Re: [gentoo-user] POSTFIX and SASL

[John Jolet <john@jolet.net>]

On Wednesday 05 October 2005 10:17, Joe Strusz wrote:
> Ive read every forum on the site, and even ventured over the Wiki for
> even more redundant reading.  Ive read the entire postfix handbook,
> and still have not found an answer to this problem.  Its been two
> weeks now I haven't been able to send mail from outside the network
> to non local users.
>
> Heres my /etc/postfix/main.cf:
>
> alias_database = hash:/etc/mail/aliases
> alias_maps = hash:/etc/mail/aliases
> biff = no
> broken_sasl_auth_clients = yes
> command_directory = /usr/sbin
> config_directory = /etc/postfix
> content_filter = smtp-amavis:[127.0.0.1]:10024
> daemon_directory = /usr/lib/postfix
> debug_peer_level = 2
> default_destination_concurrency_limit = 2
> empty_address_recipient = MAILER-DAEMON
> home_mailbox = .maildir/
> html_directory = no
> inet_interfaces = all
> local_destination_concurrency_limit = 2
> mail_owner = postfix
> mailq_path = /usr/bin/mailq
> manpage_directory = /usr/share/man
> mydestination = op, op.$mydomain, $mydomain
> mydomain = mydomain.com
> myhostname = op.mydomain.com
> mynetworks = 192.168.1.0/24, 127.0.0.0/8, *.*.*.*(my WAN ip)
> newaliases_path = /usr/bin/newaliases
> queue_directory = /var/spool/postfix
> queue_minfree = 120000000
> readme_directory = /usr/share/doc/postfix-2.1.5-r2/readme
> sample_directory = /etc/postfix
> sendmail_path = /usr/sbin/sendmail
> setgid_group = postdrop
> smtp_use_tls = yes
> smtpd_data_restrictions = reject_unauth_pipelining
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_local_domain =
> smtpd_sasl_security_options = noanonymous
> smtpd_tls_CAfile = /etc/ssl/postfix/server.pem
> smtpd_tls_cert_file = /etc/ssl/postfix/server.crt
> smtpd_tls_key_file = /etc/ssl/postfix/server.key
> smtpd_tls_loglevel = 3
> smtpd_tls_received_header = yes
> smtpd_tls_session_cache_timeout = 3600s
> smtpd_use_tls = yes
> tls_random_source = dev:/dev/urandom
> unknown_local_recipient_reject_code = 450
> virtual_alias_domains = myvirtual.com
> virtual_alias_maps = hash:/etc/postfix/virtual

and these: smtpd_recipient_restrictions = permit_mynetworks,
                               permit_sasl_authenticated,
                               reject_unauth_destination
>
>
> And heres /etc/sasl2/smtpd.conf:
>
> pwcheck_method: saslauthd
> mech_list: plain login
>
> And heres /etc/conf.d/saslauthd:
>
> # $Id: saslauthd.sysconfig,v 1.1 2001/05/02 10:55:48 wiget Exp $
> # Authentications mechanism (for list see saslauthd -v)
> SASL_AUTHMECH=pam
>
>
> # Hostname for remote IMAP server (if rimap auth mech is used)
> # Ldap configuration file (if ldap auth mech is used)
> SASL_MECH_OPTIONS=
>
>
> # Extra options (for list see saslauthd -h)
> SASLAUTHD_OPTS=
>
>
> And last but not least, heres a description of the problem...
>
> TLS and everything else works great.  However as soon as I check that
> little box in outlook express that says "my smtp server requires
> authentication" on the client whom worsk out of the office on home
> internet lines.. the password box keeps reappearing, and accepting
> any passwords... i ran the line "saslpasswd2 -c username" to no
> avail.  Same issue.
>
> Postfix was compiled with SASL support:
>
> [ebuild   R   ] mail-mta/postfix-2.1.5-r2  -ipv6 -ldap -mailwrapper
> -mbox +mysql +pam -postgres +sasl (-selinux) +ssl -vda 0 kB
>
> And when i telnet to 25 and issue the ehlo command, i do get AUTH
> PLAIN lines...
>
> whats going on?
>
> please help
>
> im racking my brains.
>
>
>
>
> Joe Strusz
>
> IT Assistant
> Oxford Publishing, Inc.
> 307 West Jackson Avenue
> Oxford, MS 38655-2154
> 800-247-3881
> 662-236-5510x40
> jstrusz@oxpub.com
> http://www.nightclub.com

-- 
John Jolet
Your On-Demand IT Department
512-762-0729
www.jolet.net
john@jolet.net
-- 
gentoo-user@gentoo.org mailing list