Hi.
Here there are other informations about the configuration of mail system.
1. The mail system use virtual users.
2. The postfix main.cf is:
# Enable SASL authentication in the Postfix SMTP server
smtpd_sasl_auth_enable = yes
# Postfix 2.3 and later
#smtpd_sasl_path = smtpd
# Only accept mail from trusted networks, authenticated clients or mail
with
# a 'RCPT TO' address that Postfix is forwarder or final destination for
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_unauth_pipelining,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
reject_invalid_hostname,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
reject_unauth_destination,
reject_rbl_client bl.spamcop.net,
reject_rbl_client zombie.dnsbl.sorbs.net,
reject_rbl_client list.dsbl.org,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client sbl-xbl.spamhaus.org,
reject_rbl_client blackholes.easynet.nl,
reject_rbl_client combined.njabl.org,
reject_rbl_client dul.dnsbl.sorbs.net,
permit
# Enable inter-operability with old SMTP clients
broken_sasl_auth_clients = yes
# Name of the Postfix SMTP server's local SASL authentication realm
smtpd_sasl_local_domain = $mydomain
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
#smtpd_sasl_security_options = noanonymous
smtpd_sasl_security_options =
# Quota e delivery
virtual_transport = qdeliver
qdeliver_destination_concurrency_limit = 1
qdeliver_destination_recipient_limit = 1
3. The master.cf is:
smtps inet n - - - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
4. The /var/local/lib/sasl2/smtpd.conf is:
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
#authdaemond_path: /var/sasl2/socket
authdaemond_path: /var/run/courier-auth/socket
log_level: 7
Thanks.
Luciano.
On 22.08.14, 16:23, giacomo wrote:
Hello everyone.
I recently created a mail server based on Postfix with MySQL and
SASL authentication and TLS. I have problems to use authentication
SASL. The errors are:
telnet 192.168.1.242 25
Trying 192.168.1.242...
Connected to 192.168.1.242.
Escape character is '^]'.
220 mail2.domain.com ESMTP Postfix
ehlo tin.it
250-mail2.domain.com
250-PIPELINING
250-SIZE 1024
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH PLAIN AGQubGlzYWlhQGdydXBwb2lzaWwuY29tAGxpc2FpYQ==
535 5.7.8 Error: authentication failed: generic failure
/var/maillog
Jul 5 23:11:19 mail2 postfix/smtpd[3717]:
warning: SASL authentication failure: could not verify password
Jul 5 23:11:19 mail2 postfix/smtpd[3717]:
warning: SASL authentication failure: Password verification failed
Jul 5 23:11:19 mail2 postfix/smtpd[3717]:
warning: unknown[192.168.1.248]:
SASL PLAIN authentication failed: generic failure
System OpenBSD v. 5.5
Packages:
courier-authlib-0.65.0p2
courier-authlib-mysql-0.65.0p5
courier-imap-4.13p0
courier-pop3-4.13p0
cyrus-sasl-2.1.26p10-mysql
mysql-client-5.1.73v0
mysql-server-5.1.73v0
Port:
postfix-2.12.20140109-sasl2-mysql (compilated to enable SASL e MySQL)
In the old version of OpenBSD it seam to work.
Any suggestions?
Thanks.
--
Isaia Luciano
--
Le informazioni contenute nella presente e-mail e nei documenti/files
eventualmente allegati sono confidenziali. Essi sono riservati
esclusivamente al destinatario della stessa. La loro eventuale
comunicazione, diffusione o, comunque, rivelazione a terzi, nonche' la
copiatura e/o conservazione e' vietata. Se avete ricevuto questa e-mail per
errore, Vi preghiamo cortesemente di informare immediatamente il mittente
della stessa e di distruggerla o, comunque, cancellarla dal Vostro sistema.
This e-mail contains confidential and/or privileged information. If you are
not the intended recipient (or have received this e-mail in error), please
notify the sender immediately and destroy this e-mail. Any unauthorised