subject:"\[SOGo\] Setting up Postfix\/SMTP Auth service using ldap"

Re: [SOGo] Setting up Postfix/SMTP Auth service using ldap

2013-10-19 Thread Szládovics Péter


2013-10-18 21:53 keltezéssel, Jean Raby írta:

On 13-10-18 10:55 AM, John Tolson wrote:


*/etc/postfix/sasl/stmpd.conf*
pwcheck_method: saslauthd
mech_list: plain login
log_level: 7
saslauthd_path: /var/spool/postfix/var/run/saslauthd/mux


Is saslauth really listening there?

If it is not, you need to update /etc/default/saslauthd (saslauthd -m 
/var/spool/postfix/var/run/saslauthd)  Check the ubuntu documentation 
regarding this: https://help.ubuntu.com/community/Postfix#Authentication


And the saslauthd need to configured for ldap auth. eg.

#- /etc/saslauthd
ldap_servers: ldap://127.0.0.1/
ldap_search_base: cn=users,dc=foo,dc=bar
ldap_bind_dn: cn=binduser,cn=users,dc=foo,dc=bar
ldap_bind_pw: somepassword
ldap_filter: (uid=%u)
#-

Without it sender can't authenticate through ldap in postfix.
--
Szládovics, Péter

Onlinedemo.HU http://www.onlinedemo.hu
Any sufficiently advanced technology is indistinguishable from magic.
/Arthur C. Clarke/
--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Setting up Postfix/SMTP Auth service using ldap

2013-10-18 Thread John Tolson

/etc/postfix/main.cf# See /usr/share/postfix/main.cf.dist for a commented, more complete version# Debian specific: Specifying a file name will cause the first# line of that file to be used as the name. The Debian default# is /etc/mailname.#myorigin = /etc/mailnamemyhostname=tcusit.comsmtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)biff = no# appending .domain is the MUA's job.append_dot_mydomain = no# Uncomment the next line to generate "delayed mail" warnings#delay_warning_time = 4hreadme_directory = nosmtp_sasl_type = cyrussmtpd_sasl_path = smtp# TLS parameters# smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem# smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key# smtpd_use_tls=yes# smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache# smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for# information on enabling SSL in the smtp client.alias_maps = hash:/etc/aliasesalias_database = hash:/etc/aliasesmyorigin = /etc/mailnamemydestination = localhost, $myhostname, $mydomainmynetworks = 172.0.0.0/8 127.0.0.0/8 [:::127.0.0.0]/104 [::1]/128mailbox_size_limit = 0recipient_delimiter = +virtual_alias_maps = ldap:/etc/postfix/people.ldapmailbox_transport = lmtp:127.0.0.1:24smtpd_sasl_auth_enable = yesbroken_sasl_auth_clients = yessmtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destinationsmtp_sasl_auth_enable = yessmtpd_sasl_security_options = noanonymousinet_interfaces = all/etc/postfix/sasl/stmpd.confpwcheck_method: saslauthdmech_list: plain loginlog_level: 7saslauthd_path: /var/spool/postfix/var/run/saslauthd/muxOn Oct 17, 2013, at 11:54 AM, Szládovics Péter p...@szladovics.hu wrote:
  

  
  
2013-10-17 17:38 keltezéssel, John
  Tolson írta:

Hello All,
  
  
  I am new to Sogo and Postfix but have a great understanding
of Unix and Unix administration. I have download the virtual
appliance and have configured it with a new domain, to send out
mail LOCALLY (POSTFIX/SMTP) and receive mail LOCALLY
and Remotely with a client. (imap). My challenge now is to
configure the server to allow users to authenticate against the
postfix and to send mail from any client software. I think I am
missing something small but I need HELP. I have been working on
this on and off for about 8 weeks now and cannot figure out my
issue.
  
  
  Telnet test from remote machine (My Laptop)
  
imac:~ jtolson $ echo -ne '\0sogo1\0sogo' | openssl enc
  -base64
AHNvZ28xAHNvZ28=
  
  
  
  
imac:~ jtolson $telnet 10.1.2.130 25
Trying 10.1.2.130...
Connected to 10.1.2.130.
Escape character is '^]'.
220 *
EHLO tcusit.com
250-tcusit.com
250-PIPELINING
250-SIZE 1024
250-VRFY
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN
250-AUTH=DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH PLAIN AHNvZ28xAHNvZ28=
535 5.7.8 Error: authentication failed: authentication
  failure


  
  

  From the /var/log/syslog on the server 10.1.2.130
  
Oct 17 11:21:41 sogo postfix/smtpd[14957]: connect from
  unknown[172.16.1.8]
Oct 17 11:21:59 sogo postfix/smtpd[14957]: warning: SASL
  authentication failure: Password verification failed
Oct 17 11:21:59 sogo postfix/smtpd[14957]: warning:
  unknown[172.16.1.8]: SASL PLAIN authentication failed:
  authentication failure
  
  
  
  From the 10.1.2.130 mail server
  
root@sogo:~# testsaslauthd -u sogo1 -p sogo
0: OK "Success."
  
  
  
  Given thetestsaslauthd comes back with a "0: OK "Success."
tells me that the ldap and saslauthd is working properly. I
know that the POSTFIX/SMTP is using SASL authentication and is
failing on the password from the log file. Postfix/SMTPD is
configured with the SASL Authentication and the SASL
Authentication through ldap is working given my testsaslauthd
test. What am I missing?I am just trying to setup a simple
mail server that I can use with remote clients from mobile, macs
and windows.
  
  
  Any guidance is appreciated.
  


What are your SASL settings, and what are your postfix settings?


  -- 
  Szládovics, Péter

Onlinedemo.HU
  Any sufficiently advanced technology is indistinguishable from
  magic.
  Arthur C. Clarke


  


John Tolson2524 Lithonia Industrial BoulevardSuite CLithonia, GA30058678.713.4220 (O)404.631.6309

Re: [SOGo] Setting up Postfix/SMTP Auth service using ldap

2013-10-18 Thread Jean Raby


On 13-10-18 10:55 AM, John Tolson wrote:


*/etc/postfix/sasl/stmpd.conf*
pwcheck_method: saslauthd
mech_list: plain login
log_level: 7
saslauthd_path: /var/spool/postfix/var/run/saslauthd/mux


Is saslauth really listening there?

If it is not, you need to update /etc/default/saslauthd (saslauthd -m 
/var/spool/postfix/var/run/saslauthd)  Check the ubuntu documentation regarding 
this: https://help.ubuntu.com/community/Postfix#Authentication

--
users@sogo.nu
https://inverse.ca/sogo/lists

[SOGo] Setting up Postfix/SMTP Auth service using ldap

2013-10-17 Thread John Tolson

Hello All,

I am new to Sogo and Postfix but have a great understanding of Unix and Unix 
administration.  I have download the virtual appliance and have configured it 
with a new domain, to send out mail LOCALLY  (POSTFIX/SMTP) and receive mail 
LOCALLY and Remotely with a client. (imap).  My challenge now is to configure 
the server to allow users to authenticate against the postfix and to send mail 
from any client software.  I think I am missing something small but I need 
HELP.  I have been working on this on and off for about 8 weeks now and cannot 
figure out my issue.

Telnet test from remote machine (My Laptop)
imac:~ jtolson $ echo -ne '\0sogo1\0sogo' | openssl enc -base64
AHNvZ28xAHNvZ28=

imac:~ jtolson $ telnet 10.1.2.130 25
Trying 10.1.2.130...
Connected to 10.1.2.130.
Escape character is '^]'.
220 *
EHLO tcusit.com
250-tcusit.com
250-PIPELINING
250-SIZE 1024
250-VRFY
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN
250-AUTH=DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH PLAIN AHNvZ28xAHNvZ28=
535 5.7.8 Error: authentication failed: authentication failure


From the /var/log/syslog on the server 10.1.2.130
Oct 17 11:21:41 sogo postfix/smtpd[14957]: connect from unknown[172.16.1.8]
Oct 17 11:21:59 sogo postfix/smtpd[14957]: warning: SASL authentication 
failure: Password verification failed
Oct 17 11:21:59 sogo postfix/smtpd[14957]: warning: unknown[172.16.1.8]: SASL 
PLAIN authentication failed: authentication failure

From the 10.1.2.130 mail server
root@sogo:~# testsaslauthd -u sogo1 -p sogo
0: OK Success.

Given the testsaslauthd comes back with a 0: OK Success. tells me that the 
ldap and saslauthd is working properly.  I know that the POSTFIX/SMTP is using 
SASL authentication and is failing on the password from the log file.  
Postfix/SMTPD is configured with the SASL Authentication and the SASL 
Authentication through ldap is working given my testsaslauthd test.  What am I 
missing?  I am just trying to setup a simple mail server that I can use with 
remote clients from mobile, macs and windows. 

 Any guidance is appreciated.


-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Setting up Postfix/SMTP Auth service using ldap

2013-10-17 Thread Jean Raby


On 13-10-17 11:38 AM, John Tolson wrote:

Hello All,

I am new to Sogo and Postfix but have a great understanding of Unix and Unix
administration.  I have download the virtual appliance and have configured it
with a new domain, to send out mail *LOCALLY*  (POSTFIX/SMTP) and receive mail
LOCALLY and Remotely with a client. (imap).  My challenge now is to configure
the server to allow users to authenticate against the postfix and to send mail
from any client software.  I think I am missing something small but I need HELP.
  I have been working on this on and off for about 8 weeks now and cannot figure
out my issue.

*Telnet test from remote machine (My Laptop)*
imac:~ jtolson $ echo -ne '\0sogo1\0sogo' | openssl enc -base64
AHNvZ28xAHNvZ28=

imac:~ jtolson $ telnet 10.1.2.130 25
Trying 10.1.2.130...
Connected to 10.1.2.130.
Escape character is '^]'.
220 *
EHLO tcusit.com http://tcusit.com
250-tcusit.com http://250-tcusit.com
250-PIPELINING
250-SIZE 1024
250-VRFY
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN
250-AUTH=DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH PLAIN AHNvZ28xAHNvZ28=
535 5.7.8 Error: authentication failed: authentication failure

*
*
*From the /var/log/syslog on the server 10.1.2.130*
Oct 17 11:21:41 sogo postfix/smtpd[14957]: connect from unknown[172.16.1.8]
Oct 17 11:21:59 sogo postfix/smtpd[14957]: warning: SASL authentication failure:
Password verification failed
Oct 17 11:21:59 sogo postfix/smtpd[14957]: warning: unknown[172.16.1.8]: SASL
PLAIN authentication failed: authentication failure

*From the 10.1.2.130 mail server*
root@sogo:~# testsaslauthd -u sogo1 -p sogo
0: OK Success.

Given the testsaslauthd comes back with a 0: OK Success. tells me that the
ldap and saslauthd is working properly.  I know that the POSTFIX/SMTP is using
SASL authentication and is failing on the password from the log file.
  Postfix/SMTPD is configured with the SASL Authentication and the SASL
Authentication through ldap is working given my testsaslauthd test.  What am I
missing?  I am just trying to setup a simple mail server that I can use with
remote clients from mobile, macs and windows.

  Any guidance is appreciated.


This is not really a sogo related question and would probably be best answered 
in postfix / cyrus-sasl lists.


But,  do you see anything in the ldap logs when doing the auth against 
postfix?(that test should be done with 'olcLogLevel: stats' if you want to see 
something in the ldap logs)

Also, is there anything relevant in the saslauth logs?
Are you running postfix chrooted and the saslauthd socket file is outside of the 
chroot?(hint  saslauthd -m /var/spool/postfix/var/run/saslauthd)


--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Setting up Postfix/SMTP Auth service using ldap

Re: [SOGo] Setting up Postfix/SMTP Auth service using ldap

Re: [SOGo] Setting up Postfix/SMTP Auth service using ldap

[SOGo] Setting up Postfix/SMTP Auth service using ldap

Re: [SOGo] Setting up Postfix/SMTP Auth service using ldap

5 matches

Site Navigation

Mail list logo

Footer information