Re: [SOGo] Setting up Postfix/SMTP Auth service using ldap

[John Tolson]

/etc/postfix/main.cf # See /usr/share/postfix/main.cf.dist for a commented, more complete version # Debian specific:  Specifying a file name will cause the first # line of that file to be used as the name.  The Debian default # is /etc/mailname. #myorigin = /etc/mailname myhostname=tcusit.com smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h readme_directory = no smtp_sasl_type = cyrus smtpd_sasl_path = smtp # TLS parameters # smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem # smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key # smtpd_use_tls=yes # smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache # smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = localhost, $myhostname, $mydomain mynetworks = 172.0.0.0/8 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_size_limit = 0 recipient_delimiter = + virtual_alias_maps = ldap:/etc/postfix/people.ldap mailbox_transport = lmtp:127.0.0.1:24 smtpd_sasl_auth_enable = yes broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination smtp_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous inet_interfaces = all /etc/postfix/sasl/stmpd.conf pwcheck_method: saslauthd mech_list: plain login log_level: 7 saslauthd_path: /var/spool/postfix/var/run/saslauthd/mux On Oct 17, 2013, at 11:54 AM, Szládovics Péter <p...@szladovics.hu> wrote: 2013-10-17 17:38 keltezéssel, John Tolson írta: Hello All, I am new to Sogo and Postfix but have a great understanding of Unix and Unix administration.  I have download the virtual appliance and have configured it with a new domain, to send out mail LOCALLY  (POSTFIX/SMTP) and receive mail LOCALLY and Remotely with a client. (imap).  My challenge now is to configure the server to allow users to authenticate against the postfix and to send mail from any client software.  I think I am missing something small but I need HELP.  I have been working on this on and off for about 8 weeks now and cannot figure out my issue. Telnet test from remote machine (My Laptop) imac:~ jtolson $ echo -ne '\0sogo1\0sogo' | openssl enc -base64 AHNvZ28xAHNvZ28= imac:~ jtolson $ telnet 10.1.2.130 25 Trying 10.1.2.130... Connected to 10.1.2.130. Escape character is '^]'. 220 ********************************* EHLO tcusit.com 250-tcusit.com 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-AUTH DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN 250-AUTH=DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN AUTH PLAIN AHNvZ28xAHNvZ28= 535 5.7.8 Error: authentication failed: authentication failure From the /var/log/syslog on the server 10.1.2.130 Oct 17 11:21:41 sogo postfix/smtpd[14957]: connect from unknown[172.16.1.8] Oct 17 11:21:59 sogo postfix/smtpd[14957]: warning: SASL authentication failure: Password verification failed Oct 17 11:21:59 sogo postfix/smtpd[14957]: warning: unknown[172.16.1.8]: SASL PLAIN authentication failed: authentication failure From the 10.1.2.130 mail server root@sogo:~# testsaslauthd -u sogo1 -p sogo 0: OK "Success." Given the testsaslauthd comes back with a "0: OK "Success." tells me that the ldap and saslauthd is working properly.  I know that the POSTFIX/SMTP is using SASL authentication and is failing on the password from the log file.  Postfix/SMTPD is configured with the SASL Authentication and the SASL Authentication through ldap is working given my testsaslauthd test.  What am I missing?  I am just trying to setup a simple mail server that I can use with remote clients from mobile, macs and windows.   Any guidance is appreciated. What are your SASL settings, and what are your postfix settings? -- Szládovics, Péter Onlinedemo.HU Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke John Tolson 2524 Lithonia Industrial Boulevard Suite C  Lithonia, GA 30058 678.713.4220 (O) 404.631.6309 (F) www.mytechconcepts.com This message may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the intended recipient (or authorized to act on behalf of the intended recipient) of this message, you may not disclose, forward, distribute, copy, or use this message or its contents. If you have received this communication in error, please notify us immediately by return e-mail and delete the original message from your e-mail system. Thank you.