* [gentoo-user] POSTFIX and SASL
@ 2005-10-05 16:05 Joe Strusz
2005-10-05 16:31 ` kashani
0 siblings, 1 reply; 20+ messages in thread
From: Joe Strusz @ 2005-10-05 16:05 UTC (permalink / raw
To: gentoo-user
No, thats not it... what about master.cf? Could someone send me a
sample master.cf with SASL running?
>Date: Wed, 05 Oct 2005 10:55:45 -0500
>To: gentoo-user@lists.gentoo.org
>From: Joe Strusz <jstrusz@oxpub.com>
>Subject: Re: [gentoo-user] POSTFIX and SASL
>
>Could it be because Im receiving that 8BITMIME line instead of
>64BITMIME? Or is that normal?
>
>At 10:47 AM 10/5/2005, you wrote:
>>Again.. heres my postconf -n
>>
>>alias_database = hash:/etc/mail/aliases
>>alias_maps = hash:/etc/mail/aliases
>>biff = no
>>broken_sasl_auth_clients = yes
>>command_directory = /usr/sbin
>>config_directory = /etc/postfix
>>content_filter = smtp-amavis:[127.0.0.1]:10024
>>daemon_directory = /usr/lib/postfix
>>debug_peer_level = 2
>>default_destination_concurrency_limit = 2
>>empty_address_recipient = MAILER-DAEMON
>>home_mailbox = .maildir/
>>html_directory = no
>>inet_interfaces = all
>>local_destination_concurrency_limit = 2
>>mail_owner = postfix
>>mailq_path = /usr/bin/mailq
>>manpage_directory = /usr/share/man
>>mydestination = op, op.$mydomain, $mydomain
>>mydomain = mydomain.com
>>myhostname = op.mydomain.com
>>mynetworks = 192.168.1.0/24, 127.0.0.0/8, mywanIP
>>newaliases_path = /usr/bin/newaliases
>>queue_directory = /var/spool/postfix
>>queue_minfree = 120000000
>>readme_directory = /usr/share/doc/postfix-2.1.5-r2/readme
>>sample_directory = /etc/postfix
>>sendmail_path = /usr/sbin/sendmail
>>setgid_group = postdrop
>>smtp_use_tls = yes
>>smtpd_recipient_restrictions =
>>reject_invalid_hostname, reject_non_fqdn_hostname,
>>reject_non_fqdn_sender, reject_non_fqdn_recipient,
>>reject_unknown_sender_domain,
>>reject_unknown_recipient_domain, reject_unauth_pipelining,
>> permit_mynetworks,
>>permit_sasl_authenticated, reject_unauth_destination, permit
>>smtpd_sasl_auth_enable = yes
>>smtpd_sasl_local_domain =
>>smtpd_sasl_security_options = noanonymous
>>smtpd_tls_CAfile = /etc/ssl/postfix/server.pem
>>smtpd_tls_cert_file = /etc/ssl/postfix/server.crt
>>smtpd_tls_key_file = /etc/ssl/postfix/server.key
>>smtpd_tls_loglevel = 3
>>smtpd_tls_received_header = yes
>>smtpd_tls_session_cache_timeout = 3600s
>>smtpd_use_tls = yes
>>tls_random_source = dev:/dev/urandom
>>unknown_local_recipient_reject_code = 450
>>
>>Still popping up the user/pass dialog...
>>
>>Heres what i grabbed from /var/log/mail.info:
>>
>>
>>Oct 5 15:41:12 op postfix/smtpd[7964]: < unknown[64.89.173.227]:
>>EHLO ERROLSAYRE
>>Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]:
>>250-op.oxpub.com
>>Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]:
>>250-PIPELINING
>>Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]:
>>250-SIZE 10240000
>>Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]: 250-VRFY
>>Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]: 250-ETRN
>>Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]:
>>250-AUTH LOGIN PLAIN
>>Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]:
>>250-AUTH=LOGIN PLAIN
>>Oct 5 15:41:12 op postfix/smtpd[7964]: match_list_match: unknown: no match
>>Oct 5 15:41:12 op postfix/smtpd[7964]: match_list_match:
>>64.89.173.227: no match
>>Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]:
>>250 8BITMIME
>>Oct 5 15:41:12 op postfix/smtpd[7964]: watchdog_pat: 0x5555556e4608
>>Oct 5 15:41:12 op postfix/smtpd[7964]: < unknown[64.89.173.227]: AUTH LOGIN
>>Oct 5 15:41:12 op postfix/smtpd[7964]: smtpd_sasl_authenticate:
>>sasl_method LOGIN
>>Oct 5 15:41:12 op postfix/smtpd[7964]: smtpd_sasl_authenticate:
>>uncoded challenge: Username:
>>Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]:
>>334 VXNlcm5hbWU6
>>Oct 5 15:41:12 op postfix/smtpd[7964]: < unknown[64.89.173.227]:
>>anN0cnVzeg==
>>Oct 5 15:41:12 op postfix/smtpd[7964]: smtpd_sasl_authenticate:
>>decoded response: jstrusz
>>Oct 5 15:41:12 op postfix/smtpd[7964]: smtpd_sasl_authenticate:
>>uncoded challenge: Password:
>>Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]:
>>334 UGFzc3dvcmQ6
>>Oct 5 15:41:12 op postfix/smtpd[7964]: < unknown[64.89.173.227]:
>>dXAybEB0ZQ==
>>Oct 5 15:41:12 op postfix/smtpd[7964]: smtpd_sasl_authenticate:
>>decoded response: MY PLAIN TEXT PASSWORD
>>Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]:
>>535 Error: authentication failed
>>Oct 5 15:41:12 op postfix/smtpd[7964]: watchdog_pat: 0x5555556e4608
>>Oct 5 15:41:12 op postfix/smtpd[7964]: smtp_get: EOF
>>Oct 5 15:41:12 op postfix/smtpd[7964]: lost connection after AUTH
>>from unknown[64.89.173.227]
>>Oct 5 15:41:12 op postfix/smtpd[7964]: disconnect from
>>unknown[64.89.173.227]
>>Oct 5 15:41:12 op postfix/smtpd[7964]: master_notify: status 1
>>Oct 5 15:41:12 op postfix/smtpd[7964]: connection closed
>>
>>
>>Please help!
>>
>>
>>
>>
>>Joe Strusz
>>
>>IT Assistant
>>Oxford Publishing, Inc.
>>307 West Jackson Avenue
>>Oxford, MS 38655-2154
>>800-247-3881
>>662-236-5510x40
>>jstrusz@oxpub.com
>>http://www.nightclub.com
>>
>>
>>--
>>gentoo-user@gentoo.org mailing list
>
>
>Joe Strusz
>
>IT Assistant
>Oxford Publishing, Inc.
>307 West Jackson Avenue
>Oxford, MS 38655-2154
>800-247-3881
>662-236-5510x40
>jstrusz@oxpub.com
>http://www.nightclub.com
Joe Strusz
IT Assistant
Oxford Publishing, Inc.
307 West Jackson Avenue
Oxford, MS 38655-2154
800-247-3881
662-236-5510x40
jstrusz@oxpub.com
http://www.nightclub.com
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [gentoo-user] POSTFIX and SASL
2005-10-05 16:05 [gentoo-user] POSTFIX and SASL Joe Strusz
@ 2005-10-05 16:31 ` kashani
2005-10-05 17:04 ` Joe Strusz
0 siblings, 1 reply; 20+ messages in thread
From: kashani @ 2005-10-05 16:31 UTC (permalink / raw
To: gentoo-user
Joe Strusz wrote:
> No, thats not it... what about master.cf? Could someone send me a
> sample master.cf with SASL running?
sasl requires no changes to master.cf
what's an emerge -pv cyrus-sasl look like?
kashani
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [gentoo-user] POSTFIX and SASL
2005-10-05 16:31 ` kashani
@ 2005-10-05 17:04 ` Joe Strusz
2005-10-05 17:10 ` Joe Strusz
2005-10-05 18:54 ` kashani
0 siblings, 2 replies; 20+ messages in thread
From: Joe Strusz @ 2005-10-05 17:04 UTC (permalink / raw
To: gentoo-user
This is the result ov the emerge -pv cyrus-sasl
These are the packages that I would merge, in order:
Calculating dependencies ...done!
[ebuild R ] dev-libs/cyrus-sasl-2.1.20 +authdaemond +berkdb
+gdbm -java -kerberos -ldap -mysql +pam -postgres +ssl -static 0 kB
Total size of downloads: 0 kB
----- Original Message -----
From: "kashani" <kashani-list@badapple.net>
To: <gentoo-user@lists.gentoo.org>
Sent: Wednesday, October 05, 2005 11:31 AM
Subject: Re: [gentoo-user] POSTFIX and SASL
> Joe Strusz wrote:
>> No, thats not it... what about master.cf? Could someone send me a sample
>> master.cf with SASL running?
>
> sasl requires no changes to master.cf
>
> what's an emerge -pv cyrus-sasl look like?
>
> kashani
>
> --
> gentoo-user@gentoo.org mailing list
>
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [gentoo-user] POSTFIX and SASL
2005-10-05 17:04 ` Joe Strusz
@ 2005-10-05 17:10 ` Joe Strusz
2005-10-05 18:41 ` Joe Strusz
2005-10-05 18:54 ` kashani
1 sibling, 1 reply; 20+ messages in thread
From: Joe Strusz @ 2005-10-05 17:10 UTC (permalink / raw
To: gentoo-user
Heres the result of saslfinger -s:
op saslfinger-0.9.9.1 # saslfinger -s
saslfinger - postfix Cyrus sasl configuration Wed Oct 5 12:03:47 CDT 2005
version: 0.9.9.1
mode: server-side SMTP AUTH
-- basics --
Postfix: 2.1.5
System:
***************************************************************************
NOTICE TO USERS
This computer system is the private property of Oxford Publishing,
Inc., whether
individual, corporate or government. It is for authorized use only.
Users (authorized or unauthorized) have no explicit or implicit
expectation of privacy.
Any or all uses of this system and all files on this system may be
intercepted, monitored, recorded, copied, audited, inspected, and
disclosed to your employer, to authorized site, government, and law
enforcement personnel, as well as authorized officials of government
agencies, both domestic and foreign.
By using this system, the user consents to such interception, monitoring,
recording, copying, auditing, inspection, and disclosure at the
discretion of such personnel or officials. Unauthorized or improper use
of this system may result in civil and criminal penalties and
administrative or disciplinary action, as appropriate. By continuing to
use this system you indicate your awareness of and consent to these terms
and conditions of use. LOG OFF IMMEDIATELY if you do not agree to the
conditions stated in this warning.
****************************************************************************
-- smtpd is linked to --
libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x00002aaaab947000)
-- active SMTP AUTH and TLS parameters for smtpd --
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/ssl/postfix/server.pem
smtpd_tls_cert_file = /etc/ssl/postfix/server.crt
smtpd_tls_key_file = /etc/ssl/postfix/server.key
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
-- listing of /usr/lib/sasl2 --
total 724
drwxr-xr-x 2 root root 4096 Oct 5 09:09 .
drwxr-xr-x 31 root root 16384 Oct 5 09:09 ..
-rwxr-xr-x 1 root root 686 Oct 5 09:09 libanonymous.la
-rwxr-xr-x 1 root root 22912 Oct 5 09:09 libanonymous.so
-rwxr-xr-x 1 root root 22912 Oct 5 09:09 libanonymous.so.2
-rwxr-xr-x 1 root root 22912 Oct 5 09:09 libanonymous.so.2.0.20
-rwxr-xr-x 1 root root 674 Oct 5 09:09 libcrammd5.la
-rwxr-xr-x 1 root root 22944 Oct 5 09:09 libcrammd5.so
-rwxr-xr-x 1 root root 22944 Oct 5 09:09 libcrammd5.so.2
-rwxr-xr-x 1 root root 22944 Oct 5 09:09 libcrammd5.so.2.0.20
-rwxr-xr-x 1 root root 695 Oct 5 09:09 libdigestmd5.la
-rwxr-xr-x 1 root root 56096 Oct 5 09:09 libdigestmd5.so
-rwxr-xr-x 1 root root 56096 Oct 5 09:09 libdigestmd5.so.2
-rwxr-xr-x 1 root root 56096 Oct 5 09:09 libdigestmd5.so.2.0.20
-rwxr-xr-x 1 root root 670 Oct 5 09:09 liblogin.la
-rwxr-xr-x 1 root root 22912 Oct 5 09:09 liblogin.so
-rwxr-xr-x 1 root root 22912 Oct 5 09:09 liblogin.so.2
-rwxr-xr-x 1 root root 22912 Oct 5 09:09 liblogin.so.2.0.20
-rwxr-xr-x 1 root root 665 Oct 5 09:09 libntlm.la
-rwxr-xr-x 1 root root 39304 Oct 5 09:09 libntlm.so
-rwxr-xr-x 1 root root 39304 Oct 5 09:09 libntlm.so.2
-rwxr-xr-x 1 root root 39304 Oct 5 09:09 libntlm.so.2.0.20
-rwxr-xr-x 1 root root 670 Oct 5 09:09 libplain.la
-rwxr-xr-x 1 root root 22912 Oct 5 09:09 libplain.so
-rwxr-xr-x 1 root root 22912 Oct 5 09:09 libplain.so.2
-rwxr-xr-x 1 root root 22912 Oct 5 09:09 libplain.so.2.0.20
-rwxr-xr-x 1 root root 684 Oct 5 09:09 libsasldb.la
-rwxr-xr-x 1 root root 26992 Oct 5 09:09 libsasldb.so
-rwxr-xr-x 1 root root 26992 Oct 5 09:09 libsasldb.so.2
-rwxr-xr-x 1 root root 26992 Oct 5 09:09 libsasldb.so.2.0.20
-rw------- 1 root root 49 Oct 3 11:30 smtpd.conf
-- listing of /var/lib/sasl2 --
total 12
drwxr-xr-x 2 root root 4096 Oct 5 11:37 .
drwxr-xr-x 17 root root 4096 Sep 21 11:38 ..
-rw-r--r-- 1 root root 0 Oct 5 09:09 .keep
srwxrwxrwx 1 root root 0 Oct 5 11:37 mux
-rw------- 1 root root 0 Oct 5 11:37 mux.accept
-rw------- 1 root root 6 Oct 5 11:37 saslauthd.pid
-- listing of /usr/local/lib/sasl2 --
total 12
drwx------ 2 root root 4096 Oct 3 10:56 .
drwxr-xr-x 4 root root 4096 Sep 30 15:13 ..
-rw------- 1 root root 50 Oct 5 11:16 smtpd.conf
-- content of /usr/lib/sasl2/smtpd.conf --
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
-- content of /usr/local/lib/sasl2/smtpd.conf --
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
-- active services in /etc/postfix/master.cf --
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
smtp inet n - n - - smtpd -v
# -o smtpd_etrn_restrictions=reject
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
showq unix n - n - - showq
error unix - - n - - error
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
old-cyrus unix - n n - - pipe
flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
cyrus unix - n n - - pipe
user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-- mechanisms on localhost --
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
-- end of saslfinger output --
op saslfinger-0.9.9.1 #
COULD IT BE the amavis spam filter interfering?
i noticed the line -o smtpd_recipient_restriction=permit_mynetworks,reject
which is not how it is under /etc/postfix/main.cf... i dunno if thats
just for amavisd or what...
could someone please help and shed some insight on this?
At 12:04 PM 10/5/2005, you wrote:
>This is the result ov the emerge -pv cyrus-sasl
>
>These are the packages that I would merge, in order:
>
>Calculating dependencies ...done!
>[ebuild R ] dev-libs/cyrus-sasl-2.1.20 +authdaemond +berkdb
>+gdbm -java -kerberos -ldap -mysql +pam -postgres +ssl -static 0 kB
>
>Total size of downloads: 0 kB
>
>
>----- Original Message ----- From: "kashani" <kashani-list@badapple.net>
>To: <gentoo-user@lists.gentoo.org>
>Sent: Wednesday, October 05, 2005 11:31 AM
>Subject: Re: [gentoo-user] POSTFIX and SASL
>
>
>>Joe Strusz wrote:
>>>No, thats not it... what about master.cf? Could someone send me a
>>>sample master.cf with SASL running?
>>
>>sasl requires no changes to master.cf
>>
>>what's an emerge -pv cyrus-sasl look like?
>>
>>kashani
>>
>>--
>>gentoo-user@gentoo.org mailing list
>
>--
>gentoo-user@gentoo.org mailing list
Joe Strusz
IT Assistant
Oxford Publishing, Inc.
307 West Jackson Avenue
Oxford, MS 38655-2154
800-247-3881
662-236-5510x40
jstrusz@oxpub.com
http://www.nightclub.com
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 20+ messages in thread* Re: [gentoo-user] POSTFIX and SASL
2005-10-05 17:10 ` Joe Strusz
@ 2005-10-05 18:41 ` Joe Strusz
2005-10-05 18:46 ` Joe Strusz
0 siblings, 1 reply; 20+ messages in thread
From: Joe Strusz @ 2005-10-05 18:41 UTC (permalink / raw
To: gentoo-user
Ok, I guess apparently no one can help me with this....
Blargh
At 12:10 PM 10/5/2005, you wrote:
>Heres the result of saslfinger -s:
>
>op saslfinger-0.9.9.1 # saslfinger -s
>saslfinger - postfix Cyrus sasl configuration Wed Oct 5 12:03:47 CDT 2005
>version: 0.9.9.1
>mode: server-side SMTP AUTH
>
>-- basics --
>Postfix: 2.1.5
>System:
>***************************************************************************
> NOTICE TO USERS
>
>
>This computer system is the private property of Oxford Publishing,
>Inc., whether
>individual, corporate or government. It is for authorized use only.
>Users (authorized or unauthorized) have no explicit or implicit
>expectation of privacy.
>
>Any or all uses of this system and all files on this system may be
>intercepted, monitored, recorded, copied, audited, inspected, and
>disclosed to your employer, to authorized site, government, and law
>enforcement personnel, as well as authorized officials of government
>agencies, both domestic and foreign.
>
>By using this system, the user consents to such interception, monitoring,
>recording, copying, auditing, inspection, and disclosure at the
>discretion of such personnel or officials. Unauthorized or improper use
>of this system may result in civil and criminal penalties and
>administrative or disciplinary action, as appropriate. By continuing to
>use this system you indicate your awareness of and consent to these terms
>and conditions of use. LOG OFF IMMEDIATELY if you do not agree to the
>conditions stated in this warning.
>
>****************************************************************************
>
>-- smtpd is linked to --
> libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x00002aaaab947000)
>
>-- active SMTP AUTH and TLS parameters for smtpd --
>broken_sasl_auth_clients = yes
>smtpd_sasl_auth_enable = yes
>smtpd_sasl_local_domain =
>smtpd_sasl_security_options = noanonymous
>smtpd_tls_CAfile = /etc/ssl/postfix/server.pem
>smtpd_tls_cert_file = /etc/ssl/postfix/server.crt
>smtpd_tls_key_file = /etc/ssl/postfix/server.key
>smtpd_tls_loglevel = 3
>smtpd_tls_received_header = yes
>smtpd_tls_session_cache_timeout = 3600s
>smtpd_use_tls = yes
>
>
>-- listing of /usr/lib/sasl2 --
>total 724
>drwxr-xr-x 2 root root 4096 Oct 5 09:09 .
>drwxr-xr-x 31 root root 16384 Oct 5 09:09 ..
>-rwxr-xr-x 1 root root 686 Oct 5 09:09 libanonymous.la
>-rwxr-xr-x 1 root root 22912 Oct 5 09:09 libanonymous.so
>-rwxr-xr-x 1 root root 22912 Oct 5 09:09 libanonymous.so.2
>-rwxr-xr-x 1 root root 22912 Oct 5 09:09 libanonymous.so.2.0.20
>-rwxr-xr-x 1 root root 674 Oct 5 09:09 libcrammd5.la
>-rwxr-xr-x 1 root root 22944 Oct 5 09:09 libcrammd5.so
>-rwxr-xr-x 1 root root 22944 Oct 5 09:09 libcrammd5.so.2
>-rwxr-xr-x 1 root root 22944 Oct 5 09:09 libcrammd5.so.2.0.20
>-rwxr-xr-x 1 root root 695 Oct 5 09:09 libdigestmd5.la
>-rwxr-xr-x 1 root root 56096 Oct 5 09:09 libdigestmd5.so
>-rwxr-xr-x 1 root root 56096 Oct 5 09:09 libdigestmd5.so.2
>-rwxr-xr-x 1 root root 56096 Oct 5 09:09 libdigestmd5.so.2.0.20
>-rwxr-xr-x 1 root root 670 Oct 5 09:09 liblogin.la
>-rwxr-xr-x 1 root root 22912 Oct 5 09:09 liblogin.so
>-rwxr-xr-x 1 root root 22912 Oct 5 09:09 liblogin.so.2
>-rwxr-xr-x 1 root root 22912 Oct 5 09:09 liblogin.so.2.0.20
>-rwxr-xr-x 1 root root 665 Oct 5 09:09 libntlm.la
>-rwxr-xr-x 1 root root 39304 Oct 5 09:09 libntlm.so
>-rwxr-xr-x 1 root root 39304 Oct 5 09:09 libntlm.so.2
>-rwxr-xr-x 1 root root 39304 Oct 5 09:09 libntlm.so.2.0.20
>-rwxr-xr-x 1 root root 670 Oct 5 09:09 libplain.la
>-rwxr-xr-x 1 root root 22912 Oct 5 09:09 libplain.so
>-rwxr-xr-x 1 root root 22912 Oct 5 09:09 libplain.so.2
>-rwxr-xr-x 1 root root 22912 Oct 5 09:09 libplain.so.2.0.20
>-rwxr-xr-x 1 root root 684 Oct 5 09:09 libsasldb.la
>-rwxr-xr-x 1 root root 26992 Oct 5 09:09 libsasldb.so
>-rwxr-xr-x 1 root root 26992 Oct 5 09:09 libsasldb.so.2
>-rwxr-xr-x 1 root root 26992 Oct 5 09:09 libsasldb.so.2.0.20
>-rw------- 1 root root 49 Oct 3 11:30 smtpd.conf
>
>-- listing of /var/lib/sasl2 --
>total 12
>drwxr-xr-x 2 root root 4096 Oct 5 11:37 .
>drwxr-xr-x 17 root root 4096 Sep 21 11:38 ..
>-rw-r--r-- 1 root root 0 Oct 5 09:09 .keep
>srwxrwxrwx 1 root root 0 Oct 5 11:37 mux
>-rw------- 1 root root 0 Oct 5 11:37 mux.accept
>-rw------- 1 root root 6 Oct 5 11:37 saslauthd.pid
>
>-- listing of /usr/local/lib/sasl2 --
>total 12
>drwx------ 2 root root 4096 Oct 3 10:56 .
>drwxr-xr-x 4 root root 4096 Sep 30 15:13 ..
>-rw------- 1 root root 50 Oct 5 11:16 smtpd.conf
>
>
>
>
>-- content of /usr/lib/sasl2/smtpd.conf --
>pwcheck_method: saslauthd
>mech_list: PLAIN LOGIN
>
>-- content of /usr/local/lib/sasl2/smtpd.conf --
>pwcheck_method: saslauthd
>mech_list: PLAIN LOGIN
>
>
>
>-- active services in /etc/postfix/master.cf --
># service type private unpriv chroot wakeup maxproc command + args
># (yes) (yes) (yes) (never) (100)
>smtp inet n - n - - smtpd -v
> # -o smtpd_etrn_restrictions=reject
>pickup fifo n - n 60 1 pickup
>cleanup unix n - n - 0 cleanup
>qmgr fifo n - n 300 1 qmgr
>rewrite unix - - n - - trivial-rewrite
>bounce unix - - n - 0 bounce
>defer unix - - n - 0 bounce
>trace unix - - n - 0 bounce
>verify unix - - n - 1 verify
>flush unix n - n 1000? 0 flush
>proxymap unix - - n - - proxymap
>smtp unix - - n - - smtp
>relay unix - - n - - smtp
>showq unix n - n - - showq
>error unix - - n - - error
>local unix - n n - - local
>virtual unix - n n - - virtual
>lmtp unix - - n - - lmtp
>anvil unix - - n - 1 anvil
>maildrop unix - n n - - pipe
> flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
>old-cyrus unix - n n - - pipe
> flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
>cyrus unix - n n - - pipe
> user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
>uucp unix - n n - - pipe
> flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
> ($recipient)
>ifmail unix - n n - - pipe
> flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
>bsmtp unix - n n - - pipe
> flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop
> $recipient
>
>
>smtp-amavis unix - - n - 2 smtp
> -o smtp_data_done_timeout=1200
> -o smtp_send_xforward_command=yes
>
>127.0.0.1:10025 inet n - n - - smtpd
> -o content_filter=
> -o local_recipient_maps=
> -o relay_recipient_maps=
> -o smtpd_restriction_classes=
> -o smtpd_client_restrictions=
> -o smtpd_helo_restrictions=
> -o smtpd_sender_restrictions=
> -o smtpd_recipient_restrictions=permit_mynetworks,reject
> -o mynetworks=127.0.0.0/8
> -o strict_rfc821_envelopes=yes
> -o smtpd_error_sleep_time=0
> -o smtpd_soft_error_limit=1001
> -o smtpd_hard_error_limit=1000
>
>-- mechanisms on localhost --
>250-AUTH LOGIN PLAIN
>250-AUTH=LOGIN PLAIN
>
>
>-- end of saslfinger output --
>
>op saslfinger-0.9.9.1 #
>
>
>
>
>COULD IT BE the amavis spam filter interfering?
>
>i noticed the line -o smtpd_recipient_restriction=permit_mynetworks,reject
>
>which is not how it is under /etc/postfix/main.cf... i dunno if
>thats just for amavisd or what...
>
>
>could someone please help and shed some insight on this?
>
>
>At 12:04 PM 10/5/2005, you wrote:
>>This is the result ov the emerge -pv cyrus-sasl
>>
>>These are the packages that I would merge, in order:
>>
>>Calculating dependencies ...done!
>>[ebuild R ] dev-libs/cyrus-sasl-2.1.20 +authdaemond +berkdb
>>+gdbm -java -kerberos -ldap -mysql +pam -postgres +ssl -static 0 kB
>>
>>Total size of downloads: 0 kB
>>
>>
>>----- Original Message ----- From: "kashani" <kashani-list@badapple.net>
>>To: <gentoo-user@lists.gentoo.org>
>>Sent: Wednesday, October 05, 2005 11:31 AM
>>Subject: Re: [gentoo-user] POSTFIX and SASL
>>
>>
>>>Joe Strusz wrote:
>>>>No, thats not it... what about master.cf? Could someone send me
>>>>a sample master.cf with SASL running?
>>>
>>>sasl requires no changes to master.cf
>>>
>>>what's an emerge -pv cyrus-sasl look like?
>>>
>>>kashani
>>>
>>>--
>>>gentoo-user@gentoo.org mailing list
>>
>>--
>>gentoo-user@gentoo.org mailing list
>
>
>Joe Strusz
>
>IT Assistant
>Oxford Publishing, Inc.
>307 West Jackson Avenue
>Oxford, MS 38655-2154
>800-247-3881
>662-236-5510x40
>jstrusz@oxpub.com
>http://www.nightclub.com
>
>
>--
>gentoo-user@gentoo.org mailing list
Joe Strusz
IT Assistant
Oxford Publishing, Inc.
307 West Jackson Avenue
Oxford, MS 38655-2154
800-247-3881
662-236-5510x40
jstrusz@oxpub.com
http://www.nightclub.com
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 20+ messages in thread* Re: [gentoo-user] POSTFIX and SASL
2005-10-05 18:41 ` Joe Strusz
@ 2005-10-05 18:46 ` Joe Strusz
2005-10-05 18:58 ` Drew Tomlinson
0 siblings, 1 reply; 20+ messages in thread
From: Joe Strusz @ 2005-10-05 18:46 UTC (permalink / raw
To: gentoo-user
Again ...
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN DIGEST-MD5 CRAM-MD5
250-AUTH=LOGIN PLAIN DIGEST-MD5 CRAM-MD5
250 8BITMIME
auth plain anN0cnVzegBqc3RydXN6AHVwMmw=
535 Error: authentication failed
auth plain anN0cnVzegBqc3RydXN6AHVwMmw
535 Error: authentication failed
Dunno whats going on... I used
perl -MMIME::Base64 -e 'print encode_base64("username\0username\0password");'
to create the auth plain line...
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 20+ messages in thread* Re: [gentoo-user] POSTFIX and SASL
2005-10-05 18:46 ` Joe Strusz
@ 2005-10-05 18:58 ` Drew Tomlinson
2005-10-05 19:03 ` joe strusz
0 siblings, 1 reply; 20+ messages in thread
From: Drew Tomlinson @ 2005-10-05 18:58 UTC (permalink / raw
To: gentoo-user
Have you tried asking at postfix-users@postfix.org? Probably like many
others here, I looked over your configs and compared the SASL part with
mine to see if there's any obvious omissions. I found none and thus,
did not post. Don't assume no one is attempting to help you just
because you've only gotten limited response. And remember, this is a
Gentoo list, not a Postfix or SASL list. If you're not getting your
problem resolved here to your liking, then I suggest you try a list that
specializes in the software with which you are having problems.
Good luck,
Drew
--
Visit The Alchemist's Warehouse
Magic Tricks, DVDs, Videos, Books, & More!
http://www.alchemistswarehouse.com
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [gentoo-user] POSTFIX and SASL
2005-10-05 18:58 ` Drew Tomlinson
@ 2005-10-05 19:03 ` joe strusz
0 siblings, 0 replies; 20+ messages in thread
From: joe strusz @ 2005-10-05 19:03 UTC (permalink / raw
To: gentoo-user
I think your right Drew...
heres one last post from my log...
And Kashanie, thanks for trying.. i tried your suggested
/etc/sasl2/smtpd.conf file...
