LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 05-14-2009, 05:38 AM   #1
ddaas
Member
 
Registered: Oct 2004
Location: Romania
Distribution: Ubuntu server, FreeBsd
Posts: 453

Rep: Reputation: 30
postfix/dovecot - sasl authentication works no more


Hello everybody,
I am running FreeBSD with posftix and dovecot. There virtual domains and users and postfix authenticates users using sasl and dovecot.
Today I've performed a server upgrade and sasl authentication works no more. It worked for the last 4 months without problems.

In postfix logs I get
Code:
May 14 13:34:21 sfdsa postfix/smtpd[1345]: warning: SASL: Connect to smtpd failed: No such file or directory
May 14 13:34:21 sfdsa postfix/smtpd[1345]: fatal: no SASL authentication mechanisms
postfix is running, dovecot is running, saslauthd is running.

For me everything seems ok, what file or directory has been changed and can not be found anymore?

Please help me if you can, this is a production server.

Many thanks
 
Old 05-14-2009, 05:58 AM   #2
ddaas
Member
 
Registered: Oct 2004
Location: Romania
Distribution: Ubuntu server, FreeBsd
Posts: 453

Original Poster
Rep: Reputation: 30
If it helps:

postconf -n
Code:
command_directory = /usr/local/sbin
config_directory = /usr/local/etc/postfix
daemon_directory = /usr/local/libexec/postfix
data_directory = /var/db/postfix
debug_peer_level = 2
debug_peer_list = softexp.ro
header_checks = regexp:/usr/local/etc/postfix/header_checks
html_directory = no
mail_owner = postfix
mailq_path = /usr/local/bin/mailq
manpage_directory = /usr/local/man
myhostname = mail.softexp.ro
mynetworks_style = host
newaliases_path = /usr/local/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
sample_directory = /usr/local/etc/postfix
sendmail_path = /usr/local/sbin/sendmail
setgid_group = maildrop
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_invalid_hostname permit
smtpd_recipient_restrictions = reject_non_fqdn_sender reject_non_fqdn_recipient permit_mynetworks  permit_sasl_authenticated  reject_unauth_destination reject_sender_login_mismatch reject_invalid_hostname  reject_unknown_recipient_domain reject_unverified_recipient check_sender_access hash:/usr/local/etc/postfix/access_sender check_helo_access pcre:/usr/local/etc/postfix/helo_checks  reject_unknown_sender_domain reject_rbl_client zen.spamhaus.org, reject_rhsbl_sender    dsn.rfc-ignorant.org  permit
smtpd_sasl_auth_enable = yes
smtpd_sender_restrictions = reject_unknown_sender_domain, reject_non_fqdn_sender, permit
soft_bounce = no
unknown_local_recipient_reject_code = 550
virtual_alias_maps = hash:/usr/local/etc/postfix/valias.txt
virtual_gid_maps = static:1000
virtual_mailbox_base = /var/spool/vmail
virtual_mailbox_domains = /usr/local/etc/postfix/vhost.txt
virtual_mailbox_maps = hash:/usr/local/etc/postfix/vmaps.txt
virtual_uid_maps = static:1000
and dovecot -n
Code:
# 1.1.11: /usr/local/etc/dovecot.conf
# OS: FreeBSD 7.0-RELEASE amd64  ufs
base_dir: /var/run/dovecot/
log_path: /var/log/dovecot.log
info_log_path: /var/log/dovecot.info
protocols: imap imaps pop3 pop3s
ssl_disable: yes
disable_plaintext_auth: no
login_dir: /var/run/dovecot/login
login_executable(default): /usr/local/libexec/dovecot/imap-login
login_executable(imap): /usr/local/libexec/dovecot/imap-login
login_executable(pop3): /usr/local/libexec/dovecot/pop3-login
login_greeting_capability(default): yes
login_greeting_capability(imap): yes
login_greeting_capability(pop3): no
verbose_proctitle: yes
first_valid_uid: 1000
first_valid_gid: 1000
mail_privileged_group: mail
mail_location: maildir:/var/spool/vmail/%d/%n
mail_executable(default): /usr/local/libexec/dovecot/imap
mail_executable(imap): /usr/local/libexec/dovecot/imap
mail_executable(pop3): /usr/local/libexec/dovecot/pop3
mail_plugin_dir(default): /usr/local/lib/dovecot/imap
mail_plugin_dir(imap): /usr/local/lib/dovecot/imap
mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3
imap_client_workarounds(default): delay-newmail netscape-eoh tb-extra-mailbox-sep
imap_client_workarounds(imap): delay-newmail netscape-eoh tb-extra-mailbox-sep
imap_client_workarounds(pop3): 
pop3_client_workarounds(default): 
pop3_client_workarounds(imap): 
pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh
auth default:
  mechanisms: plain login
  username_format: %Lu
  passdb:
    driver: pam
    args: session=yes dovecot
  passdb:
    driver: passwd-file
    args: /usr/local/etc/dovecot_passwd
  userdb:
    driver: passwd
    args: blocking=yes
  userdb:
    driver: passwd-file
    args: /usr/local/etc/dovecot_users
  socket:
    type: listen
    client:
      path: /var/run/dovecot/auth-client
      mode: 432
    master:
      path: /var/run/dovecot/auth-master
      mode: 384
 
Old 05-14-2009, 09:43 AM   #3
datopdog
Member
 
Registered: Feb 2008
Location: JHB South Africa
Distribution: Centos, Kubuntu, Cross LFS, OpenSolaris
Posts: 806

Rep: Reputation: 41
postfix cannot find your smtpd.conf file which has the sasl mechs configured in.
 
Old 05-14-2009, 10:50 AM   #4
chitambira
Member
 
Registered: Oct 2008
Location: Fife
Distribution: RHEL, Centos
Posts: 373
Blog Entries: 1

Rep: Reputation: 49
# locate smtpd.conf
 
Old 05-14-2009, 01:53 PM   #5
ddaas
Member
 
Registered: Oct 2004
Location: Romania
Distribution: Ubuntu server, FreeBsd
Posts: 453

Original Poster
Rep: Reputation: 30
I found that file in /usr/lib/sasl2/smtpd.conf and /usr/lib/sasl2

Its content is:

log_level:3
pwcheck_method: saslauthd
mech_list: plain login

Does postfix looks for the file in another location?
How can I tell postfix to look in the correct location?
I've added in main.cf:
smtpd_sasl_path = smtpd


Any ideas?

Thanks
 
Old 05-15-2009, 02:10 AM   #6
datopdog
Member
 
Registered: Feb 2008
Location: JHB South Africa
Distribution: Centos, Kubuntu, Cross LFS, OpenSolaris
Posts: 806

Rep: Reputation: 41
your postfix is built with the prefix /usr/local so this may help
Code:
mkdir -p /usr/local/lib/sasl2/
ln -s /usr/lib/sasl2/smtpd.conf /usr/local/lib/sasl2/smtpd.conf
 
Old 05-15-2009, 04:45 AM   #7
chitambira
Member
 
Registered: Oct 2008
Location: Fife
Distribution: RHEL, Centos
Posts: 373
Blog Entries: 1

Rep: Reputation: 49
- Did you recompile/rebuild postfix with sasl2 support on upgrade?
- Is saslauthd (daemon) really running? What is content of a directory /var/run/saslauthd/ and permissions?
- Whats the sasl config in your main.cf
Quote:
smtpd_recipient_restrictions = permit_sasl_authenticated,
permit_mynetworks, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain =
smtp_sasl_auth_enable = no
#smtpd_sasl_path = smtpd
smtpd_sasl_path=/var/run/saslauthd/mux
smtp_sasl_type =
Open your /usr/local/lib/sasl2/smtpd.conf and check if there is any trailing whitespace after the word "socket" in this file?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
SMTP authentication with postfix using sasl GuyWood13 Linux - Server 23 05-03-2011 03:29 PM
[SOLVED] SASL and TLS authentication problem in Postfix Mogget Linux - Server 1 03-31-2009 08:12 AM
Postfix SASL Authentication Failure linuxpyro Linux - Server 1 12-15-2008 09:29 PM
Temporary sasl authentication from outside network. Postfix. alex6666 Linux - Server 0 10-30-2008 09:25 AM
Postfix/SASL/MySQL "SASL LOGIN authentication failed" Temujin_12 Linux - Server 8 10-04-2008 10:37 PM


All times are GMT -5. The time now is 09:59 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration