Postfix / SASL2 login fail
For the last few weeks my mail server has been very happy with just allowing ip/networks to relay mail. However, as things start to grow the thought of updating the main.cf each time to allow another ip is just not reasonable and not to mention the problem if someone wants to send mail from dynamic ip.
SASL2//SASL-authdeamon//SASL-authdeamon-auxprop So i decided to setup sasl2 for mail relay control. so i setup my smtpd.conf in /usr/local/lib/sasl2 Code:
pwcheck_method: auxprop id - is the username. Add the proper lines to main.cf Code:
# Enable Support for sasl/sasl2 restart postfix Fire up evoltion and my login fails. Here is what shows up in my log files. maillog Code:
postfix/smtpd[78891]: > unknown[192.168.2.222]: 220 BOX3.TheEsolution.com ESMTP Postfix Code:
postfix/smtpd[78891]: xsasl_cyrus_server_first: sasl_method PLAIN, init_response AGZyZWRkeUB0aGVlc29sdXRpb24uY29tAGlsZWFuYQ== postfix/smtpd: auxpropfunc error invalid parameter supplied Is there something im missing in the smptd.con? Any help/pointers appreciated. thanks |
This looks like when sasl has put its named socket (mux) in the wrong place. Or postfix is looking for it in the wrong place. Or the directory where it exists has the wrong permissions.
On the debian box I just ssh'ed into it is located in: /var/spool/postfix/var/run/saslauthd If it wasn't chrooted it would be: /var/run/saslauthd And from the man page for saslauthd /var/state/saslauthd Make sure the damned thing exists, I have seen saslauthd show up in ps without creating the named socket. Then try to find out where your mta expects to find it. You can change the location on start up of saslauthd with the "-m" switch, look at start up script for saslauthd. This might also give clues as to where you might find it. As a side note I would do some testing with a couple of user accounts before adding sql users to the mix. You could test it by removing your local network from mynetworks (stopping local relaying). Then once you can get sasl to authenticate, then migrate to a sql backend. What happens when you telnet into your mail server? You might find some clues there as well. Something like this: telnet ip.of.my.server 25 Then: ehlo localhost And see what services it offers. |
All times are GMT -5. The time now is 05:31 AM. |