and this was the result
:57:00 op postfix/smtpd[25216]: > r173h227.dixie-net.com[64.89.173.227]: 220
op.oxpub.com ESMTP Postfix
Oct 5 13:57:00 op postfix/smtpd[25216]: watchdog_pat: 0x5555556e7a88
Oct 5 13:57:00 op postfix/smtpd[25216]: <
r173h227.dixie-net.com[64.89.173.227]: EHLO ERROLSAYRE
Oct 5 13:57:00 op postfix/smtpd[25216]: >
r173h227.dixie-net.com[64.89.173.227]: 250-op.oxpub.com
Oct 5 13:57:00 op postfix/smtpd[25216]: >
r173h227.dixie-net.com[64.89.173.227]: 250-PIPELINING
Oct 5 13:57:00 op postfix/smtpd[25216]: >
r173h227.dixie-net.com[64.89.173.227]: 250-SIZE 10240000
Oct 5 13:57:00 op postfix/smtpd[25216]: >
r173h227.dixie-net.com[64.89.173.227]: 250-VRFY
Oct 5 13:57:00 op postfix/smtpd[25216]: >
r173h227.dixie-net.com[64.89.173.227]: 250-ETRN
Oct 5 13:57:00 op postfix/smtpd[25216]: >
r173h227.dixie-net.com[64.89.173.227]: 250-STARTTLS
Oct 5 13:57:00 op postfix/smtpd[25216]: >
r173h227.dixie-net.com[64.89.173.227]: 250-AUTH LOGIN PLAIN
Oct 5 13:57:00 op postfix/smtpd[25216]: >
r173h227.dixie-net.com[64.89.173.227]: 250-AUTH=LOGIN PLAIN
Oct 5 13:57:00 op postfix/smtpd[25216]: match_list_match:
r173h227.dixie-net.com: no match
Oct 5 13:57:00 op postfix/smtpd[25216]: match_list_match: 64.89.173.227: no
match
Oct 5 13:57:00 op postfix/smtpd[25216]: >
r173h227.dixie-net.com[64.89.173.227]: 250 8BITMIME
Oct 5 13:57:00 op postfix/smtpd[25216]: watchdog_pat: 0x5555556e7a88
Oct 5 13:57:00 op postfix/smtpd[25216]: <
r173h227.dixie-net.com[64.89.173.227]: AUTH LOGIN
Oct 5 13:57:00 op postfix/smtpd[25216]: smtpd_sasl_authenticate:
sasl_method LOGIN
Oct 5 13:57:00 op postfix/smtpd[25216]: smtpd_sasl_authenticate: uncoded
challenge: Username:
Oct 5 13:57:00 op postfix/smtpd[25216]: >
r173h227.dixie-net.com[64.89.173.227]: 334 VXNlcm5hbWU6
Oct 5 13:57:00 op postfix/smtpd[25216]: <
r173h227.dixie-net.com[64.89.173.227]: anN0cnVzeg==
Oct 5 13:57:00 op postfix/smtpd[25216]: smtpd_sasl_authenticate: decoded
response: jstrusz
Oct 5 13:57:00 op postfix/smtpd[25216]: smtpd_sasl_authenticate: uncoded
challenge: Password:
Oct 5 13:57:00 op postfix/smtpd[25216]: >
r173h227.dixie-net.com[64.89.173.227]: 334 UGFzc3dvcmQ6
Oct 5 13:57:00 op postfix/smtpd[25216]: <
r173h227.dixie-net.com[64.89.173.227]: dXAybEB0ZQ==
Oct 5 13:57:00 op postfix/smtpd[25216]: smtpd_sasl_authenticate: decoded
response: mypass
Oct 5 13:57:00 op postfix/smtpd[25216]: >
r173h227.dixie-net.com[64.89.173.227]: 535 Error: authentication failed
Oct 5 13:57:00 op postfix/smtpd[25216]: watchdog_pat: 0x5555556e7a88
Oct 5 13:57:00 op postfix/smtpd[25216]: smtp_get: EOF
Oct 5 13:57:00 op postfix/smtpd[25216]: lost connection after AUTH from
r173h227.dixie-net.com[64.89.173.227]
Oct 5 13:57:00 op postfix/smtpd[25216]: disconnect from
r173h227.dixie-net.com[64.89.173.227]
Oct 5 13:57:00 op postfix/smtpd[25216]: master_notify: status 1
Oct 5 13:57:00 op postfix/smtpd[25216]: connection closed
Oct 5 13:57:00 op postfix/smtpd[25216]: watchdog_stop: 0x5555556e7a88
Oct 5 13:57:00 op postfix/smtpd[25221]: connection established
Oct 5 13:57:00 op postfix/smtpd[25221]: master_notify: status 0
Oct 5 13:57:00 op postfix/smtpd[25216]: watchdog_start: 0x5555556e7a88
Oct 5 13:57:00 op postfix/smtpd[25221]: name_mask: resource
Oct 5 13:57:00 op postfix/smtpd[25221]: name_mask: software
Oct 5 13:57:00 op postfix/smtpd[25221]: name_mask: noanonymous
Oct 5 13:57:00 op postfix/smtpd[25221]: connect from
r173h227.dixie-net.com[64.89.173.227]
Oct 5 13:57:00 op postfix/smtpd[25221]: match_list_match:
r173h227.dixie-net.com: no match
Oct 5 13:57:00 op postfix/smtpd[25221]: match_list_match: 64.89.173.227: no
match
Oct 5 13:57:00 op postfix/smtpd[25221]: match_list_match:
r173h227.dixie-net.com: no match
Oct 5 13:57:00 op postfix/smtpd[25221]: match_list_match: 64.89.173.227: no
match
Oct 5 13:57:00 op postfix/smtpd[25221]: >
r173h227.dixie-net.com[64.89.173.227]: 220 op.oxpub.com ESMTP Postfix
Oct 5 13:57:00 op postfix/smtpd[25221]: watchdog_pat: 0x5555556e7a88
Oct 5 13:57:00 op postfix/smtpd[25221]: <
r173h227.dixie-net.com[64.89.173.227]: EHLO ERROLSAYRE
Oct 5 13:57:00 op postfix/smtpd[25221]: >
r173h227.dixie-net.com[64.89.173.227]: 250-op.oxpub.com
Oct 5 13:57:00 op postfix/smtpd[25221]: >
r173h227.dixie-net.com[64.89.173.227]: 250-PIPELINING
Oct 5 13:57:00 op postfix/smtpd[25221]: >
r173h227.dixie-net.com[64.89.173.227]: 250-SIZE 10240000
Oct 5 13:57:00 op postfix/smtpd[25221]: >
r173h227.dixie-net.com[64.89.173.227]: 250-VRFY
Oct 5 13:57:00 op postfix/smtpd[25221]: >
r173h227.dixie-net.com[64.89.173.227]: 250-ETRN
Oct 5 13:57:00 op postfix/smtpd[25221]: >
r173h227.dixie-net.com[64.89.173.227]: 250-STARTTLS
Oct 5 13:57:00 op postfix/smtpd[25221]: >
r173h227.dixie-net.com[64.89.173.227]: 250-AUTH LOGIN PLAIN
Oct 5 13:57:00 op postfix/smtpd[25221]: >
r173h227.dixie-net.com[64.89.173.227]: 250-AUTH=LOGIN PLAIN
Oct 5 13:57:00 op postfix/smtpd[25221]: match_list_match:
r173h227.dixie-net.com: no match
Oct 5 13:57:00 op postfix/smtpd[25221]: match_list_match: 64.89.173.227: no
match
Oct 5 13:57:00 op postfix/smtpd[25221]: >
r173h227.dixie-net.com[64.89.173.227]: 250 8BITMIME
Oct 5 13:57:00 op postfix/smtpd[25221]: watchdog_pat: 0x5555556e7a88
Oct 5 13:57:00 op postfix/smtpd[25221]: <
r173h227.dixie-net.com[64.89.173.227]: AUTH LOGIN
Oct 5 13:57:00 op postfix/smtpd[25221]: smtpd_sasl_authenticate:
sasl_method LOGIN
Oct 5 13:57:00 op postfix/smtpd[25221]: smtpd_sasl_authenticate: uncoded
challenge: Username:
Oct 5 13:57:00 op postfix/smtpd[25221]: >
r173h227.dixie-net.com[64.89.173.227]: 334 VXNlcm5hbWU6
Oct 5 13:57:00 op postfix/smtpd[25221]: <
r173h227.dixie-net.com[64.89.173.227]: anN0cnVzeg==
Oct 5 13:57:00 op postfix/smtpd[25221]: smtpd_sasl_authenticate: decoded
response: jstrusz
Oct 5 13:57:00 op postfix/smtpd[25221]: smtpd_sasl_authenticate: uncoded
challenge: Password:
Oct 5 13:57:00 op postfix/smtpd[25221]: >
r173h227.dixie-net.com[64.89.173.227]: 334 UGFzc3dvcmQ6
Oct 5 13:57:00 op postfix/smtpd[25221]: <
r173h227.dixie-net.com[64.89.173.227]: dXAybEB0ZQ==
Oct 5 13:57:00 op postfix/smtpd[25221]: smtpd_sasl_authenticate: decoded
response: mypass
Oct 5 13:57:00 op postfix/smtpd[25221]: >
r173h227.dixie-net.com[64.89.173.227]: 535 Error: authentication failed
----- Original Message -----
From: "Drew Tomlinson" <drew@mykitchentable.net>
To: <gentoo-user@lists.gentoo.org>
Sent: Wednesday, October 05, 2005 1:58 PM
Subject: Re: [gentoo-user] POSTFIX and SASL
> Have you tried asking at postfix-users@postfix.org? Probably like many
> others here, I looked over your configs and compared the SASL part with
> mine to see if there's any obvious omissions. I found none and thus, did
> not post. Don't assume no one is attempting to help you just because
> you've only gotten limited response. And remember, this is a Gentoo list,
> not a Postfix or SASL list. If you're not getting your problem resolved
> here to your liking, then I suggest you try a list that specializes in the
> software with which you are having problems.
>
> Good luck,
>
> Drew
>
> --
> Visit The Alchemist's Warehouse
> Magic Tricks, DVDs, Videos, Books, & More!
>
> http://www.alchemistswarehouse.com
>
> --
> gentoo-user@gentoo.org mailing list
>
>
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [gentoo-user] POSTFIX and SASL
2005-10-05 17:04 ` Joe Strusz
2005-10-05 17:10 ` Joe Strusz
@ 2005-10-05 18:54 ` kashani
1 sibling, 0 replies; 20+ messages in thread
From: kashani @ 2005-10-05 18:54 UTC (permalink / raw
To: gentoo-user
Joe Strusz wrote:
> This is the result ov the emerge -pv cyrus-sasl
>
> These are the packages that I would merge, in order:
>
> Calculating dependencies ...done!
> [ebuild R ] dev-libs/cyrus-sasl-2.1.20 +authdaemond +berkdb +gdbm
> -java -kerberos -ldap -mysql +pam -postgres +ssl -static 0 kB
>
> Total size of downloads: 0 kB
>
Strange that you've got authdaemond in there... I'm wondering if that's
conflicting. I'd pull it out and recompile.
However in my virtual systems I usually slave sasl off Courier because
sasl seems to be a moving target with pam, pam_mysql, etc. If you want
to try using authdaemond before you recompile try this config.
/etc/sasl2/smtpd.conf
pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/var/lib/courier/authdaemon/socket
This of course assumes that you have Courier-authlib up and working.
In the realm of wild ass guesses have you changed or added a firewall
recently? Firewalls that inspect and protect protocols usually break
smtp-auth. On a Cisco Pix you'll need to set smtp fixup or something
like that.
kashani
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 20+ messages in thread
* [gentoo-user] POSTFIX and SASL
@ 2005-10-05 16:17 Joe Strusz
0 siblings, 0 replies; 20+ messages in thread
From: Joe Strusz @ 2005-10-05 16:17 UTC (permalink / raw
To: gentoo-user
Again heres the section in my /var/log/mail.info:
< unknown[64.89.173.227]: EHLO ERROLSAYRE
Oct 5 16:10:55 op postfix/smtpd[10183]: > unknown[64.89.173.227]:
250-op.oxpub.com
Oct 5 16:10:55 op postfix/smtpd[10183]: > unknown[64.89.173.227]:
250-PIPELINING
Oct 5 16:10:55 op postfix/smtpd[10183]: > unknown[64.89.173.227]:
250-SIZE 10240000
Oct 5 16:10:55 op postfix/smtpd[10183]: > unknown[64.89.173.227]: 250-VRFY
Oct 5 16:10:55 op postfix/smtpd[10183]: > unknown[64.89.173.227]: 250-ETRN
Oct 5 16:10:55 op postfix/smtpd[10183]: > unknown[64.89.173.227]:
250-AUTH LOGIN PLAIN
Oct 5 16:10:55 op postfix/smtpd[10183]: > unknown[64.89.173.227]:
250-AUTH=LOGIN PLAIN
Oct 5 16:10:55 op postfix/smtpd[10183]: match_list_match: unknown: no match
Oct 5 16:10:55 op postfix/smtpd[10183]: match_list_match:
64.89.173.227: no match
Oct 5 16:10:55 op postfix/smtpd[10183]: > unknown[64.89.173.227]: 250 8BITMIME
Oct 5 16:10:55 op postfix/smtpd[10183]: watchdog_pat: 0x5555556e42b8
Oct 5 16:10:55 op postfix/smtpd[10183]: < unknown[64.89.173.227]: AUTH LOGIN
Oct 5 16:10:55 op postfix/smtpd[10183]: smtpd_sasl_authenticate:
sasl_method LOGIN
Oct 5 16:10:55 op postfix/smtpd[10183]: smtpd_sasl_authenticate:
uncoded challenge: Username:
Oct 5 16:10:55 op postfix/smtpd[10183]: > unknown[64.89.173.227]:
334 VXNlcm5hbWU6
Oct 5 16:10:55 op postfix/smtpd[10183]: < unknown[64.89.173.227]:
anN0cnVzekBveHB1Yi5jb20=
Oct 5 16:10:55 op postfix/smtpd[10183]: smtpd_sasl_authenticate:
decoded response: jstrusz@oxpub.com
Oct 5 16:10:55 op postfix/smtpd[10183]: smtpd_sasl_authenticate:
uncoded challenge: Password:
Oct 5 16:10:55 op postfix/smtpd[10183]: > unknown[64.89.173.227]:
334 UGFzc3dvcmQ6
Oct 5 16:10:55 op postfix/smtpd[10183]: < unknown[64.89.173.227]: dXAybEB0ZQ==
Oct 5 16:10:55 op postfix/smtpd[10183]: smtpd_sasl_authenticate:
decoded response: mydecodedplaintextpassword(is this supposed to be here?)
