LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
LinkBack Search this Thread
Old 01-03-2011, 01:54 PM   #1
Mavman
Member
 
Registered: Mar 2008
Location: Wasilla, Alaska
Distribution: CentOS
Posts: 36

Rep: Reputation: 1
Postfix+Cyrus SASL Authentication Problem


Hey guys, for the life of me I can not figure this out. I'm still on the newer side of Linux services and thought that building a mail server would be a great way to figure out how it all works from a Linux point of view.

I'm running Ubuntu Maverick (10.10) 64-bit Server edition.
At the moment, I'm trying to get Postfix to authenticate users using shadow with TLS.

What I've got so far is -

smtpd.conf:
Code:
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
main.cf:
Code:
myhostname = Maverux.******.net
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = Maverux.******.net, ******.net, Maverux, mail.******.net, localhost.localdomain, localhost
relayhost =
mynetworks = 127.0.0.0/8, 192.168.1.0/24, xxx.xxx.xxx.xxx/32, xxx.xxx.xxx.xxx/32
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
smtpd_sasl_type = cyrus
smtpd_sasl_path = private/auth-client
smtpd_sasl_local_domain = ******.net
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_tls_auth_only = no
smtp_tls_security_level = may
smtpd_tls_security_level = may
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
/etc/default/saslauthd:
Code:
START=yes
MECHANISMS="shadow"
OPTIONS="-c -m /var/run/saslauthd"
If you need more than this let me know, I tried to take what I thought was pertinent.

According to the error log, I get this-
Code:
Jan  3 10:38:44 Maverux postfix/smtpd[15338]: Anonymous TLS connection established from ***.***.com[xxx.xxx.xxx.xxx]: TLSv1 with cipher AES128-SHA (128/128 bits)
Jan  3 10:38:44 Maverux postfix/smtpd[15338]: warning: SASL authentication failure: no secret in database
Jan  3 10:38:44 Maverux postfix/smtpd[15338]: warning: ***.***.com[xxx.xxx.xxx.xxx]: SASL NTLM authentication failed: authentication failure
Jan  3 10:38:44 Maverux postfix/smtpd[15338]: warning: SASL authentication failure: realm changed: authentication aborted
Jan  3 10:38:44 Maverux postfix/smtpd[15338]: warning: ***.***.com[xxx.xxx.xxx.xxx]: SASL DIGEST-MD5 authentication failed: authentication failure
Jan  3 10:38:44 Maverux postfix/smtpd[15338]: warning: ***.***.com[xxx.xxx.xxx.xxx]: SASL LOGIN authentication failed: authentication failure
Jan  3 10:38:44 Maverux postfix/smtpd[15338]: lost connection after AUTH from ***.***.com[xxx.xxx.xxx.xxx]
Jan  3 10:38:44 Maverux postfix/smtpd[15338]: disconnect from ***.***.com[xxx.xxx.xxx.xxx]
However, if I do a testsaslauthd-
Code:
root@Maverux:~# testsaslauthd -u ****** -p ****** -r ******.net -s smtp
0: OK "Success."
Anyone have any ideas?

EDIT: A bit more information, it is not running chrooted, and here's a telnet & ehlo.
Code:
220 Maverux.******.net ESMTP
ehlo ******.com
250-Maverux.******.net
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN DIGEST-MD5 NTLM PLAIN CRAM-MD5
250-AUTH=LOGIN DIGEST-MD5 NTLM PLAIN CRAM-MD5
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

Last edited by Mavman; 01-03-2011 at 02:18 PM.
 
Old 01-03-2011, 05:37 PM   #2
Mavman
Member
 
Registered: Mar 2008
Location: Wasilla, Alaska
Distribution: CentOS
Posts: 36

Original Poster
Rep: Reputation: 1
Embarrassed to put this one in, but to save anyone else who might be suffering from this I might as well spare them.

I'm not using smtpd_sasl_type = dovecot
I'm using cyrus. Apparently in my early screwing around before everything else was really set up I must have jumped the gun with troubleshooting.

So, I fixed smtpd_sasl_path to be 'smtpd' to go along with the type of cyrus. My own fault.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix and Cyrus Sasl - LOGIN Problem vickyk Linux - Newbie 1 01-06-2010 03:10 AM
postfix cyrus sasl md5 problem xiutuo Linux - Server 3 09-14-2009 10:30 AM
Sendmail Cyrus SASL authentication problem demith Linux - Software 0 11-15-2006 02:19 AM
cyrus-sasl authentication problem nobu Red Hat 1 11-01-2005 06:54 PM


All times are GMT -5. The time now is 07:57 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration