OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Alexander Skwar (ASkwarDigitalProjects.com)
Date: Sat Mar 02 2002 - 07:15:18 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    »Ralf Hildebrandt« sagte am 2002-03-01 um 20:49:52 +0100 :
    > Sacrilege! Never do relaying decisions based on the sender address
    > (which can be forged by any idiot spammer out there)

    Okay, thinking a little bit about it, I agree that this was a very bad
    idea.

    I'm now trying to setup more secure ways for the problem. Right now
    I've got pop-before-smtp working thanks to your nice howto. However,
    I'd also like to get SMTP AUTH to work.

    On the machine I installed:

    cyrus-sasl-1.5.27-2mdk
    libsasl7-1.5.27-2mdk
    libsasl7-plug-anonymous-1.5.27-2mdk
    libsasl7-plug-crammd5-1.5.27-2mdk
    libsasl7-plug-digestmd5-1.5.27-2mdk
    libsasl7-plug-login-1.5.27-2mdk
    libsasl7-plug-plain-1.5.27-2mdk
    postfix-20010228-20mdk

    In /etc/postfix/main.cf, I've added:

    broken_sasl_auth_clients = yes
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_local_domain = $myhostname

    postfix is compiled with SASL support. I'd like to get LOGIN/PLAIN to work
    and I'd also like SASL to use PAM. The file /usr/lib/sasl/smtpd.conf
    contains:

    pwcheck_method:pam

    I also checked http://www.thecabal.org/~devin/postfix/smtp-auth.txt and
    it also mentions the above line.

    Well, I cannot login :( The server rejects my login attempts:

    > telnet host smtp
    Trying 123.123.123.123...
    Connected to host (123.123.123.123).
    Escape character is '^]'.
    220 host ESMTP Postfix (Postfix-20010228-pl08) (Mandrake Linux)
    ehlo my-name
    250-host
    250-PIPELINING
    250-SIZE 10240000
    250-ETRN
    250-AUTH PLAIN LOGIN
    250-AUTH=PLAIN LOGIN
    250 8BITMIME
    AUTH PLAIN SomeValid?
    535 Error: authentication failed
    quit
    221 Bye

    The IPs, hostnames and AUTH PLAIN string are changed. The string I send
    after AUTH PLAIN was constructed as explained on
    http://www.cise.ufl.edu/depot/doc/postfix/SASL_README (ie. printf
    'username\0username\0password' | mmencode).

    Seems like I've did something wrong or forgot a step, doesn't it?
    However, what did I forget/do wrong? Could somebody please be so kind
    and help me again?

    Thanks,

    Alexander Skwar 

    -- 
How to quote:	http://learn.to/quote (german) http://quote.6x.to (english)
Homepage:	http://www.iso-top.de      |     Jabber: askwarcharente.de
   iso-top.de - Die günstige Art an Linux Distributionen zu kommen
                       Uptime: 4 hours 9 minutes
-
To unsubscribe, send mail to majordomopostfix.org with content
(not subject): unsubscribe postfix-users