Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
Hi I'm trying to get postfix working with smtp authentication using sasl.
I have the following packages installed:
I have recompiled postfix by doing the following:
<postfix src dir># make tidy
<postfix src dir># make makefiles CCARGS="-DUSE_SASL_AUTH -I/usr/include/sasl" AUXLIBS="-L/usr/lib -lsasl2" (I have checked these are the correct dir's)
<postfix src dir># postfix stop
<postfix src dir># make install
(and all seems okay to this point)
I then add the following lines to the /etc/postfix/main.cf file
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination
Then I start postfix again and to test, I try telnet the localhost on port 25 so I can run an ehlo command and see if AUTH is there. But, when I do this it just hangs.
Soooooooooooo I checked the logs and it can't spawn the smtp daemon (as below):
Mar 18 23:30:35 mailserver postfix/smtpd: warning: unsupported SASL server implementation: cyrus
Mar 18 23:30:35 mailserver postfix/smtpd: fatal: SASL per-process initialization failed
Mar 18 23:30:36 mailserver postfix/master: warning: process /usr/libexec/postfix/smtpd pid 3680 exit status 1
Mar 18 23:30:36 mailserver postfix/master: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
I am having this same problem in both FC6 and Suse Enterprise 10.
Any ideas? The CBT I am following for this shows this up and running (with suse)
Thanks Berhanie, you were right... Managed to get SASL running now!
Unfortunately though, I can't get a remote client to authenticate now. After I recompiled postfix and got it working with sasl in the corrent manner, I did the following:
# vi /usr/lib/sasl2/smtpd.conf
mech_list: plain login
<write + quit>
# service saslauthd start
# postfix reload (for good measure)
Now again according to the CBT I am using and the postfix documentation, this should just work for plain authentication when somebody tries to relay using smtp. But its not When I try authenticate, it doesn't accept my username/password as stated in the /etc/passwd and /etc/shadow files...
The logs show the following when I try send an email from remote client using outlook/thunderbird.
Mar 20 00:39:46 mailserver postfix/smtpd: connect from 123-123-123-123.cable.ubr10.blah.ISPprovider.co.uk[184.108.40.206]
Mar 20 00:39:46 mailserver postfix/smtpd: warning: 123-123-123-123.cable.ubr10.blah.ISPprovider.co.uk[220.127.116.11]: SASL LOGIN authentication failed: authentication failure
Mar 20 00:39:46 mailserver postfix/smtpd: lost connection after AUTH from 123-123-123-123.cable.ubr10.blah.ISPprovider.co.uk[18.104.22.168]
Mar 20 00:39:46 mailserver postfix/smtpd: disconnect from 123-123-123-123.cable.ubr10.blah.ISPprovider.co.uk[22.214.171.124]
Have I missed a step along the way here?
As I said, i am trying to authenticate using the username and password in the /etc/passwd and /etc/shadow files. All the relevant firewall ports are open. I am definetely using the right password :-)
For saslauthd to check the shadow file, it needs to be called with '-a shadow'. On redhat, you can do it with MECH=shadow in /etc/sysconfig/saslauthd. By default, it's MECH=pam, which may end up doing the same thing, depending on your pam config. Also, you can set FLAGS=-d in the same file to turn on debugging.
Also, when I add FLAGS=-d to the /etc/sysconfig/saslauthd file, it messes the service up and won't start, restart, stop or anything.
saslauthd just doesn't go into the background when you do that, so you can see the authentication attempts on the screen. Keep the FLAGS=-d, start saslauthd, open another terminal, run "testsaslauthd -u username -p password", and watch the first terminal for clues.
Woooooohooooo, I've managed to obtain some working'ness. I've managed to get SMTP authentication using sasl to work with my suse installation. All the latest testing/attempts had been done with FC but with suse, the changes work! See below:
Mar 22 01:34:51 mailserver postfix/smtpd: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
Mar 22 01:34:51 mailserver postfix/smtpd: connect from 123-123-123-123.cable.ubr10.blah.ISPprovider.co.uk[126.96.36.199]
Mar 22 01:34:51 mailserver postfix/smtpd: 61A6CF824D: client=123-123-123-123.cable.ubr10.blah.ISPprovider.co.uk[188.8.131.52], sasl_method=PLAIN, sasl_username=guy
Mar 22 01:34:51 mailserver postfix/cleanup: 61A6CF824D: message-id=<47E46279.email@example.com>
Mar 22 01:34:51 mailserver postfix/qmgr: 61A6CF824D: from=<firstname.lastname@example.org>, size=592, nrcpt=1 (queue active)
Mar 22 01:34:51 mailserver postfix/smtpd: disconnect from 123-123-123-123.cable.ubr10.blah.ISPprovider.co.uk[184.108.40.206]
Mar 22 01:34:51 mailserver postfix/smtp: 61A6CF824D: to=<email@example.com>, relay=smtp.myrelay.co.uk[123.123.456.456]:25, delay=0.14, delays=0.02/0.01/0.08/0.04, dsn=2.0.0, status=sent (250 OK id=1Jcscn-000594-US)
Mar 22 01:34:51 mailserver postfix/qmgr: 61A6CF824D: removed
Just thought I'd share some working logs for a change! :-)
Now although this works, the following test still fails:
We know that the problem is with saslauthd, since not even testsaslauthd works. You should search the logs if you haven't already (e.g. grep -r saslauthd /var/log). You should also have selinux turned off. Apart from that, I don't have any ideas.
By the way, why did you have to compile postfix? Isn't the Fedora rpm already compiled against the cyrus libraries?