Download your favorite Linux distribution at LQ ISO.
Go Back > Forums > Linux Forums > Linux - Distributions > Debian
User Name
Debian This forum is for the discussion of Debian Linux.


  Search this Thread
Old 10-19-2004, 05:21 PM   #1
LQ Newbie
Registered: Jul 2003
Posts: 7

Rep: Reputation: 0
Arrow Postfix SMTP AUTH, Problem using saslauthd + pam


I'm at a loss as to what is wrong with my current mail server setup. I'm trying to setup postfix to use the saslauthd methos and check passwords against pam. Seams like a better method to me than using sasldb and copying the passwords into postfix's chroot everytime I add a new user. I have done this sevral times on other distros but.. for some reason I cant get it to work on Debian.

Currentaly here is what I have done.
installed postfix-tls, sasl2-bin + libs and modules)
edited /etc/default/saslauthd to start the daemon.
created var/run in the postfix chroot, moved the saslauthd directory from /var/run to /var/spool/postfix/var/run then linked it back to /var/run, added the postfix user to sasl group so it can read the files.
Created and copied /etc/pam.d/smtp to the directory /var/spool/postfix/etc/pam.d

My config's are as folows.

# START /etc/postfix/
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
append_at_myorigin = yes
append_dot_mydomain = no
myhostname = hostname.domain.tld # system handles mail for *.domain.tld
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = domain.tld, hostname.domain.tld, localhost.localhost, localhost
relayhost =
transport_maps = hash:/etc/postfix/transport # system uses a smarthost
mynetworks =
home_mailbox = .maildir/
mailbox_command = /usr/bin/procmail
mailbox_size_limit = 0
recipient_delimiter = +

smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname  # wonderng about this..
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, check_relay_domains

smtpd_tls_auth_only = no
smtp_use_tls = no
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/postfix_key.pem
smtpd_tls_cert_file = /etc/postfix/ssl/postfix_cert.pem
smtpd_tls_CAfile = /etc/postfix/ssl/ca_cert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom


# START /etc/postfix/sasl/smtpd.conf
pwcheck_method: saslauthd
mech_list: PLAIN
minimum_layer: 0
auto_transition: no


# START /var/spool/postfix/etc/pam.d/smtp (root:root,644)
auth            sufficient
auth            required use_first_pass
account         sufficient
account         required use_first_pass
password        sufficient
password        required use_first_pass
session         required


the logs say..

Oct 19 14:59:02 loki postfix/smtpd[2640]: connect from unknown[]
Oct 19 14:59:06 loki postfix/smtpd[2640]: warning: SASL authentication failure: Password verification failed
I have tried username, username@domain.tld, and username@hostname.domain.tld and all of them fail.. The problem is either that saslauthd can't check against pam.. or that postfix cant check saslauthd.

Is there a way to test that saslauthd is actualy checking pam, without using postfix?
Are there any errors in my configs?

Thanks in advance.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
postfix and smtp auth FragInHell Linux - Software 2 10-05-2005 06:23 AM
SuSE 9 Postfix SMTP-AUTH Probs... thetimp2003 Linux - Software 1 05-11-2004 02:33 PM
Postfix SMTP Auth Failure pembo13 Linux - Networking 1 02-09-2004 09:08 AM
Postfix 2.X SMTP AUTH Success Story ckmehta Fedora 0 01-23-2004 07:28 PM
Postfix SMTP AUTH NetScripter Linux - Software 0 10-23-2002 01:53 AM > Forums > Linux Forums > Linux - Distributions > Debian

All times are GMT -5. The time now is 02:20 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration