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] Besøk vår web: www.fearnleys.com http://www.fearnleys.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix - Sasl - mysql
On Wednesday 10 November 2004 07:07 am, Svein Gullby wrote: Hi ! I'm sending you this mail because you've fixed a postfix problem at the same stage that I have problems now. What ./configure parameters did you use to get Cyrus SASL2 to work with MySQL ? Mvh Svein Gullby ICT Teamleader - Technology Astrup Fearnley AS The link below will lead you to many how-to's regarding various combinations of postfix and related applications: http://www.postfix.org/docs.html Best regards, Andrew Gould ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Postfix + SASL + MySQL,,What did I miss
Hi, everyone Originally, I used /usr/local/etc/sasldb2 to store accounts/passwords(plain text) data, and used Mozilla Thunderbird as my MUA. I can pass the SASL authentication(both smtp and imap) successfully. After that, I wanted to use MySQL to store accounts/passwords(plain text), but I got fail of SASL authentication. I am using FreeBSD 5.2 release, and have complete installed these softwares from port: cyrus-imapd-2.2.6 cyrus-sasl-2.1.19 cyrus-sasl-saslauthd-2.1.19 postfix-2.1.4,1 (build with MySQL) I follow these instructions to set up smtpd.conf http://lists.freebsd.org/mailman/htdig/freebsd-questions/2004-April/042847.html http://lists.freebsd.org/pipermail/freebsd-questions/2004-March/039296.html I have been searched and read many documents on mail-listing and google, but I still don't know what I miss @@, and /var/log/maillog doesn't provide enough information to me to solve the problem. I am sure that I have enter correct accounts/passwords. Please note that it works well with /usr/local/etc/sasldb2, but not MySQL It seems to me that it doesn't talk to MySQL at all, because I tried to use incorrect sql_user/sql_passwd in smtpd.conf, it gived me the same log in /var/log/maillog Please give me some hints to fix this problem, I have tried it for several weeks, kind of tired, but I don't want to give up. Thank you in advance. These are some logs, and configurations: (the accounts and password are real, you can test it if you want) # cat /var/log/maillog Jul 27 21:09:01 me postfix/smtpd[771]: connect from S01060050fc412395.vf.shawcable.net[70.68.235.3] Jul 27 21:09:04 me postfix/smtpd[771]: warning: SASL authentication failure: Password verification failed Jul 27 21:09:04 me postfix/smtpd[771]: warning: S01060050fc412395.vf.shawcable.net[70.68.235.3]: SASL PLAIN authentication failed Jul 27 21:09:05 me postfix/smtpd[771]: warning: S01060050fc412395.vf.shawcable.net[70.68.235.3]: SASL LOGIN authentication failed Jul 27 21:09:11 me postfix/smtpd[771]: lost connection after AUTH from S01060050fc412395.vf.shawcable.net[70.68.235.3] Jul 27 21:09:11 me postfix/smtpd[771]: disconnect from S01060050fc412395.vf.shawcable.net[70.68.235.3] mysql use mail; mysql select * from user; ++--+--+-+---++ | ID | USERNAME | PASSWORD | FORWARD | DOMAIN| MAIL | FILTER ++--+--+-+---++ | 1 | test | zz | test| me.uos.idv.tw | [EMAIL PROTECTED] | OK | 2 | cyrus| zz | cyrus | me.uos.idv.tw | [EMAIL PROTECTED] | OK | 3 | kkk | zz | kkk | me.uos.idv.tw | [EMAIL PROTECTED] | OK ++--+--+-+---++ 3 rows in set (0.02 sec) I have these parameters in main.cf: broken_sasl_auth_clients = yes smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, permit_auth_destination, permit_mx_backup, check_relay_domains, reject_unknown_recipient_domain, reject_non_fqdn_recipient, reject_unauth_destination, reject smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_pipelining reject_unknown_client # cat /usr/local/lib/sasl2/smtpd.conf pwcheck_method: auxprop auxprop_plugin: sql mech_list: plain login sql_engine: mysql sql_hostnames: localhost sql_user: mail sql_passwd: secret sql_database: mail sql_select: select PASSWORD from user where USERNAME='%u' sql_verbose: true I have tried to change auxprop_plugin: mysql and USERNAME='[EMAIL PROTECTED]' as well. _ Dont just search. Find. Check out the new MSN Search! http://search.msn.click-url.com/go/onm00200636ave/direct/01/ ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
chrooting Postfix+SASL+TLS
Hi all, Has anyone successfully set up Postfix to run chrooted with saslauthd? I've been trying to get this to work for several days now and have run out of ideas. Everything works fine non-chrooted, but as soon as I run postfix/smtpd chrooted, I get the following messages in maillog: Jul 23 09:46:30 xxx postfix/smtpd[2472]: connect from yyy[999.999.999.999] Jul 23 09:46:30 xxx postfix/smtpd[2472]: setting up TLS connection from yyy[999.999.999.999] Jul 23 09:46:30 xxx postfix/smtpd[2472]: TLS connection established from yyy[999.999.999.99]: TLSv1 with cipher RC4-MD5 (128/128 bits) Jul 23 09:46:30 xxx postfix/smtpd[2472]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory Jul 23 09:46:30 xxx postfix/smtpd[2472]: warning: yyy[999.999.999.999]: SASL LOGIN authentication failed Jul 23 09:46:30 xxx postfix/smtpd[2472]: warning: Read failed in network_biopair_interop with errno=0: num_read=0, want_read=5 Jul 23 09:46:30 xxx postfix/smtpd[2472]: lost connection after AUTH from yyy[999.999.999.999] Jul 23 09:46:30 xxx postfix/smtpd[2472]: disconnect from yyy[999.999.999.999] Here is what I have installed: OS: FreeBSD 4.9-RELEASE ports installed: openssl-0.9.7d cyrus-sasl-2.1.18 cyrus-sasl-saslauthd-2.1.18_1 postfix installed from source with TLS patch applied: postfix-2.1.3 pfixtls-0.8.18-2.1.3-0.9.7d postfix chroot directory: /var/spool/postfix saslauthd startup options: /usr/local/sbin/saslauthd -a getpwent -m /var/spool/postfix/var/state/saslauthd tls/sasl options in /etc/postfix/main.cf: # sasl config # broken_sasl_auth_clients = yes smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination # tls config # smtp_use_tls = yes smtpd_use_tls = yes smtp_tls_note_starttls_offer = yes smtpd_tls_key_file = /etc/postfix/ssl/smtpd.pem smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.pem smtpd_tls_CAfile = /etc/postfix/ssl/smtpd.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom I have tried all kinds of tips from my archive searches and still no luck. Can anyone give me any pointers/instructions on how to run postfix chrooted with saslauthd using FreeBSD 4.9? any advice will be appreciated. thanks in advance, Alex M. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: chrooting Postfix+SASL+TLS
Hi, Yah, your problem is when saslauth and smtp are chrooted they do not have there unix socket that they use to communicate. When saslauthd normally starts i believe it makes a socket at /var/run/mux i'm not near my machine to confirm this, but assuming your postfix chroot is /var/spool/postfix you would do: # mkdir -p /var/spool/postfix/var/run/mux and when you start saslauth use the -m option and specify the path to the chroot location. HTH Dave. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: chrooting Postfix+SASL+TLS
Hi Dave, I have setup /var/spool/postfix/var/state/salsauthd for that per a how-to I read. The normal socket was located in /var/state/saslauthd, so I figured that was the correct location. I guess I can try /var/spool/postfix/var/run and see if that works. am On Fri, 23 Jul 2004, dave wrote: Hi, Yah, your problem is when saslauth and smtp are chrooted they do not have there unix socket that they use to communicate. When saslauthd normally starts i believe it makes a socket at /var/run/mux i'm not near my machine to confirm this, but assuming your postfix chroot is /var/spool/postfix you would do: # mkdir -p /var/spool/postfix/var/run/mux and when you start saslauth use the -m option and specify the path to the chroot location. HTH Dave. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: chrooting Postfix+SASL+TLS
this is a follow up to my attempts to change the socket location. I now get the following message: Jul 23 10:54:22 xxx postfix/smtpd[3010]: warning: SASL authentication failure: cannot connect to saslauthd server: Connection refused this different from No such file or directory, but still does not work. I tried setting owner to 'cyrus' and group to 'mail', still no luck. I also tried chmod 0770 /var/spool/postfix/var/run i read that somewhere, a how-to doc i believe. Anyone else have any suggestions? i am guessing it may be some type of permissions issue at this point? thanks, am On Fri, 23 Jul 2004, Alex Melkomukov wrote: Hi Dave, I have setup /var/spool/postfix/var/state/salsauthd for that per a how-to I read. The normal socket was located in /var/state/saslauthd, so I figured that was the correct location. I guess I can try /var/spool/postfix/var/run and see if that works. am On Fri, 23 Jul 2004, dave wrote: Hi, Yah, your problem is when saslauth and smtp are chrooted they do not have there unix socket that they use to communicate. When saslauthd normally starts i believe it makes a socket at /var/run/mux i'm not near my machine to confirm this, but assuming your postfix chroot is /var/spool/postfix you would do: # mkdir -p /var/spool/postfix/var/run/mux and when you start saslauth use the -m option and specify the path to the chroot location. HTH Dave. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix - Sasl - mysql
Brent Wiese wrote: I (tried) following the instructions at: http://high5.net/howto/ I have postfix virtual users working in MySQL. I have courier imap/pop3 working w/ virtual users. I wanted to add SMTP auth. I added the cyrus-sasl2 port (also chose support for it in postfix port) WITH_MYSQL. No go. I added the following lines to /usr/local/lib/sasl2/smtpd.conf (found this in another faq/tutorial, so it may be incorrect) sasl_pwcheck_method: auxprop sasl_auxprop_plugin: sql sql_engine: mysql mech_list: login plain crammd6 digestmd5 sql_user: postfix-user sql_passwd: thepassword sql_database: postfix sql_statement: SELECT password FROM mailbox WHERE username = '%u' sql_verbose: yes That works for me.. -- Kind regards, Remko Lodder Elvandar.org/DSINet.org www.mostly-harmless.nl A Dutch community for helping newcomers on the hackerscene ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Postfix - Sasl - mysql
Brent Wiese wrote: I (tried) following the instructions at: http://high5.net/howto/ I have postfix virtual users working in MySQL. I have courier imap/pop3 working w/ virtual users. I wanted to add SMTP auth. I added the cyrus-sasl2 port (also chose support for it in postfix port) WITH_MYSQL. No go. I added the following lines to /usr/local/lib/sasl2/smtpd.conf (found this in another faq/tutorial, so it may be incorrect) sasl_pwcheck_method: auxprop sasl_auxprop_plugin: sql sql_engine: mysql mech_list: login plain crammd6 digestmd5 sql_user: postfix-user sql_passwd: thepassword sql_database: postfix sql_statement: SELECT password FROM mailbox WHERE username = '%u' sql_verbose: yes That works for me.. No go. Still getting no user in db in /var/log/maillog. I get: postfix/smtpd[23761]: sql_select option missing postfix/smtpd[23761]: auxpropfunc error no mechanism available In /var/log/messages I turned on logging in mysql and it didn't log any queries. Any other suggestions? ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix - Sasl - mysql
Hi Brent, No go. Still getting no user in db in /var/log/maillog. I get: postfix/smtpd[23761]: sql_select option missing postfix/smtpd[23761]: auxpropfunc error no mechanism available In /var/log/messages Oh typo :( SQL_Statement = SQL_Select) Is SQL (MySQL) Support included within your installation? What Mechlist did you enable? Are those included in your installation as well? Cheers I turned on logging in mysql and it didn't log any queries. Any other suggestions? ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Kind regards, Remko Lodder Elvandar.org/DSINet.org www.mostly-harmless.nl A Dutch community for helping newcomers on the hackerscene ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Postfix - Sasl - mysql
I added the cyrus-sasl2 port (also chose support for it in postfix port) WITH_MYSQL. No go. I added the following lines to /usr/local/lib/sasl2/smtpd.conf (found this in another faq/tutorial, so it may be incorrect) sasl_pwcheck_method: auxprop sasl_auxprop_plugin: sql sql_engine: mysql mech_list: login plain crammd6 digestmd5 sql_user: postfix-user sql_passwd: thepassword sql_database: postfix sql_statement: SELECT password FROM mailbox WHERE username = '%u' sql_verbose: yes I used those instructions, although I modified some for my specific configuration. the username field in my database is [EMAIL PROTECTED] however. I had to create a plain-text password field that i modified the php scripts to create as part of the normal process of things because the auxprop plugin alone didn't understand anything but plain text. you can use the PAM sasl plugin from what I understand, and configure pam to use mysql with it's native plugin in order to use encrypted passwords in the mysql database. I haven't looked at this stuff in a while, so my memory isn't so clear and things may have changed... Here's my working smtpd.conf: # smtpd.conf pwcheck_method: auxprop auxprop_plugin: sql mech_list: plain login sql_engine: mysql sql_hostnames: localhost sql_user: postfix-user sql_passwd: thepassword sql_database: postfix sql_select: select pass_plain from mailbox where username='[EMAIL PROTECTED]' ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix - Sasl - mysql
On 4/7/2004 12:32 PM Brent Wiese wrote: Brent Wiese wrote: I (tried) following the instructions at: http://high5.net/howto/ I have postfix virtual users working in MySQL. I have courier imap/pop3 working w/ virtual users. I wanted to add SMTP auth. I added the cyrus-sasl2 port (also chose support for it in postfix port) WITH_MYSQL. No go. I added the following lines to /usr/local/lib/sasl2/smtpd.conf (found this in another faq/tutorial, so it may be incorrect) sasl_pwcheck_method: auxprop sasl_auxprop_plugin: sql sql_engine: mysql mech_list: login plain crammd6 digestmd5 sql_user: postfix-user sql_passwd: thepassword sql_database: postfix sql_statement: SELECT password FROM mailbox WHERE username = '%u' sql_verbose: yes That works for me.. No go. Still getting no user in db in /var/log/maillog. I get: postfix/smtpd[23761]: sql_select option missing postfix/smtpd[23761]: auxpropfunc error no mechanism available In /var/log/messages I turned on logging in mysql and it didn't log any queries. Any other suggestions? Have you verified that smtpd_sasl_local_domain = and not smtpd_sasl_local_domain =$myhostname as shown in the how-to? Although I wasn't using MySQL, I still got the no user in db and no secret in database messages you were getting. It stumped me for weeks until I stumbled across the Postfix bug tidbit on the web. I'd be real curious to know if that solves your problems. Cheers, Drew ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Postfix - Sasl - mysql
I used those instructions, although I modified some for my specific configuration. the username field in my database is [EMAIL PROTECTED] however. Yes, that is how mine is. I had to create a plain-text password This is what I want to avoid. I think this is what the patch listed on the howto.net page is supposed to fix, but it doesn't apply right for me. Here's my working smtpd.conf: # smtpd.conf pwcheck_method: auxprop auxprop_plugin: sql mech_list: plain login sql_engine: mysql sql_hostnames: localhost sql_user: postfix-user sql_passwd: thepassword sql_database: postfix sql_select: select pass_plain from mailbox where username='[EMAIL PROTECTED]' Once I cleaned up my syntax (per another post, thanks!) while comparing to this, I'm now able to check the DB correctly (I turned on MySQL logging to make sure), except for the whole encrypted vs plaintext thing. If I use PAM, is that going to break courier-IMAP? Anyone succesfully patched a recent ( = .17) cyrus-sasl2 to use encrypted passwords in MySQL? Thanks for all the help, I think I'm nearly there. :) Brent ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Postfix - Sasl - mysql
I (tried) following the instructions at: http://high5.net/howto/ I have postfix virtual users working in MySQL. I have courier imap/pop3 working w/ virtual users. I wanted to add SMTP auth. I added the cyrus-sasl2 port (also chose support for it in postfix port) WITH_MYSQL. No go. I added the following lines to /usr/local/lib/sasl2/smtpd.conf (found this in another faq/tutorial, so it may be incorrect) sasl_pwcheck_method: auxprop sasl_auxprop_plugin: mysql login plain crammd6 digestmd5 mysql_user: postfix-user mysql_passwd: thepassword mysql_database: postfix mysql_statement: SELECT password FROM mailbox WHERE username = '%u' mysql_verbose: yes (I also tried sasl_ in front of all the lines). When I try to use SMTP Auth from Outlook Express, I get this in the logs: Apr 6 20:35:01 server01 postfix/smtpd[22279]: warning: SASL authentication failure: no user in db Apr 6 20:35:01 server01 postfix/smtpd[22279]: warning: SASL authentication failure: no secret in database Apr 6 20:35:01 server01 postfix/smtpd[22279]: warning: swing.bjwcs.com[208.185.25.11]: SASL NTLM authentication failed I'm using cyrus-sasl-2.1.18 and postfix 2.0.19. I also tried compiling w/ the patch listed in that tutorial link above, but it breaks. I read somewhere that mysql stuff changed in cyrus-sasl-2.1.17. Any help? I think I'm really close... I'm just so frustrated at this point, I'm probably no longer thinking clearly. Thanks! Brent ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix - Sasl - mysql
Brent Wiese told a big fish story including the following on 04/06/2004 5:40 PM: I (tried) following the instructions at: http://high5.net/howto/ I have postfix virtual users working in MySQL. I have courier imap/pop3 working w/ virtual users. I wanted to add SMTP auth. I added the cyrus-sasl2 port (also chose support for it in postfix port) WITH_MYSQL. No go. I added the following lines to /usr/local/lib/sasl2/smtpd.conf (found this in another faq/tutorial, so it may be incorrect) sasl_pwcheck_method: auxprop sasl_auxprop_plugin: mysql login plain crammd6 digestmd5 mysql_user: postfix-user mysql_passwd: thepassword mysql_database: postfix mysql_statement: SELECT password FROM mailbox WHERE username = '%u' mysql_verbose: yes (I also tried sasl_ in front of all the lines). When I try to use SMTP Auth from Outlook Express, I get this in the logs: Apr 6 20:35:01 server01 postfix/smtpd[22279]: warning: SASL authentication failure: no user in db Apr 6 20:35:01 server01 postfix/smtpd[22279]: warning: SASL authentication failure: no secret in database Apr 6 20:35:01 server01 postfix/smtpd[22279]: warning: swing.bjwcs.com[208.185.25.11]: SASL NTLM authentication failed I'm using cyrus-sasl-2.1.18 and postfix 2.0.19. I also tried compiling w/ the patch listed in that tutorial link above, but it breaks. I read somewhere that mysql stuff changed in cyrus-sasl-2.1.17. Any help? I think I'm really close... I'm just so frustrated at this point, I'm probably no longer thinking clearly. I wasn't using mysql but had similar problems setting up SASL with Postfix. After lots of searching, I finally found the answer and posted it to the list. You can find my post here: http://lists.freebsd.org/pipermail/freebsd-security/2003-July/000517.html Maybe this will help you as my errors were similar. Good Luck, Drew ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Postfix SASL Authmethod
Hi guys! I've setup up Postfix SASL on a 4.9 System. It does SMTP-Auth for delivering to the ISP Mailserver. It is working fine so far. Tehre is only one warning when connecting to the remote SMTP-Server: ISP-IP offered AUTH option multiple times How can i define which Option to use when my SMTP is connecting? The security_option in the main.cf is anonymous Is there a solution to handle this? Thanks Alex Huth ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Possible? - Postfix + SASL + Rewrite Headers?
Hello all, Just a quick, but hopefully simple question that I can't find the answer to after about an hour of googling... Is it possible to rewrite the headers of an outbound messages through my postfix server if the user was authenticated w/ sasl? Just something along the lines of, X-Blah: [IP] User [EMAIL PROTECTED] OK, mainly just to catch any users sending spam, etc. I'm stumped. Adam __ Do you Yahoo!? Yahoo! SiteBuilder - Free web site building tool. Try it! http://webhosting.yahoo.com/ps/sb/ ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
postfix + sasl
can someone give me a few pointers on setting up this combination on free bsd 4.7 ? I'm using the latest ports and already have postfix running. thanx To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: postfix + sasl
synrat wrote: can someone give me a few pointers on setting up this combination on free bsd 4.7 ? I'm using the latest ports and already have postfix running. http://www.postfix.org/docs.html lists a number of Postfix+SASL docs. -- Dean C. Strik Eindhoven University of Technology [EMAIL PROTECTED] | [EMAIL PROTECTED] | http://www.ipnet6.org/ This isn't right. This isn't even wrong. -- Wolfgang Pauli To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message