postfix and xoauth2 (for gmail authentication)
Hi,
I'm facing what I think is a weird problem with postfix and xoauth2 and I'm not able to debug it. I have two machines, my laptop and my home server, both running updated slackware 15. Since I use different email accounts, personal ones with my domain (hosted on my home server) and some gmail accounts for work, on my laptop I set up postfix to relay messages sent from my gmail accounts through gmail and messages sent from my personal accounts through my home server. Since the authentication on gmail requires xoauth2, while my server requires a normal login (over TLS), my laptop postfix configuration uses two different transports, one with Code:
smtp_sasl_mechanism_filter = xoauth2 Code:
smtp_sasl_mechanism_filter = login I then use: Code:
smtp_sender_dependent_authentication I wrote a small deamon which periodically updates the access tokens of my gmail accounts and everything works perfectly fine. I wanted to replicate this setup on my home server but postfix here is not working. When using gmail to relay the messages everything seems to be working fine: the correct SASL mechanism is used, the appropriate username is sent to the gmail stmp server, but the response it gets form gmail causes a segfault. This is (the edited) /var/log/maillog Code:
postfix/smtp[40578]: smtp_sasl_authenticate: smtp.gmail.com[142.250.102.109]:587: SASL mechanisms XOAUTH2 In /var/log/messages I get: Code:
smtp[40578]: segfault at 4044 ip 00005653e92bbe20 sp 00007ffc7af69080 error 4 in smtp[5653e92ae000+f000] It seems like the xouth2 plugin is not working properly even though the plugin seems to be loaded and working: Code:
pluginviewer -c: I tried using a different cyrus plugin (sasl-xoauth2) but I wasn't able to get sasl to load it... Sorry for such a long post and thanks for your kind attention. Best, -- andrea |
I was eventually able to fix my problem, sort of... but I'm not marking this thread as solved because I believe I came to hit a slackware specific issue.
Now, the fact is that slackware already comes with a sasl plugin which provides the xoauth2 mechanism: libkgapi, a KDE library implementing APIs for various google services (gmail seems not to be included). I do not know why, but while on my laptop that plugin is loaded after cyrus-sasl-xoauth2 plugin (which thus seems to take the precedence over libkdexoauth2.so) on my sever it is the other way around: libkdexoauth2.so is loaded before cyrus-sasl-xoauth2. So postfix, through cyrus-sasl, is using it and that is causing postfix to segfault with a SIGSEGV. I do not use KDE, except for some minor services (basically kdeconnectd), so my sort of fix on my server was to get rid of libkdexoauth2.so, and that makes it possible to correctly relay email massages through smtp.gmail.com with xoauth2. I'm far from being an sasl expert, and I was not able to find any documented way to select which plugin to use for each service. But I think that, for a distribution like slackware, being able to use postfix to relay messages with xoauth2 through gmail is something useful. Presently it seems like this is possible only if you are lucky... I believe that further investigation of this issue would be useful. best, andrea |
All times are GMT -5. The time now is 09:44 PM. |