Re: outgoing authenticated TLS/SSL problems
On 4/21/2015 12:34 PM, Viktor Dukhovni wrote: Your port 25 smtpd entry in master.cf is not chrooted, but your port 587 entry is. Apr 21 12:20:29 canon postfix/submission/smtpd[9382]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory Interesting. Just fixed that, too. You added the socket to the jail. It would be simpler to disable chroot on port 587, not much point when port 25 is not chrooted. See above. -- Curtis Maurand cur...@maurand.com mailto:cur...@maurand.com 207-252-7748
Re: outgoing authenticated TLS/SSL problems
On 4/20/2015 8:36 PM, Viktor Dukhovni wrote: On Mon, Apr 20, 2015 at 08:08:08PM -0400, Curtis Maurand wrote: Anyone have any ideas? 1. http://www.postfix.org/DEBUG_README.html#mail 2. Send logs! Do not set verbose logs produced via debug_peer_list or -v options in master.cf unless these are requested later in the thread. If you ever do send verbose logs, be aware that they transmit passwords in an easily reversible base64 encoding. Do not send base64 encoded SASL payloads. Do not trim your logs, post the full log entries. Change only the localparts of email address if you wish to keep these private. Replace distinct original addresses with distinct masked addresses. 3. Describe what you what to happen clearly, concisely, and with some specificity (e.g. replace phrases such as to the server with to host smtp.example.com on port 25). As much as possible the description should be clearly connected to what is shown in the included logs. Thank you for your reply. I've solved it with a bit of research. really weird in that smtp authentication was working on port 25, but not on port 587.I was getting the following error: Apr 21 12:20:29 canon postfix/submission/smtpd[9382]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory Which I fixed with in /etc/default/saslauthd (Ubuntu 12.04 LTS). OPTIONS=-c -m /var/spool/postfix/var/run/saslauthd -r Thanks for your help. -- Curtis Maurand cur...@maurand.com mailto:cur...@maurand.com 207-252-7748
Re: outgoing authenticated TLS/SSL problems
On Tue, Apr 21, 2015 at 12:30:12PM -0400, Curtis Maurand wrote: Thank you for your reply. I've solved it with a bit of research. really weird in that smtp authentication was working on port 25, but not on port 587.I was getting the following error: Your port 25 smtpd entry in master.cf is not chrooted, but your port 587 entry is. Apr 21 12:20:29 canon postfix/submission/smtpd[9382]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory The chrooted smtpd found no saslauthd socket. Which I fixed with in /etc/default/saslauthd (Ubuntu 12.04 LTS). OPTIONS=-c -m /var/spool/postfix/var/run/saslauthd -r You added the socket to the jail. It would be simpler to disable chroot on port 587, not much point when port 25 is not chrooted. -- Viktor.
Re: outgoing authenticated TLS/SSL problems
On Mon, Apr 20, 2015 at 08:08:08PM -0400, Curtis Maurand wrote: Anyone have any ideas? 1. http://www.postfix.org/DEBUG_README.html#mail 2. Send logs! Do not set verbose logs produced via debug_peer_list or -v options in master.cf unless these are requested later in the thread. If you ever do send verbose logs, be aware that they transmit passwords in an easily reversible base64 encoding. Do not send base64 encoded SASL payloads. Do not trim your logs, post the full log entries. Change only the localparts of email address if you wish to keep these private. Replace distinct original addresses with distinct masked addresses. 3. Describe what you what to happen clearly, concisely, and with some specificity (e.g. replace phrases such as to the server with to host smtp.example.com on port 25). As much as possible the description should be clearly connected to what is shown in the included logs. -- Viktor.
