[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: Postfix SMTP Auth
- From: "Steve Cowles" <steve stevecowles com>
- To: <fedora-list redhat com>
- Subject: Re: Postfix SMTP Auth
- Date: Wed, 14 Jan 2004 09:41:48 -0600
----- Original Message -----
From: "Jason Wellman" <nimh netmagi net>
>
> Hey all,
>
> I have searched the mail archives and Google trying to solve my Postfix
> SMTP AUTH issue.
>
> I have read the document:
>
> /usr/share/doc/postfix-2.0.11/README-Postfix-SASL-RedHat.txt
>
> And performed all the tasks it outlines but I am getting the errors
> (hostnames edited of course):
>
> Jan 13 17:36:37 XXX postfix/smtpd[13820]: connect from XXX.net[1.1.1.1]
> Jan 13 17:36:37 XXX postfix/smtpd[13820]: warning: SASL authentication
> problem: unable to open Berkeley db /etc/sasldb2: No such file or
directory
> Jan 13 17:36:37 XXX postfix/smtpd[13820]: warning: SASL authentication
> problem: unable to open Berkeley db /etc/sasldb2: No such file or
directory
> Jan 13 17:36:37 XXX postfix/smtpd[13820]: warning: SASL authentication
> failure: no secret in database
> Jan 13 17:36:37 XXX postfix/smtpd[13820]: warning: XXX.net[1.1.1.1]:
> SASL CRAM-MD5 authentication failed
> Jan 13 17:37:31 XXX postfix/smtpd[13820]: lost connection after AUTH
> from XXX.net[1.1.1.1]
> Jan 13 17:37:31 XXX postfix/smtpd[13820]: disconnect from XXX.net[1.1.1.1]
>
It looks like you may have already perfromed some of the following tasks,
but I'm going to mention them anyway. The following works at my end.
1) Recompile postfix to support sasl version 2? i.e.
[scowles voyager scowles]$ rpm -q postfix
postfix-2.0.16-8.pcre.sasl2.tls.rh9
2) After adding users to /etc/sasldb2 using the saslpasswd2 command, did you
copy /etc/sasldb2 to the postfix chrooted etc directory? i.e.
/var/spool/postfix/etc
3) Define the auth method to be used in /usr/lib/sasl2/smtpd.conf. NOTE: I
do NOT run saslauthd
[scowles voyager sasl2]$ pwd
/usr/lib/sasl2
[scowles voyager sasl2]$ cat smtpd.conf
pwcheck_method: auxprop
realm: mail.mydomain.tld
4) Add the sasl related entries to /etc/postfix/main.cf
[scowles voyager postfix]$ pwd
/etc/postfix
[scowles voyager postfix]$ grep sasl main.cf
smtpd_sasl_auth_enable = yes
smtpd_sasl2_auth_enable = yes
smtpd_sasl_local_domain = mail.mydomain.tld
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
...and the following:
smtpd_recipient_restrictions =
[snip...]
permit_mynetworks
permit_sasl_authenticated
reject
Note the order of the permits. I allow users that match "mynetworks" to send
e-mail without authenticating.
Steve Cowles
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]