NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2000-09

Subject: Re: SASL and my Roaming Laptop (continued)
From: Liviu Daia (Liviu.Daiaimar.ro)
Date: Fri Sep 29 2000 - 16:38:02 CDT

Next message: Ralf Hildebrandt: "Re: Postfix vs. Exchange, round 3"
Previous message: Liviu Daia: "Re: Postfix vs. Exchange, round 3"
In reply to: Ron 'The InSaNe One' Rosson: "SASL and my Roaming Laptop (continued)"
Reply: Liviu Daia: "Re: SASL and my Roaming Laptop (continued)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 29 September 2000, Ron 'The InSaNe One' Rosson
<insanelunatic.oneinsane.net> wrote:
> Ok..
>
> I am almost there.
>
> Background:
>
> Laptop:
> FreeBSD running postfix snapshot-20000531 compiled with SASL
> support. Laptop is always on the go.
> SASL entries in main.cf:
> smtp_sasl_auth_enable = yes
> smtp_sasl_password_maps = hash:/usr/local/etc/postfix/sasl_passwd

Unrelated to your problem, I'd suggest you also add:

smtp_sasl_security_options = noplaintext

> Mail Server:
> FreeBSD Server running postfix snapshot-20000531 compiled with SASL
> support. My mail server that I have setup to do SMTP AUTH using cyrus
> SASL.
> SASL entries in main.cf:
> smtpd_recipient_restrictions = permit_mynetworks,
> reject_non_fqdn_recipient, permit_sasl_authenticated,
> check_relay_domains
>
> smtpd_sasl_auth_enable = yes

Unrelated to your problem, I'd suggest you also add:

smtpd_sasl_security_options = noanonymous, noplaintext

> After looking at the log snippit below can someone give me some ideas
> on where to look to see if I can get this working.
>
> Here is a snippit of the maillog from the laptop (debug_peer_list)
[...]
> Sep 29 11:53:47 mental postfix/smtp[25781]: smtp_sasl_authenticate: mail.oneinsane.net[207.113.133.228]: uncoded client response mylogin 14ca2c932ec4929c1944c40a 4a4755dd
> Sep 29 11:53:47 mental postfix/smtp[25781]: > mail.oneinsane.net[207.113.133.228]: aW5zYW5lIDE0Y2EyYzkzMmVjNDkyOWMxOTQ0YzQwYTRhNDc1NWRk
> Sep 29 11:53:52 mental postfix/smtp[25781]: < mail.oneinsane.net[207.113.133.228]: 535 Error: authentication failed
[...]

Assuming you didn't mess up your password, the most likely
cause for the authentication failure is that Postfix' idea about
your "realm" is not the same as SASL's. On your server, either set
smtpd_sasl_local_domain to whatever sasldblistusers says your realm
is, or start again with saslpasswd, adding the "-u mail.oneinsane.net"
option (replace "mail.oneinsane.net" with the value of $myhostname if
necessary).

Regards,

Liviu Daia

-- 
Dr. Liviu Daia               e-mail:   Liviu.Daiaimar.ro
Institute of Mathematics     web page: http://www.imar.ro/~daia
of the Romanian Academy      PGP key:  http://www.imar.ro/~daia/daia.asc

Next message: Ralf Hildebrandt: "Re: Postfix vs. Exchange, round 3"
Previous message: Liviu Daia: "Re: Postfix vs. Exchange, round 3"
In reply to: Ron 'The InSaNe One' Rosson: "SASL and my Roaming Laptop (continued)"
Reply: Liviu Daia: "Re: SASL and my Roaming Laptop (continued)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]