|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
smtpd.conf being ignored
From: Ralf Hildebrandt (Ralf.Hildebrandt
charite.de)
Date: Mon Feb 02 2004 - 05:31:15 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I'm desperate: From all the analysis I've done if found that
/usr/lib/sasl2/smtpd.conf is being ignored -- no matter what I fill
in, I'm being offered all mechs:
# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 sbserv.stahl.bau.tu-bs.de ESMTP Postfix
EHLO f
250-sbserv.stahl.bau.tu-bs.de
250-PIPELINING
250-SIZE 20480000
250-ETRN
250-AUTH NTLM LOGIN PLAIN DIGEST-MD5 CRAM-MD5
250-AUTH=NTLM LOGIN PLAIN DIGEST-MD5 CRAM-MD5
250-XVERP
250 8BITMIME
This is a Debian/unstable system.
Feb 2 12:26:46 sbserv postfix/smtpd[29368]: connect from localhost[127.0.0.1]
Feb 2 12:26:51 sbserv postfix/smtpd[29368]: warning: SASL authentication failure: Password verification failed
Feb 2 12:26:51 sbserv postfix/smtpd[29368]: warning: localhost[127.0.0.1]: SASL PLAIN authentication failed
The /usr/lib/sasl2/smtpd.conf:
log_level: 3
pwcheck_method: saslauthd
mech_list: plain login
The authd:
# ps -ef| grep sasl
root 29132 1 0 12:26 ? 00:00:00 /usr/sbin/saslauthd -a shadow
root 29133 29132 0 12:26 ? 00:00:00 /usr/sbin/saslauthd -a shadow
root 29134 29132 0 12:26 ? 00:00:00 /usr/sbin/saslauthd -a shadow
root 29135 29132 0 12:26 ? 00:00:00 /usr/sbin/saslauthd -a shadow
root 29136 29132 0 12:26 ? 00:00:00 /usr/sbin/saslauthd -a shadow
The socket:
% lsof | grep saslauthd
...
saslauthd 29135 root 4u REG 114,4 6 783411 /var/run/saslauthd/saslauthd.pid
saslauthd 29135 root 5u unix 0xd1d410a0 58500200 /var/run/saslauthd/mux
saslauthd 29135 root 6u REG 114,4 0 783410 /var/run/saslauthd/mux.accept
saslauthd 29136 root cwd DIR 114,4 4096 783409 /var/run/saslauthd
The perms:
# ll /var/run/saslauthd/*
srwxrwxrwx 1 root root 0 2004-02-02 12:26 /var/run/saslauthd/mux
-rw------- 1 root root 0 2004-02-02 12:26 /var/run/saslauthd/mux.accept
-rw------- 1 root root 6 2004-02-02 12:26 /var/run/saslauthd/saslauthd.pid
# ll -d /var/run/saslauthd
drwxr-xr-x 2 root sasl 4096 2004-02-02 12:26 /var/run/saslauthd
What daemon do I need to strace to find out why it's being ignored?
This SASL stuff is such a piss-poor piece of undocumented, undebuggable junk.
% postconf -n
alias_database = $alias_maps
alias_maps = hash:/etc/postfix/aliases hash:/var/lib/mailman/data/aliases
biff = no
body_checks = regexp:/etc/postfix/body_checks.regexp
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = lmtp-amavis:[localhost]:10024
daemon_directory = /usr/lib/postfix
defer_transports = hold
delay_warning_time = 0
disable_vrfy_command = yes
fast_flush_domains = $relay_domains
hash_queue_depth = 1
header_checks = regexp:/etc/postfix/header_checks.regexp
home_mailbox = Maildir/
local_destination_concurrency_limit = 2
local_recipient_maps = $relocated_maps, $alias_maps, proxy:unix:passwd.byname
mail_owner = postfix
mailbox_command =
mailbox_size_limit = 0
mailq_path = /usr/bin/mailq
manpage_directory = /users2/local/man
maximal_queue_lifetime = 3d
message_size_limit = 20480000
mydestination = $mydomain $myhostname www.$mydomain stahlw06.$mydomain localhost.$mydomain is.tu-braunschweig.de stahlbau.tu-braunschweig.de sbserv.is.tu-braunschweig.de sbserv.stahl.bau.tu-bs.de www.is.tu-braunschweig.de localhost.is.tu-braunschweig.de www.is.tu-braunschweig.de www.is.bau.tu-braunschweig.de www.sfb477.tu-braunschweig.de www.grk802.tu-braunschweig.de webmail.is.tu-braunschweig.de stahlw00.$mydomain stahlw00.is.tu-braunschweig.de
mydomain = stahl.bau.tu-bs.de
mynetworks = 127.0.0.0/8, 134.169.69.192/26
newaliases_path = /usr/bin/newaliases
notify_classes = resource, software
owner_request_special = no
program_directory = /usr/lib/postfix
queue_directory = /var/spool/postfix
queue_minfree = 20480000
readme_directory = no
recipient_canonical_maps = hash:/etc/postfix/canonical
recipient_delimiter = +
relay_domains = $mydestination, hash:/etc/postfix/relay_domains
relocated_maps = hash:/etc/postfix/relocated
sample_directory = /etc/postfix/samples
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpd_client_restrictions =
smtpd_etrn_restrictions = permit_mynetworks, check_client_access $relay_domains reject
smtpd_helo_required = yes
smtpd_helo_restrictions =
smtpd_recipient_restrictions = reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access hash:/etc/postfix/recipient_checks, check_sender_access hash:/etc/postfix/sender_checks, check_client_access hash:/etc/postfix/client_checks, reject_unauth_pipelining, reject_invalid_hostname, reject_non_fqdn_hostname, reject_rbl_client relays.ordb.org, check_sender_access hash:/etc/postfix/rhsbl_sender_domain_exceptions, reject_rhsbl_sender dsn.rfc-ignorant.org permit
smtpd_restriction_classes = pruefe_ob_absender_existiert
smtpd_sasl_auth_enable = yes
smtpd_sender_restrictions =
strict_8bitmime = no
strict_8bitmime_body = no
strict_mime_encoding_domain = yes
strict_rfc821_envelopes = yes
transport_maps = hash:/etc/postfix/transport
unknown_address_reject_code = 554
unknown_client_reject_code = 554
unknown_hostname_reject_code = 554
--
Ralf Hildebrandt Ralf.Hildebrandtcharite.de
my current spamtrap spamtrapcharite.de
http://www.arschkrebs.de/postfix/ Tel. +49 (0)30-450 570-155
Why you can't find your system administrators:
Hiding in another office where he can work without getting interrupted.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]