Latest LQ Deal: Latest LQ Deals
Go Back > Forums > Linux Forums > Linux - Server
User Name
Linux - Server This forum is for the discussion of Linux Software used in a server related context.


  Search this Thread
Old 12-15-2008, 07:57 PM   #1
Registered: Apr 2004
Distribution: Gentoo
Posts: 134

Rep: Reputation: 16
Postfix SASL Authentication Failure

I am having an issue getting Postfix to do SMTP authentication via SASL and PAM on Debian Etch. First of all, here are the SASL-related lines in

smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = /etc/postfix/sasl:/usr/lib/sasl2
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,check_relay_domains
#smtpd_recipient_restrictions = permit_mynetworks,check_relay_domains
inet_interfaces = all
Next, here is my /etc/postfix/sasl/smtpd.conf:

pwcheck_method: saslauthd
mech_list: plain login

In /etc/default/saslauthd:

# Should saslauthd run automatically on startup? (default: no)

# Which authentication mechanisms should saslauthd use? (default: pam)
# Available options in this Debian package:
# getpwent  -- use the getpwent() library function
# kerberos5 -- use Kerberos 5
# pam       -- use PAM
# rimap     -- use a remote IMAP server
# shadow    -- use the local shadow password file
# sasldb    -- use the local sasldb database file
# ldap      -- use LDAP (configuration is in /etc/saslauthd.conf)
# Only one option may be used at a time. See the saslauthd man page
# for more information.
# Example: MECHANISMS="pam"
#MECHANISMS="rimap -O localhost"

# Additional options for this mechanism. (default: none)
# See the saslauthd man page for information about mech-specific options.

# How many saslauthd processes should we run? (default: 5)
# A value of 0 will fork a new process for each connection.

# Other options (default: -c)
# See the saslauthd man page for information about these options.
# Example for postfix users: "-c -m /var/spool/postfix/var/run/saslauthd"
# Note: See /usr/share/doc/sasl2-bin/README.Debian

PARAMS="-m /var/spool/postfix/var/run/saslauthd -r"
Now, given this I can use testsaslauthd to successfully authenticate my username and password with saslauthd running. However, when I try to send Email through Postfix with the same credentials Evolution gives me a "Bad authentication response from server" error, and in /var/log/maillog I find this:

Dec 16 09:01:57 clamato postfix/smtpd[16619]: warning: SASL authentication failure: Password verification failed
Dec 16 09:01:57 clamato postfix/smtpd[16619]: warning:[]: SASL PLAIN authentication failed: authentication failure
Meanwhile, in /var/log/auth.log all I get is this:

Dec 16 08:55:10 clamato saslauthd[16517]: detach_tty      : master pid is: 16517
Dec 16 08:55:10 clamato saslauthd[16517]: ipc_init        : listening on socket: /var/run/saslauthd/mux
I am not running Postfix in a chroot, so it should be able to see /var/run/saslauthd/mux. Since I can authenticate against SASL via the command line I'm pretty sure it's not the problem. I was getting an error about not being able to find /usr/lib/sasl2, but that stopped after I added the smtpd_sasl_path = /etc/postfix/sasl:/usr/lib/sasl2 line to

Anyone have any ideas?
Old 12-15-2008, 09:29 PM   #2
LQ Guru
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
Perhaps a snippet from my startup in CentOS will help
if [ -f /etc/sysconfig/saslauthd ] ; then
        . /etc/sysconfig/saslauthd


# Set up some common variables before we launch into what might be
# considered boilerplate by now.

# Ugh. Switch to a specific copy of saslauthd if there's one with $MECH
# in its name, in case it wasn't included in the base cyrus-sasl package
# because it would have dragged in too many undesirable dependencies.
if test -x ${path}.${MECH} ; then

start() {
        echo -n $"Starting $prog: "
        daemon $path -m $SOCKETDIR -a $MECH $FLAGS
        [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
        return $RETVAL


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
SMTP authentication with postfix using sasl GuyWood13 Linux - Server 23 05-03-2011 03:29 PM
Postfix + SASL Authentication problem on Ubuntu Server 8.04 beusekom Linux - Server 3 11-14-2008 04:05 PM
Temporary sasl authentication from outside network. Postfix. alex6666 Linux - Server 0 10-30-2008 09:25 AM
Postfix/SASL/MySQL "SASL LOGIN authentication failed" Temujin_12 Linux - Server 8 10-04-2008 10:37 PM
Postfix - SASL LOGIN authentication failed micko_escalade Linux - Networking 1 02-03-2006 01:53 AM > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 02:36 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration