Re: [SOGo] Setting up Postfix/SMTP Auth service using ldap
2013-10-18 21:53 keltezéssel, Jean Raby írta: On 13-10-18 10:55 AM, John Tolson wrote: */etc/postfix/sasl/stmpd.conf* pwcheck_method: saslauthd mech_list: plain login log_level: 7 saslauthd_path: /var/spool/postfix/var/run/saslauthd/mux Is saslauth really listening there? If it is not, you need to update /etc/default/saslauthd (saslauthd -m /var/spool/postfix/var/run/saslauthd) Check the ubuntu documentation regarding this: https://help.ubuntu.com/community/Postfix#Authentication And the saslauthd need to configured for ldap auth. eg. #- /etc/saslauthd ldap_servers: ldap://127.0.0.1/ ldap_search_base: cn=users,dc=foo,dc=bar ldap_bind_dn: cn=binduser,cn=users,dc=foo,dc=bar ldap_bind_pw: somepassword ldap_filter: (uid=%u) #- Without it sender can't authenticate through ldap in postfix. -- Szládovics, Péter Onlinedemo.HU http://www.onlinedemo.hu Any sufficiently advanced technology is indistinguishable from magic. /Arthur C. Clarke/ -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Setting up Postfix/SMTP Auth service using ldap
/etc/postfix/main.cf# See /usr/share/postfix/main.cf.dist for a commented, more complete version# Debian specific: Specifying a file name will cause the first# line of that file to be used as the name. The Debian default# is /etc/mailname.#myorigin = /etc/mailnamemyhostname=tcusit.comsmtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)biff = no# appending .domain is the MUA's job.append_dot_mydomain = no# Uncomment the next line to generate "delayed mail" warnings#delay_warning_time = 4hreadme_directory = nosmtp_sasl_type = cyrussmtpd_sasl_path = smtp# TLS parameters# smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem# smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key# smtpd_use_tls=yes# smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache# smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for# information on enabling SSL in the smtp client.alias_maps = hash:/etc/aliasesalias_database = hash:/etc/aliasesmyorigin = /etc/mailnamemydestination = localhost, $myhostname, $mydomainmynetworks = 172.0.0.0/8 127.0.0.0/8 [:::127.0.0.0]/104 [::1]/128mailbox_size_limit = 0recipient_delimiter = +virtual_alias_maps = ldap:/etc/postfix/people.ldapmailbox_transport = lmtp:127.0.0.1:24smtpd_sasl_auth_enable = yesbroken_sasl_auth_clients = yessmtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destinationsmtp_sasl_auth_enable = yessmtpd_sasl_security_options = noanonymousinet_interfaces = all/etc/postfix/sasl/stmpd.confpwcheck_method: saslauthdmech_list: plain loginlog_level: 7saslauthd_path: /var/spool/postfix/var/run/saslauthd/muxOn Oct 17, 2013, at 11:54 AM, Szládovics Péter p...@szladovics.hu wrote: 2013-10-17 17:38 keltezéssel, John Tolson írta: Hello All, I am new to Sogo and Postfix but have a great understanding of Unix and Unix administration. I have download the virtual appliance and have configured it with a new domain, to send out mail LOCALLY (POSTFIX/SMTP) and receive mail LOCALLY and Remotely with a client. (imap). My challenge now is to configure the server to allow users to authenticate against the postfix and to send mail from any client software. I think I am missing something small but I need HELP. I have been working on this on and off for about 8 weeks now and cannot figure out my issue. Telnet test from remote machine (My Laptop) imac:~ jtolson $ echo -ne '\0sogo1\0sogo' | openssl enc -base64 AHNvZ28xAHNvZ28= imac:~ jtolson $telnet 10.1.2.130 25 Trying 10.1.2.130... Connected to 10.1.2.130. Escape character is '^]'. 220 * EHLO tcusit.com 250-tcusit.com 250-PIPELINING 250-SIZE 1024 250-VRFY 250-ETRN 250-AUTH DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN 250-AUTH=DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN AUTH PLAIN AHNvZ28xAHNvZ28= 535 5.7.8 Error: authentication failed: authentication failure From the /var/log/syslog on the server 10.1.2.130 Oct 17 11:21:41 sogo postfix/smtpd[14957]: connect from unknown[172.16.1.8] Oct 17 11:21:59 sogo postfix/smtpd[14957]: warning: SASL authentication failure: Password verification failed Oct 17 11:21:59 sogo postfix/smtpd[14957]: warning: unknown[172.16.1.8]: SASL PLAIN authentication failed: authentication failure From the 10.1.2.130 mail server root@sogo:~# testsaslauthd -u sogo1 -p sogo 0: OK "Success." Given thetestsaslauthd comes back with a "0: OK "Success." tells me that the ldap and saslauthd is working properly. I know that the POSTFIX/SMTP is using SASL authentication and is failing on the password from the log file. Postfix/SMTPD is configured with the SASL Authentication and the SASL Authentication through ldap is working given my testsaslauthd test. What am I missing?I am just trying to setup a simple mail server that I can use with remote clients from mobile, macs and windows. Any guidance is appreciated. What are your SASL settings, and what are your postfix settings? -- Szládovics, Péter Onlinedemo.HU Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke John Tolson2524 Lithonia Industrial BoulevardSuite CLithonia, GA30058678.713.4220 (O)404.631.6309
Re: [SOGo] Setting up Postfix/SMTP Auth service using ldap
On 13-10-18 10:55 AM, John Tolson wrote: */etc/postfix/sasl/stmpd.conf* pwcheck_method: saslauthd mech_list: plain login log_level: 7 saslauthd_path: /var/spool/postfix/var/run/saslauthd/mux Is saslauth really listening there? If it is not, you need to update /etc/default/saslauthd (saslauthd -m /var/spool/postfix/var/run/saslauthd) Check the ubuntu documentation regarding this: https://help.ubuntu.com/community/Postfix#Authentication -- users@sogo.nu https://inverse.ca/sogo/lists
[SOGo] Setting up Postfix/SMTP Auth service using ldap
Hello All, I am new to Sogo and Postfix but have a great understanding of Unix and Unix administration. I have download the virtual appliance and have configured it with a new domain, to send out mail LOCALLY (POSTFIX/SMTP) and receive mail LOCALLY and Remotely with a client. (imap). My challenge now is to configure the server to allow users to authenticate against the postfix and to send mail from any client software. I think I am missing something small but I need HELP. I have been working on this on and off for about 8 weeks now and cannot figure out my issue. Telnet test from remote machine (My Laptop) imac:~ jtolson $ echo -ne '\0sogo1\0sogo' | openssl enc -base64 AHNvZ28xAHNvZ28= imac:~ jtolson $ telnet 10.1.2.130 25 Trying 10.1.2.130... Connected to 10.1.2.130. Escape character is '^]'. 220 * EHLO tcusit.com 250-tcusit.com 250-PIPELINING 250-SIZE 1024 250-VRFY 250-ETRN 250-AUTH DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN 250-AUTH=DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN AUTH PLAIN AHNvZ28xAHNvZ28= 535 5.7.8 Error: authentication failed: authentication failure From the /var/log/syslog on the server 10.1.2.130 Oct 17 11:21:41 sogo postfix/smtpd[14957]: connect from unknown[172.16.1.8] Oct 17 11:21:59 sogo postfix/smtpd[14957]: warning: SASL authentication failure: Password verification failed Oct 17 11:21:59 sogo postfix/smtpd[14957]: warning: unknown[172.16.1.8]: SASL PLAIN authentication failed: authentication failure From the 10.1.2.130 mail server root@sogo:~# testsaslauthd -u sogo1 -p sogo 0: OK Success. Given the testsaslauthd comes back with a 0: OK Success. tells me that the ldap and saslauthd is working properly. I know that the POSTFIX/SMTP is using SASL authentication and is failing on the password from the log file. Postfix/SMTPD is configured with the SASL Authentication and the SASL Authentication through ldap is working given my testsaslauthd test. What am I missing? I am just trying to setup a simple mail server that I can use with remote clients from mobile, macs and windows. Any guidance is appreciated. -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] Setting up Postfix/SMTP Auth service using ldap
On 13-10-17 11:38 AM, John Tolson wrote: Hello All, I am new to Sogo and Postfix but have a great understanding of Unix and Unix administration. I have download the virtual appliance and have configured it with a new domain, to send out mail *LOCALLY* (POSTFIX/SMTP) and receive mail LOCALLY and Remotely with a client. (imap). My challenge now is to configure the server to allow users to authenticate against the postfix and to send mail from any client software. I think I am missing something small but I need HELP. I have been working on this on and off for about 8 weeks now and cannot figure out my issue. *Telnet test from remote machine (My Laptop)* imac:~ jtolson $ echo -ne '\0sogo1\0sogo' | openssl enc -base64 AHNvZ28xAHNvZ28= imac:~ jtolson $ telnet 10.1.2.130 25 Trying 10.1.2.130... Connected to 10.1.2.130. Escape character is '^]'. 220 * EHLO tcusit.com http://tcusit.com 250-tcusit.com http://250-tcusit.com 250-PIPELINING 250-SIZE 1024 250-VRFY 250-ETRN 250-AUTH DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN 250-AUTH=DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN AUTH PLAIN AHNvZ28xAHNvZ28= 535 5.7.8 Error: authentication failed: authentication failure * * *From the /var/log/syslog on the server 10.1.2.130* Oct 17 11:21:41 sogo postfix/smtpd[14957]: connect from unknown[172.16.1.8] Oct 17 11:21:59 sogo postfix/smtpd[14957]: warning: SASL authentication failure: Password verification failed Oct 17 11:21:59 sogo postfix/smtpd[14957]: warning: unknown[172.16.1.8]: SASL PLAIN authentication failed: authentication failure *From the 10.1.2.130 mail server* root@sogo:~# testsaslauthd -u sogo1 -p sogo 0: OK Success. Given the testsaslauthd comes back with a 0: OK Success. tells me that the ldap and saslauthd is working properly. I know that the POSTFIX/SMTP is using SASL authentication and is failing on the password from the log file. Postfix/SMTPD is configured with the SASL Authentication and the SASL Authentication through ldap is working given my testsaslauthd test. What am I missing? I am just trying to setup a simple mail server that I can use with remote clients from mobile, macs and windows. Any guidance is appreciated. This is not really a sogo related question and would probably be best answered in postfix / cyrus-sasl lists. But, do you see anything in the ldap logs when doing the auth against postfix?(that test should be done with 'olcLogLevel: stats' if you want to see something in the ldap logs) Also, is there anything relevant in the saslauth logs? Are you running postfix chrooted and the saslauthd socket file is outside of the chroot?(hint saslauthd -m /var/spool/postfix/var/run/saslauthd) -- users@sogo.nu https://inverse.ca/sogo/lists