From: Andreas Winkelmann (mlawinkelmann.de)
Date: Mon Aug 25 2003 - 09:24:51 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

mailinglists wrote:

> I've been searching google up and down, found a lot of stuff but still I can't make it move.
>
> that's main.cf
>
> smtpd_helo_required = yes
> smtpd_helo_restrictions =
> strict_rfc821_envelopes = yes
> smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination,reject_unauth_destination
> smtp_sasl_auth_enable = no
> smtpd_sasl_security_options = noanonymous, noplaintext
> smtp_sasl_password_maps = hash:/etc/postfix/smtp_auth

If you switch smtp_sasl_auth_enable off, this is not neccessary.

> smtpd_sasl_auth_enable = yes
> smtpd_use_tls = no
>
>
> master.cf
>
> smtp inet n - n - - smtpd
> -o smtpd_tls_wrappermode=no -o smtpd_sasl_auth_enable=yes
>
> #submission inet n - n - - smtpd
> # -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
> #628 inet n - n - - qmqpd
> pickup fifo n - n 60 1 pickup
> cleanup unix n - n - 0 cleanup
> qmgr fifo n - n 300 1 qmgr
> #qmgr fifo n - n 300 1 nqmgr
> #tlsmgr fifo - - n 300 1 tlsmgr
> rewrite unix - - n - - trivial-rewrite
> bounce unix - - n - 0 bounce
> defer unix - - n - 0 bounce
> flush unix n - n 1000? 0 flush
> proxymap unix - - n - - proxymap
> smtp unix - - n - - smtp
> relay unix - - n - - smtp
> # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
> showq unix n - n - - showq
> error unix - - n - - error
> local unix - n n - - local
> virtual unix - n n - - virtual
> lmtp unix - - n - - lmtp
> #localhost:10025 inet n - n - - smtpd -o content_filter=
> #
> # Interfaces to non-Postfix software. Be sure to examine the manual
> # pages of the non-Postfix software to find out what options it wants.
> #
> # maildrop. See the Postfix MAILDROP_README file for details.
> #
> maildrop unix - n n - - pipe
> flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
> cyrus unix - n n - - pipe
> user=cyrus argv=/usr/lib/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
> uucp unix - n n - - pipe
> flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
> ifmail unix - n n - - pipe
> flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
> bsmtp unix - n n - - pipe
> flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
> vscan unix - n n - 10 pipe
> user=vscan argv=/usr/sbin/amavis ${sender} ${recipient}
> procmail unix - n n - - pipe
> flags=R user=nobody argv=/usr/bin/procmail -t -m /etc/procmailrc ${sender} ${recipient}
> #filter unix - n n - - pipe
> # user=filter argv=/home/filter/sc/filter.sh -f ${sender} -- ${recipient}
>
>
> /usr/lib/sasl2/smtpd.conf

Is this the correct path? For default sasl is installed in
/usr/local/lib/sasl2.

> mech_list: crammd5

With a "-":

mech_list: CRAM-MD5

> pwcheck_method: sasldb

If you want to use sasldb with sasl-v2, then:

pwcheck_method: auxprop

And maybe, if you have more eg mysql, ldap...:

auxprop_plugin: sasldb

> /etc/sysconfig/saslauthd
>
> SASLAUTHD_AUTHMECH=pam

If you want to use saslauthd, then:

pwcheck_method: saslauthd

So, where are your useraccounts? PAM (shadow?) or sasldb?

If sasldb, is it created with permission for postfix to read it? Maybe
show us a sasldblistusers2.

> /var/log/mail
>
> Aug 25 11:09:03 mail postfix/smtpd[23719]: fatal: no SASL authentication mechanisms
> Aug 25 11:09:04 mail postfix/master[23701]: warning: process /usr/lib/postfix/smtpd pid 23719 exit status 1
> Aug 25 11:09:04 mail postfix/master[23701]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
>
> I compiled postfix 2.0.14 with sasl support according to SASL-README. Sasl2 version is 2.1.12.

--
        Andreas

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]