Oct 5 16:10:55 op postfix/smtpd[10183]: > unknown[64.89.173.227]:
535 Error: authentication failed
Oct 5 16:10:55 op postfix/smtpd[10183]: watchdog_pat: 0x5555556e42b8
Oct 5 16:10:55 op postfix/smtpd[10183]: smtp_get: EOF
Oct 5 16:10:55 op postfix/smtpd[10183]: lost connection after AUTH
from unknown[64.89.173.227]
Oct 5 16:10:55 op postfix/smtpd[10183]: disconnect from unknown[64.89.173.227]
Oct 5 16:10:55 op postfix/smtpd[10183]: master_notify: status 1
Oct 5 16:10:55 op postfix/smtpd[10183]: connection closed
Joe Strusz
IT Assistant
Oxford Publishing, Inc.
307 West Jackson Avenue
Oxford, MS 38655-2154
800-247-3881
662-236-5510x40
jstrusz@oxpub.com
http://www.nightclub.com
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 20+ messages in thread
* [gentoo-user] POSTFIX and SASL
@ 2005-10-05 15:47 Joe Strusz
2005-10-05 15:55 ` Joe Strusz
0 siblings, 1 reply; 20+ messages in thread
From: Joe Strusz @ 2005-10-05 15:47 UTC (permalink / raw
To: gentoo-user
Again.. heres my postconf -n
alias_database = hash:/etc/mail/aliases
alias_maps = hash:/etc/mail/aliases
biff = no
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
default_destination_concurrency_limit = 2
empty_address_recipient = MAILER-DAEMON
home_mailbox = .maildir/
html_directory = no
inet_interfaces = all
local_destination_concurrency_limit = 2
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
mydestination = op, op.$mydomain, $mydomain
mydomain = mydomain.com
myhostname = op.mydomain.com
mynetworks = 192.168.1.0/24, 127.0.0.0/8, mywanIP
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
queue_minfree = 120000000
readme_directory = /usr/share/doc/postfix-2.1.5-r2/readme
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtp_use_tls = yes
smtpd_recipient_restrictions =
reject_invalid_hostname, reject_non_fqdn_hostname,
reject_non_fqdn_sender, reject_non_fqdn_recipient,
reject_unknown_sender_domain, reject_unknown_recipient_domain,
reject_unauth_pipelining, permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination, permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/ssl/postfix/server.pem
smtpd_tls_cert_file = /etc/ssl/postfix/server.crt
smtpd_tls_key_file = /etc/ssl/postfix/server.key
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 450
Still popping up the user/pass dialog...
Heres what i grabbed from /var/log/mail.info:
Oct 5 15:41:12 op postfix/smtpd[7964]: < unknown[64.89.173.227]:
EHLO ERROLSAYRE
Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]:
250-op.oxpub.com
Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]:
250-PIPELINING
Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]:
250-SIZE 10240000
Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]: 250-VRFY
Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]: 250-ETRN
Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]:
250-AUTH LOGIN PLAIN
Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]:
250-AUTH=LOGIN PLAIN
Oct 5 15:41:12 op postfix/smtpd[7964]: match_list_match: unknown: no match
Oct 5 15:41:12 op postfix/smtpd[7964]: match_list_match:
64.89.173.227: no match
Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]: 250 8BITMIME
Oct 5 15:41:12 op postfix/smtpd[7964]: watchdog_pat: 0x5555556e4608
Oct 5 15:41:12 op postfix/smtpd[7964]: < unknown[64.89.173.227]: AUTH LOGIN
Oct 5 15:41:12 op postfix/smtpd[7964]: smtpd_sasl_authenticate:
sasl_method LOGIN
Oct 5 15:41:12 op postfix/smtpd[7964]: smtpd_sasl_authenticate:
uncoded challenge: Username:
Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]: 334
VXNlcm5hbWU6
Oct 5 15:41:12 op postfix/smtpd[7964]: < unknown[64.89.173.227]: anN0cnVzeg==
Oct 5 15:41:12 op postfix/smtpd[7964]: smtpd_sasl_authenticate:
decoded response: jstrusz
Oct 5 15:41:12 op postfix/smtpd[7964]: smtpd_sasl_authenticate:
uncoded challenge: Password:
Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]: 334
UGFzc3dvcmQ6
Oct 5 15:41:12 op postfix/smtpd[7964]: < unknown[64.89.173.227]: dXAybEB0ZQ==
Oct 5 15:41:12 op postfix/smtpd[7964]: smtpd_sasl_authenticate:
decoded response: MY PLAIN TEXT PASSWORD
Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]: 535
Error: authentication failed
Oct 5 15:41:12 op postfix/smtpd[7964]: watchdog_pat: 0x5555556e4608
Oct 5 15:41:12 op postfix/smtpd[7964]: smtp_get: EOF
Oct 5 15:41:12 op postfix/smtpd[7964]: lost connection after AUTH
from unknown[64.89.173.227]
Oct 5 15:41:12 op postfix/smtpd[7964]: disconnect from unknown[64.89.173.227]
Oct 5 15:41:12 op postfix/smtpd[7964]: master_notify: status 1
Oct 5 15:41:12 op postfix/smtpd[7964]: connection closed
Please help!
Joe Strusz
IT Assistant
Oxford Publishing, Inc.
307 West Jackson Avenue
Oxford, MS 38655-2154
800-247-3881
662-236-5510x40
jstrusz@oxpub.com
http://www.nightclub.com
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 20+ messages in thread* Re: [gentoo-user] POSTFIX and SASL
2005-10-05 15:47 Joe Strusz
@ 2005-10-05 15:55 ` Joe Strusz
0 siblings, 0 replies; 20+ messages in thread
From: Joe Strusz @ 2005-10-05 15:55 UTC (permalink / raw
To: gentoo-user
Could it be because Im receiving that 8BITMIME line instead of
64BITMIME? Or is that normal?
At 10:47 AM 10/5/2005, you wrote:
>Again.. heres my postconf -n
>
>alias_database = hash:/etc/mail/aliases
>alias_maps = hash:/etc/mail/aliases
>biff = no
>broken_sasl_auth_clients = yes
>command_directory = /usr/sbin
>config_directory = /etc/postfix
>content_filter = smtp-amavis:[127.0.0.1]:10024
>daemon_directory = /usr/lib/postfix
>debug_peer_level = 2
>default_destination_concurrency_limit = 2
>empty_address_recipient = MAILER-DAEMON
>home_mailbox = .maildir/
>html_directory = no
>inet_interfaces = all
>local_destination_concurrency_limit = 2
>mail_owner = postfix
>mailq_path = /usr/bin/mailq
>manpage_directory = /usr/share/man
>mydestination = op, op.$mydomain, $mydomain
>mydomain = mydomain.com
>myhostname = op.mydomain.com
>mynetworks = 192.168.1.0/24, 127.0.0.0/8, mywanIP
>newaliases_path = /usr/bin/newaliases
>queue_directory = /var/spool/postfix
>queue_minfree = 120000000
>readme_directory = /usr/share/doc/postfix-2.1.5-r2/readme
>sample_directory = /etc/postfix
>sendmail_path = /usr/sbin/sendmail
>setgid_group = postdrop
>smtp_use_tls = yes
>smtpd_recipient_restrictions =
>reject_invalid_hostname, reject_non_fqdn_hostname,
>reject_non_fqdn_sender, reject_non_fqdn_recipient,
>reject_unknown_sender_domain,
>reject_unknown_recipient_domain, reject_unauth_pipelining,
> permit_mynetworks,
>permit_sasl_authenticated, reject_unauth_destination, permit
>smtpd_sasl_auth_enable = yes
>smtpd_sasl_local_domain =
>smtpd_sasl_security_options = noanonymous
>smtpd_tls_CAfile = /etc/ssl/postfix/server.pem
>smtpd_tls_cert_file = /etc/ssl/postfix/server.crt
>smtpd_tls_key_file = /etc/ssl/postfix/server.key
>smtpd_tls_loglevel = 3
>smtpd_tls_received_header = yes
>smtpd_tls_session_cache_timeout = 3600s
>smtpd_use_tls = yes
>tls_random_source = dev:/dev/urandom
>unknown_local_recipient_reject_code = 450
>
>Still popping up the user/pass dialog...
>
>Heres what i grabbed from /var/log/mail.info:
>
>
>Oct 5 15:41:12 op postfix/smtpd[7964]: < unknown[64.89.173.227]:
>EHLO ERROLSAYRE
>Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]:
>250-op.oxpub.com
>Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]:
>250-PIPELINING
>Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]:
>250-SIZE 10240000
>Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]: 250-VRFY
>Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]: 250-ETRN
>Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]:
>250-AUTH LOGIN PLAIN
>Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]:
>250-AUTH=LOGIN PLAIN
>Oct 5 15:41:12 op postfix/smtpd[7964]: match_list_match: unknown: no match
>Oct 5 15:41:12 op postfix/smtpd[7964]: match_list_match:
>64.89.173.227: no match
>Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]: 250 8BITMIME
>Oct 5 15:41:12 op postfix/smtpd[7964]: watchdog_pat: 0x5555556e4608
>Oct 5 15:41:12 op postfix/smtpd[7964]: < unknown[64.89.173.227]: AUTH LOGIN
>Oct 5 15:41:12 op postfix/smtpd[7964]: smtpd_sasl_authenticate:
>sasl_method LOGIN
>Oct 5 15:41:12 op postfix/smtpd[7964]: smtpd_sasl_authenticate:
>uncoded challenge: Username:
>Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]:
>334 VXNlcm5hbWU6
>Oct 5 15:41:12 op postfix/smtpd[7964]: < unknown[64.89.173.227]: anN0cnVzeg==
>Oct 5 15:41:12 op postfix/smtpd[7964]: smtpd_sasl_authenticate:
>decoded response: jstrusz
>Oct 5 15:41:12 op postfix/smtpd[7964]: smtpd_sasl_authenticate:
>uncoded challenge: Password:
>Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]:
>334 UGFzc3dvcmQ6
>Oct 5 15:41:12 op postfix/smtpd[7964]: < unknown[64.89.173.227]: dXAybEB0ZQ==
>Oct 5 15:41:12 op postfix/smtpd[7964]: smtpd_sasl_authenticate:
>decoded response: MY PLAIN TEXT PASSWORD
>Oct 5 15:41:12 op postfix/smtpd[7964]: > unknown[64.89.173.227]:
>535 Error: authentication failed
>Oct 5 15:41:12 op postfix/smtpd[7964]: watchdog_pat: 0x5555556e4608
>Oct 5 15:41:12 op postfix/smtpd[7964]: smtp_get: EOF
>Oct 5 15:41:12 op postfix/smtpd[7964]: lost connection after AUTH
>from unknown[64.89.173.227]
>Oct 5 15:41:12 op postfix/smtpd[7964]: disconnect from unknown[64.89.173.227]
>Oct 5 15:41:12 op postfix/smtpd[7964]: master_notify: status 1
>Oct 5 15:41:12 op postfix/smtpd[7964]: connection closed
>
>
>Please help!
>
>
>
>
>Joe Strusz
>
>IT Assistant
>Oxford Publishing, Inc.
>307 West Jackson Avenue
>Oxford, MS 38655-2154
>800-247-3881
>662-236-5510x40
>jstrusz@oxpub.com
>http://www.nightclub.com
>
>
>--
>gentoo-user@gentoo.org mailing list
Joe Strusz
IT Assistant
Oxford Publishing, Inc.
307 West Jackson Avenue
Oxford, MS 38655-2154
800-247-3881
662-236-5510x40
jstrusz@oxpub.com
http://www.nightclub.com
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 20+ messages in thread
* [gentoo-user] POSTFIX and SASL
@ 2005-10-05 15:17 Joe Strusz
2005-10-05 15:25 ` John Jolet
` (4 more replies)
0 siblings, 5 replies; 20+ messages in thread
From: Joe Strusz @ 2005-10-05 15:17 UTC (permalink / raw
To: gentoo-user
Ive read every forum on the site, and even ventured over the Wiki for
even more redundant reading. Ive read the entire postfix handbook,
and still have not found an answer to this problem. Its been two
weeks now I haven't been able to send mail from outside the network
to non local users.
Heres my /etc/postfix/main.cf:
alias_database = hash:/etc/mail/aliases
alias_maps = hash:/etc/mail/aliases
biff = no
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
default_destination_concurrency_limit = 2
empty_address_recipient = MAILER-DAEMON
home_mailbox = .maildir/
html_directory = no
inet_interfaces = all
local_destination_concurrency_limit = 2
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
mydestination = op, op.$mydomain, $mydomain
mydomain = mydomain.com
myhostname = op.mydomain.com
mynetworks = 192.168.1.0/24, 127.0.0.0/8, *.*.*.*(my WAN ip)
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
queue_minfree = 120000000
readme_directory = /usr/share/doc/postfix-2.1.5-r2/readme
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtp_use_tls = yes
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/ssl/postfix/server.pem
smtpd_tls_cert_file = /etc/ssl/postfix/server.crt
smtpd_tls_key_file = /etc/ssl/postfix/server.key
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 450
virtual_alias_domains = myvirtual.com
virtual_alias_maps = hash:/etc/postfix/virtual
And heres /etc/sasl2/smtpd.conf:
pwcheck_method: saslauthd
mech_list: plain login
And heres /etc/conf.d/saslauthd:
# $Id: saslauthd.sysconfig,v 1.1 2001/05/02 10:55:48 wiget Exp $
# Authentications mechanism (for list see saslauthd -v)
SASL_AUTHMECH=pam
# Hostname for remote IMAP server (if rimap auth mech is used)
# Ldap configuration file (if ldap auth mech is used)
SASL_MECH_OPTIONS=
# Extra options (for list see saslauthd -h)
SASLAUTHD_OPTS=
And last but not least, heres a description of the problem...
TLS and everything else works great. However as soon as I check that
little box in outlook express that says "my smtp server requires
authentication" on the client whom worsk out of the office on home
internet lines.. the password box keeps reappearing, and accepting
any passwords... i ran the line "saslpasswd2 -c username" to no
avail. Same issue.
Postfix was compiled with SASL support:
[ebuild R ] mail-mta/postfix-2.1.5-r2 -ipv6 -ldap -mailwrapper
-mbox +mysql +pam -postgres +sasl (-selinux) +ssl -vda 0 kB
And when i telnet to 25 and issue the ehlo command, i do get AUTH
PLAIN lines...
whats going on?
please help
im racking my brains.
Joe Strusz
IT Assistant
Oxford Publishing, Inc.
307 West Jackson Avenue
Oxford, MS 38655-2154
800-247-3881
662-236-5510x40
jstrusz@oxpub.com
http://www.nightclub.com
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 20+ messages in thread* Re: [gentoo-user] POSTFIX and SASL
2005-10-05 15:17 Joe Strusz
@ 2005-10-05 15:25 ` John Jolet
2005-10-05 15:26 ` John Jolet
` (3 subsequent siblings)
4 siblings, 0 replies; 20+ messages in thread
From: John Jolet @ 2005-10-05 15:25 UTC (permalink / raw
To: gentoo-user
On Wednesday 05 October 2005 10:17, Joe Strusz wrote:
> Ive read every forum on the site, and even ventured over the Wiki for
> even more redundant reading. Ive read the entire postfix handbook,
> and still have not found an answer to this problem. Its been two
> weeks now I haven't been able to send mail from outside the network
> to non local users.
>
> Heres my /etc/postfix/main.cf:
>
is it just me, or do you not have the line: smtpd_sasl_auth_enable = yes
in here anywhere?
> alias_database = hash:/etc/mail/aliases
> alias_maps = hash:/etc/mail/aliases
> biff = no
> broken_sasl_auth_clients = yes
> command_directory = /usr/sbin
> config_directory = /etc/postfix
> content_filter = smtp-amavis:[127.0.0.1]:10024
> daemon_directory = /usr/lib/postfix
> debug_peer_level = 2
> default_destination_concurrency_limit = 2
> empty_address_recipient = MAILER-DAEMON
> home_mailbox = .maildir/
> html_directory = no
> inet_interfaces = all
> local_destination_concurrency_limit = 2
> mail_owner = postfix
> mailq_path = /usr/bin/mailq
> manpage_directory = /usr/share/man
> mydestination = op, op.$mydomain, $mydomain
> mydomain = mydomain.com
> myhostname = op.mydomain.com
> mynetworks = 192.168.1.0/24, 127.0.0.0/8, *.*.*.*(my WAN ip)
> newaliases_path = /usr/bin/newaliases
> queue_directory = /var/spool/postfix
> queue_minfree = 120000000
> readme_directory = /usr/share/doc/postfix-2.1.5-r2/readme
> sample_directory = /etc/postfix
> sendmail_path = /usr/sbin/sendmail
> setgid_group = postdrop
> smtp_use_tls = yes
> smtpd_data_restrictions = reject_unauth_pipelining
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_local_domain =
> smtpd_sasl_security_options = noanonymous
> smtpd_tls_CAfile = /etc/ssl/postfix/server.pem
> smtpd_tls_cert_file = /etc/ssl/postfix/server.crt
> smtpd_tls_key_file = /etc/ssl/postfix/server.key
> smtpd_tls_loglevel = 3
> smtpd_tls_received_header = yes
> smtpd_tls_session_cache_timeout = 3600s
> smtpd_use_tls = yes
> tls_random_source = dev:/dev/urandom
> unknown_local_recipient_reject_code = 450
> virtual_alias_domains = myvirtual.com
> virtual_alias_maps = hash:/etc/postfix/virtual
>
>
> And heres /etc/sasl2/smtpd.conf:
>
> pwcheck_method: saslauthd
> mech_list: plain login
>
> And heres /etc/conf.d/saslauthd:
>
> # $Id: saslauthd.sysconfig,v 1.1 2001/05/02 10:55:48 wiget Exp $
> # Authentications mechanism (for list see saslauthd -v)
> SASL_AUTHMECH=pam
>
>
> # Hostname for remote IMAP server (if rimap auth mech is used)
> # Ldap configuration file (if ldap auth mech is used)
> SASL_MECH_OPTIONS=
>
>
> # Extra options (for list see saslauthd -h)
> SASLAUTHD_OPTS=
>
>
> And last but not least, heres a description of the problem...
>
> TLS and everything else works great. However as soon as I check that
> little box in outlook express that says "my smtp server requires
> authentication" on the client whom worsk out of the office on home
> internet lines.. the password box keeps reappearing, and accepting
> any passwords... i ran the line "saslpasswd2 -c username" to no
> avail. Same issue.
>
> Postfix was compiled with SASL support:
>
> [ebuild R ] mail-mta/postfix-2.1.5-r2 -ipv6 -ldap -mailwrapper
> -mbox +mysql +pam -postgres +sasl (-selinux) +ssl -vda 0 kB
>
> And when i telnet to 25 and issue the ehlo command, i do get AUTH
> PLAIN lines...
>
> whats going on?
>
> please help
>
> im racking my brains.
>
>
>
>
> Joe Strusz
>
> IT Assistant
> Oxford Publishing, Inc.
> 307 West Jackson Avenue
> Oxford, MS 38655-2154
> 800-247-3881
> 662-236-5510x40
> jstrusz@oxpub.com
> http://www.nightclub.com
--
John Jolet
Your On-Demand IT Department
512-762-0729
www.jolet.net
john@jolet.net
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 20+ messages in thread* Re: [gentoo-user] POSTFIX and SASL
2005-10-05 15:17 Joe Strusz
2005-10-05 15:25 ` John Jolet
@ 2005-10-05 15:26 ` John Jolet
2005-10-05 15:32 ` Joe Strusz
2005-10-05 15:36 ` kashani
` (2 subsequent siblings)
4 siblings, 1 reply; 20+ messages in thread
From: John Jolet @ 2005-10-05 15:26 UTC (permalink / raw
To: gentoo-user
On Wednesday 05 October 2005 10:17, Joe Strusz wrote:
> Ive read every forum on the site, and even ventured over the Wiki for
> even more redundant reading. Ive read the entire postfix handbook,
> and still have not found an answer to this problem. Its been two
> weeks now I haven't been able to send mail from outside the network
> to non local users.
>
> Heres my /etc/postfix/main.cf:
>
> alias_database = hash:/etc/mail/aliases
> alias_maps = hash:/etc/mail/aliases
> biff = no
> broken_sasl_auth_clients = yes
> command_directory = /usr/sbin
> config_directory = /etc/postfix
> content_filter = smtp-amavis:[127.0.0.1]:10024
> daemon_directory = /usr/lib/postfix
> debug_peer_level = 2
> default_destination_concurrency_limit = 2
> empty_address_recipient = MAILER-DAEMON
> home_mailbox = .maildir/
> html_directory = no
> inet_interfaces = all
> local_destination_concurrency_limit = 2
> mail_owner = postfix
> mailq_path = /usr/bin/mailq
> manpage_directory = /usr/share/man
> mydestination = op, op.$mydomain, $mydomain
> mydomain = mydomain.com
> myhostname = op.mydomain.com
> mynetworks = 192.168.1.0/24, 127.0.0.0/8, *.*.*.*(my WAN ip)
> newaliases_path = /usr/bin/newaliases
> queue_directory = /var/spool/postfix
> queue_minfree = 120000000
> readme_directory = /usr/share/doc/postfix-2.1.5-r2/readme
> sample_directory = /etc/postfix
> sendmail_path = /usr/sbin/sendmail
> setgid_group = postdrop
> smtp_use_tls = yes
> smtpd_data_restrictions = reject_unauth_pipelining
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_local_domain =
> smtpd_sasl_security_options = noanonymous
> smtpd_tls_CAfile = /etc/ssl/postfix/server.pem
> smtpd_tls_cert_file = /etc/ssl/postfix/server.crt
> smtpd_tls_key_file = /etc/ssl/postfix/server.key
> smtpd_tls_loglevel = 3
> smtpd_tls_received_header = yes
> smtpd_tls_session_cache_timeout = 3600s
> smtpd_use_tls = yes
> tls_random_source = dev:/dev/urandom
> unknown_local_recipient_reject_code = 450
> virtual_alias_domains = myvirtual.com
> virtual_alias_maps = hash:/etc/postfix/virtual
and these: smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination
>
>
> And heres /etc/sasl2/smtpd.conf:
>
> pwcheck_method: saslauthd
> mech_list: plain login
>
> And heres /etc/conf.d/saslauthd:
>
> # $Id: saslauthd.sysconfig,v 1.1 2001/05/02 10:55:48 wiget Exp $
> # Authentications mechanism (for list see saslauthd -v)
> SASL_AUTHMECH=pam
>
>
> # Hostname for remote IMAP server (if rimap auth mech is used)
> # Ldap configuration file (if ldap auth mech is used)
> SASL_MECH_OPTIONS=
>
>
> # Extra options (for list see saslauthd -h)
> SASLAUTHD_OPTS=
>
>
> And last but not least, heres a description of the problem...
>
> TLS and everything else works great. However as soon as I check that
> little box in outlook express that says "my smtp server requires
> authentication" on the client whom worsk out of the office on home
> internet lines.. the password box keeps reappearing, and accepting
> any passwords... i ran the line "saslpasswd2 -c username" to no
> avail. Same issue.
>
> Postfix was compiled with SASL support:
>
> [ebuild R ] mail-mta/postfix-2.1.5-r2 -ipv6 -ldap -mailwrapper
> -mbox +mysql +pam -postgres +sasl (-selinux) +ssl -vda 0 kB
>
> And when i telnet to 25 and issue the ehlo command, i do get AUTH
> PLAIN lines...
>
> whats going on?
>
> please help
>
> im racking my brains.
>
>
>
>
> Joe Strusz
>
> IT Assistant
> Oxford Publishing, Inc.
> 307 West Jackson Avenue
> Oxford, MS 38655-2154
> 800-247-3881
> 662-236-5510x40
> jstrusz@oxpub.com
> http://www.nightclub.com
--
John Jolet
Your On-Demand IT Department
512-762-0729
www.jolet.net
john@jolet.net
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 20+ messages in thread* Re: [gentoo-user] POSTFIX and SASL
2005-10-05 15:26 ` John Jolet
@ 2005-10-05 15:32 ` Joe Strusz
0 siblings, 0 replies; 20+ messages in thread
From: Joe Strusz @ 2005-10-05 15:32 UTC (permalink / raw
To: gentoo-user
Actually if youd look... smtpd_sasl_auth_enable = yes is in fact there...
I add those smtpd_recipient_restrictions and it still does the same thing....
Anyways... some help perhaps?
At 10:26 AM 10/5/2005, you wrote:
>On Wednesday 05 October 2005 10:17, Joe Strusz wrote:
> > Ive read every forum on the site, and even ventured over the Wiki for
> > even more redundant reading. Ive read the entire postfix handbook,
> > and still have not found an answer to this problem. Its been two
> > weeks now I haven't been able to send mail from outside the network
> > to non local users.
> >
> > Heres my /etc/postfix/main.cf:
> >
> > alias_database = hash:/etc/mail/aliases
> > alias_maps = hash:/etc/mail/aliases
> > biff = no
> > broken_sasl_auth_clients = yes
> > command_directory = /usr/sbin
> > config_directory = /etc/postfix
> > content_filter = smtp-amavis:[127.0.0.1]:10024
> > daemon_directory = /usr/lib/postfix
> > debug_peer_level = 2
> > default_destination_concurrency_limit = 2
> > empty_address_recipient = MAILER-DAEMON
> > home_mailbox = .maildir/
> > html_directory = no
> > inet_interfaces = all
> > local_destination_concurrency_limit = 2
> > mail_owner = postfix
> > mailq_path = /usr/bin/mailq
> > manpage_directory = /usr/share/man
> > mydestination = op, op.$mydomain, $mydomain
> > mydomain = mydomain.com
> > myhostname = op.mydomain.com
> > mynetworks = 192.168.1.0/24, 127.0.0.0/8, *.*.*.*(my WAN ip)
> > newaliases_path = /usr/bin/newaliases
> > queue_directory = /var/spool/postfix
> > queue_minfree = 120000000
> > readme_directory = /usr/share/doc/postfix-2.1.5-r2/readme
> > sample_directory = /etc/postfix
> > sendmail_path = /usr/sbin/sendmail
> > setgid_group = postdrop
> > smtp_use_tls = yes
> > smtpd_data_restrictions = reject_unauth_pipelining
> > smtpd_sasl_auth_enable = yes
> > smtpd_sasl_local_domain =
> > smtpd_sasl_security_options = noanonymous
> > smtpd_tls_CAfile = /etc/ssl/postfix/server.pem
> > smtpd_tls_cert_file = /etc/ssl/postfix/server.crt
> > smtpd_tls_key_file = /etc/ssl/postfix/server.key
> > smtpd_tls_loglevel = 3
> > smtpd_tls_received_header = yes
> > smtpd_tls_session_cache_timeout = 3600s
> > smtpd_use_tls = yes
> > tls_random_source = dev:/dev/urandom
> > unknown_local_recipient_reject_code = 450
> > virtual_alias_domains = myvirtual.com
> > virtual_alias_maps = hash:/etc/postfix/virtual
>
>and these: smtpd_recipient_restrictions = permit_mynetworks,
> permit_sasl_authenticated,
> reject_unauth_destination
> >
> >
> > And heres /etc/sasl2/smtpd.conf:
> >
> > pwcheck_method: saslauthd
> > mech_list: plain login
> >
> > And heres /etc/conf.d/saslauthd:
> >
> > # $Id: saslauthd.sysconfig,v 1.1 2001/05/02 10:55:48 wiget Exp $
> > # Authentications mechanism (for list see saslauthd -v)
> > SASL_AUTHMECH=pam
> >
> >
> > # Hostname for remote IMAP server (if rimap auth mech is used)
> > # Ldap configuration file (if ldap auth mech is used)
> > SASL_MECH_OPTIONS=
> >
> >
> > # Extra options (for list see saslauthd -h)
> > SASLAUTHD_OPTS=
> >
> >
> > And last but not least, heres a description of the problem...
> >
> > TLS and everything else works great. However as soon as I check that
> > little box in outlook express that says "my smtp server requires
> > authentication" on the client whom worsk out of the office on home
> > internet lines.. the password box keeps reappearing, and accepting
> > any passwords... i ran the line "saslpasswd2 -c username" to no
> > avail. Same issue.
> >
> > Postfix was compiled with SASL support:
> >
> > [ebuild R ] mail-mta/postfix-2.1.5-r2 -ipv6 -ldap -mailwrapper
> > -mbox +mysql +pam -postgres +sasl (-selinux) +ssl -vda 0 kB
> >
> > And when i telnet to 25 and issue the ehlo command, i do get AUTH
> > PLAIN lines...
> >
> > whats going on?
> >
> > please help
> >
> > im racking my brains.
> >
> >
> >
> >
> > Joe Strusz
> >
> > IT Assistant
> > Oxford Publishing, Inc.
> > 307 West Jackson Avenue
> > Oxford, MS 38655-2154
> > 800-247-3881
> > 662-236-5510x40
> > jstrusz@oxpub.com
> > http://www.nightclub.com
>
>--
>John Jolet
>Your On-Demand IT Department
>512-762-0729
>www.jolet.net
>john@jolet.net
>--
>gentoo-user@gentoo.org mailing list
Joe Strusz
IT Assistant
Oxford Publishing, Inc.
307 West Jackson Avenue
Oxford, MS 38655-2154
800-247-3881
662-236-5510x40
jstrusz@oxpub.com
http://www.nightclub.com
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: [gentoo-user] POSTFIX and SASL
2005-10-05 15:17 Joe Strusz
2005-10-05 15:25 ` John Jolet
2005-10-05 15:26 ` John Jolet
@ 2005-10-05 15:36 ` kashani
2005-10-05 17:01 ` Marshal Newrock
2005-10-06 0:27 ` Bryan Whitehead
4 siblings, 0 replies; 20+ messages in thread
From: kashani @ 2005-10-05 15:36 UTC (permalink / raw
To: gentoo-user
Joe Strusz wrote:
<big snip>
I don't see your smtpd_recipient_restrictions in that list, but it looks
like you cut and pasted rather than did a postconf -n. Do the logs say
antyhing interesting as well?
In any case here's what works for me.
/etc/postfix/main.cf
# SASL setting
smtpd_sasl_auth_enable = yes
smtpd_sasl2_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_local_domain =
# TLS Settings
smtpd_use_tls = yes
#smtpd_tls_auth_only = yes
smtpd_tls_key_file = /etc/postfix/newreq.pem
smtpd_tls_cert_file = /etc/postfix/newcert.pem
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
# setting restrictions and order
smtpd_recipient_restrictions =
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
permit
/etc/sasl2/smtpd.conf
pwcheck_method: saslauthd
mech_list: plain login
/etc/conf.d/saslauthd
SASLAUTHD_OPTS=""
SASLAUTHD_OPTS="${SASLAUTH_MECH} -a pam"
/etc/init.d/saslauthd restart
/etc/init.d/postfix restart
kashani
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 20+ messages in thread* Re: [gentoo-user] POSTFIX and SASL
2005-10-05 15:17 Joe Strusz
` (2 preceding siblings ...)
2005-10-05 15:36 ` kashani
@ 2005-10-05 17:01 ` Marshal Newrock
2005-10-06 0:27 ` Bryan Whitehead
4 siblings, 0 replies; 20+ messages in thread
From: Marshal Newrock @ 2005-10-05 17:01 UTC (permalink / raw
To: gentoo-user
A useful program for debugging Postfix SASL problems is saslfinger
(http://postfix.state-of-mind.de/patrick.koetter/saslfinger/).
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 20+ messages in thread* Re: [gentoo-user] POSTFIX and SASL
2005-10-05 15:17 Joe Strusz
` (3 preceding siblings ...)
2005-10-05 17:01 ` Marshal Newrock
@ 2005-10-06 0:27 ` Bryan Whitehead
2005-10-05 20:04 ` Joe Strusz
4 siblings, 1 reply; 20+ messages in thread
From: Bryan Whitehead @ 2005-10-06 0:27 UTC (permalink / raw
To: gentoo-user
After spending 5 mins trying to get SASL working myself... I just emerged
stunnel and switched to simap/spop3... ;)
On Wed, 5 Oct 2005, Joe Strusz wrote:
> Ive read every forum on the site, and even ventured over the Wiki for even
> more redundant reading. Ive read the entire postfix handbook, and still have
> not found an answer to this problem. Its been two weeks now I haven't been
> able to send mail from outside the network to non local users.
>
> Heres my /etc/postfix/main.cf:
>
> alias_database = hash:/etc/mail/aliases
> alias_maps = hash:/etc/mail/aliases
> biff = no
> broken_sasl_auth_clients = yes
> command_directory = /usr/sbin
> config_directory = /etc/postfix
> content_filter = smtp-amavis:[127.0.0.1]:10024
> daemon_directory = /usr/lib/postfix
> debug_peer_level = 2
> default_destination_concurrency_limit = 2
> empty_address_recipient = MAILER-DAEMON
> home_mailbox = .maildir/
> html_directory = no
> inet_interfaces = all
> local_destination_concurrency_limit = 2
> mail_owner = postfix
> mailq_path = /usr/bin/mailq
> manpage_directory = /usr/share/man
> mydestination = op, op.$mydomain, $mydomain
> mydomain = mydomain.com
> myhostname = op.mydomain.com
> mynetworks = 192.168.1.0/24, 127.0.0.0/8, *.*.*.*(my WAN ip)
> newaliases_path = /usr/bin/newaliases
> queue_directory = /var/spool/postfix
> queue_minfree = 120000000
> readme_directory = /usr/share/doc/postfix-2.1.5-r2/readme
> sample_directory = /etc/postfix
> sendmail_path = /usr/sbin/sendmail
> setgid_group = postdrop
> smtp_use_tls = yes
> smtpd_data_restrictions = reject_unauth_pipelining
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_local_domain =
> smtpd_sasl_security_options = noanonymous
> smtpd_tls_CAfile = /etc/ssl/postfix/server.pem
> smtpd_tls_cert_file = /etc/ssl/postfix/server.crt
> smtpd_tls_key_file = /etc/ssl/postfix/server.key
> smtpd_tls_loglevel = 3
> smtpd_tls_received_header = yes
> smtpd_tls_session_cache_timeout = 3600s
> smtpd_use_tls = yes
> tls_random_source = dev:/dev/urandom
> unknown_local_recipient_reject_code = 450
> virtual_alias_domains = myvirtual.com
> virtual_alias_maps = hash:/etc/postfix/virtual
>
>
> And heres /etc/sasl2/smtpd.conf:
>
> pwcheck_method: saslauthd
> mech_list: plain login
>
> And heres /etc/conf.d/saslauthd:
>
> # $Id: saslauthd.sysconfig,v 1.1 2001/05/02 10:55:48 wiget Exp $
> # Authentications mechanism (for list see saslauthd -v)
> SASL_AUTHMECH=pam
>
>
> # Hostname for remote IMAP server (if rimap auth mech is used)
> # Ldap configuration file (if ldap auth mech is used)
> SASL_MECH_OPTIONS=
>
>
> # Extra options (for list see saslauthd -h)
> SASLAUTHD_OPTS=
>
>
> And last but not least, heres a description of the problem...
>
> TLS and everything else works great. However as soon as I check that little
> box in outlook express that says "my smtp server requires authentication" on
> the client whom worsk out of the office on home internet lines.. the password
> box keeps reappearing, and accepting any passwords... i ran the line
> "saslpasswd2 -c username" to no avail. Same issue.
>
> Postfix was compiled with SASL support:
>
> [ebuild R ] mail-mta/postfix-2.1.5-r2 -ipv6 -ldap -mailwrapper -mbox
> +mysql +pam -postgres +sasl (-selinux) +ssl -vda 0 kB
>
> And when i telnet to 25 and issue the ehlo command, i do get AUTH PLAIN
> lines...
>
> whats going on?
>
> please help
>
> im racking my brains.
>
>
>
>
> Joe Strusz
>
> IT Assistant
> Oxford Publishing, Inc.
> 307 West Jackson Avenue
> Oxford, MS 38655-2154
> 800-247-3881
> 662-236-5510x40
> jstrusz@oxpub.com
> http://www.nightclub.com
>
>
>
--
Bryan Whitehead
Email:driver@megahappy.net
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 20+ messages in thread* Re: [gentoo-user] POSTFIX and SASL
2005-10-06 0:27 ` Bryan Whitehead
@ 2005-10-05 20:04 ` Joe Strusz
0 siblings, 0 replies; 20+ messages in thread
From: Joe Strusz @ 2005-10-05 20:04 UTC (permalink / raw
To: gentoo-user
Im not familiar with stunnel.... could you point me toward some documentation?
At 07:27 PM 10/5/2005, you wrote:
>After spending 5 mins trying to get SASL working myself... I just
>emerged stunnel and switched to simap/spop3... ;)
>
>On Wed, 5 Oct 2005, Joe Strusz wrote:
>
>>Ive read every forum on the site, and even ventured over the Wiki
>>for even more redundant reading. Ive read the entire postfix
>>handbook, and still have not found an answer to this problem. Its
>>been two weeks now I haven't been able to send mail from outside
>>the network to non local users.
>>
>>Heres my /etc/postfix/main.cf:
>>
>>alias_database = hash:/etc/mail/aliases
>>alias_maps = hash:/etc/mail/aliases
>>biff = no
>>broken_sasl_auth_clients = yes
>>command_directory = /usr/sbin
>>config_directory = /etc/postfix
>>content_filter = smtp-amavis:[127.0.0.1]:10024
>>daemon_directory = /usr/lib/postfix
>>debug_peer_level = 2
>>default_destination_concurrency_limit = 2
>>empty_address_recipient = MAILER-DAEMON
>>home_mailbox = .maildir/
>>html_directory = no
>>inet_interfaces = all
>>local_destination_concurrency_limit = 2
>>mail_owner = postfix
>>mailq_path = /usr/bin/mailq
>>manpage_directory = /usr/share/man
>>mydestination = op, op.$mydomain, $mydomain
>>mydomain = mydomain.com
>>myhostname = op.mydomain.com
>>mynetworks = 192.168.1.0/24, 127.0.0.0/8, *.*.*.*(my WAN ip)
>>newaliases_path = /usr/bin/newaliases
>>queue_directory = /var/spool/postfix
>>queue_minfree = 120000000
>>readme_directory = /usr/share/doc/postfix-2.1.5-r2/readme
>>sample_directory = /etc/postfix
>>sendmail_path = /usr/sbin/sendmail
>>setgid_group = postdrop
>>smtp_use_tls = yes
>>smtpd_data_restrictions = reject_unauth_pipelining
>>smtpd_sasl_auth_enable = yes
>>smtpd_sasl_local_domain =
>>smtpd_sasl_security_options = noanonymous
>>smtpd_tls_CAfile = /etc/ssl/postfix/server.pem
>>smtpd_tls_cert_file = /etc/ssl/postfix/server.crt
>>smtpd_tls_key_file = /etc/ssl/postfix/server.key
>>smtpd_tls_loglevel = 3
>>smtpd_tls_received_header = yes
>>smtpd_tls_session_cache_timeout = 3600s
>>smtpd_use_tls = yes
>>tls_random_source = dev:/dev/urandom
>>unknown_local_recipient_reject_code = 450
>>virtual_alias_domains = myvirtual.com
>>virtual_alias_maps = hash:/etc/postfix/virtual
>>
>>
>>And heres /etc/sasl2/smtpd.conf:
>>
>>pwcheck_method: saslauthd
>>mech_list: plain login
>>
>>And heres /etc/conf.d/saslauthd:
>>
>># $Id: saslauthd.sysconfig,v 1.1 2001/05/02 10:55:48 wiget Exp $
>># Authentications mechanism (for list see saslauthd -v)
>>SASL_AUTHMECH=pam
>>
>>
>># Hostname for remote IMAP server (if rimap auth mech is used)
>># Ldap configuration file (if ldap auth mech is used)
>>SASL_MECH_OPTIONS=
>>
>>
>># Extra options (for list see saslauthd -h)
>>SASLAUTHD_OPTS=
>>
>>
>>And last but not least, heres a description of the problem...
>>
>>TLS and everything else works great. However as soon as I check
>>that little box in outlook express that says "my smtp server
>>requires authentication" on the client whom worsk out of the office
>>on home internet lines.. the password box keeps reappearing, and
>>accepting any passwords... i ran the line "saslpasswd2 -c username"
>>to no avail. Same issue.
>>
>>Postfix was compiled with SASL support:
>>
>>[ebuild R ] mail-mta/postfix-2.1.5-r2 -ipv6 -ldap -mailwrapper
>>-mbox +mysql +pam -postgres +sasl (-selinux) +ssl -vda 0 kB
>>
>>And when i telnet to 25 and issue the ehlo command, i do get AUTH
>>PLAIN lines...
>>
>>whats going on?
>>
>>please help
>>
>>im racking my brains.
>>
>>
>>
>>
>>Joe Strusz
>>
>>IT Assistant
>>Oxford Publishing, Inc.
>>307 West Jackson Avenue
>>Oxford, MS 38655-2154
>>800-247-3881
>>662-236-5510x40
>>jstrusz@oxpub.com
>>http://www.nightclub.com
>>
>>
>
>--
>Bryan Whitehead
>Email:driver@megahappy.net
>--
>gentoo-user@gentoo.org mailing list
Joe Strusz
IT Assistant
Oxford Publishing, Inc.
307 West Jackson Avenue
Oxford, MS 38655-2154
800-247-3881
662-236-5510x40
jstrusz@oxpub.com
http://www.nightclub.com
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 20+ messages in thread
end of thread, other threads:[~2005-10-05 20:11 UTC | newest]
Thread overview: 20+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-10-05 16:05 [gentoo-user] POSTFIX and SASL Joe Strusz
2005-10-05 16:31 ` kashani
2005-10-05 17:04 ` Joe Strusz
2005-10-05 17:10 ` Joe Strusz
2005-10-05 18:41 ` Joe Strusz
2005-10-05 18:46 ` Joe Strusz
2005-10-05 18:58 ` Drew Tomlinson
2005-10-05 19:03 ` joe strusz
2005-10-05 18:54 ` kashani
-- strict thread matches above, loose matches on Subject: below --
2005-10-05 16:17 Joe Strusz
2005-10-05 15:47 Joe Strusz
2005-10-05 15:55 ` Joe Strusz
2005-10-05 15:17 Joe Strusz
2005-10-05 15:25 ` John Jolet
2005-10-05 15:26 ` John Jolet
2005-10-05 15:32 ` Joe Strusz
2005-10-05 15:36 ` kashani
2005-10-05 17:01 ` Marshal Newrock
2005-10-06 0:27 ` Bryan Whitehead
2005-10-05 20:04 ` Joe Strusz
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox