Hey guys, for the life of me I can not figure this out. I'm still on the newer side of Linux services and thought that building a mail server would be a great way to figure out how it all works from a Linux point of view.
I'm running Ubuntu Maverick (10.10) 64-bit Server edition.
At the moment, I'm trying to get Postfix to authenticate users using shadow with TLS.
What I've got so far is -
smtpd.conf:
Code:
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
main.cf:
Code:
myhostname = Maverux.******.net
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = Maverux.******.net, ******.net, Maverux, mail.******.net, localhost.localdomain, localhost
relayhost =
mynetworks = 127.0.0.0/8, 192.168.1.0/24, xxx.xxx.xxx.xxx/32, xxx.xxx.xxx.xxx/32
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
smtpd_sasl_type = cyrus
smtpd_sasl_path = private/auth-client
smtpd_sasl_local_domain = ******.net
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_tls_auth_only = no
smtp_tls_security_level = may
smtpd_tls_security_level = may
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
/etc/default/saslauthd:
Code:
START=yes
MECHANISMS="shadow"
OPTIONS="-c -m /var/run/saslauthd"
If you need more than this let me know, I tried to take what I thought was pertinent.
According to the error log, I get this-
Code:
Jan 3 10:38:44 Maverux postfix/smtpd[15338]: Anonymous TLS connection established from ***.***.com[xxx.xxx.xxx.xxx]: TLSv1 with cipher AES128-SHA (128/128 bits)
Jan 3 10:38:44 Maverux postfix/smtpd[15338]: warning: SASL authentication failure: no secret in database
Jan 3 10:38:44 Maverux postfix/smtpd[15338]: warning: ***.***.com[xxx.xxx.xxx.xxx]: SASL NTLM authentication failed: authentication failure
Jan 3 10:38:44 Maverux postfix/smtpd[15338]: warning: SASL authentication failure: realm changed: authentication aborted
Jan 3 10:38:44 Maverux postfix/smtpd[15338]: warning: ***.***.com[xxx.xxx.xxx.xxx]: SASL DIGEST-MD5 authentication failed: authentication failure
Jan 3 10:38:44 Maverux postfix/smtpd[15338]: warning: ***.***.com[xxx.xxx.xxx.xxx]: SASL LOGIN authentication failed: authentication failure
Jan 3 10:38:44 Maverux postfix/smtpd[15338]: lost connection after AUTH from ***.***.com[xxx.xxx.xxx.xxx]
Jan 3 10:38:44 Maverux postfix/smtpd[15338]: disconnect from ***.***.com[xxx.xxx.xxx.xxx]
However, if I do a testsaslauthd-
Code:
root@Maverux:~# testsaslauthd -u ****** -p ****** -r ******.net -s smtp
0: OK "Success."
Anyone have any ideas?
EDIT: A bit more information, it is not running chrooted, and here's a telnet & ehlo.
Code:
220 Maverux.******.net ESMTP
ehlo ******.com
250-Maverux.******.net
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN DIGEST-MD5 NTLM PLAIN CRAM-MD5
250-AUTH=LOGIN DIGEST-MD5 NTLM PLAIN CRAM-MD5
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN