From: Andreas Winkelmann (mlawinkelmann.de)
Date: Sat Jul 08 2006 - 14:27:01 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Am Saturday 08 July 2006 18:43 schrieb Bruce Lane:

> Jul 8 09:10:20 featherweb postfix/smtpd[24211]: warning:
> xsasl_cyrus_server_get_mechanism_list: no applicable SASL mechanisms
> Jul 8 09:10:20 featherweb postfix/smtpd[24211]: fatal: no SASL
authentication mechanisms

Seems, you have not Installed Cyrus-SASL mechanisms PLAIN or/and LOGIN.

> Jul 8 09:10:21 featherweb postfix/master[18443]: warning:
> process /usr/libexec/postfix/smtpd pid 24211 exit status 1
> Jul 8 09:10:21 featherweb postfix/master[18443]:
warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling

> I believe I correctly followed the directions at
> http://www.postfix.org/SASL_README.html
>
> This is the contents of my /usr/local/lib/sasl2/smtpd.conf file.
>
> featherweb: {46} cat /usr/local/lib/sasl2/smtpd.conf
> # smtpd.conf for sasl auth. 8-Jul-06.
> #
> pwcheck_method: pwcheck

pwcheck_method: saslauthd

> mech_list: plain login
> featherweb: {47}
>
> When I start the saslauthd daemon for testing, this is the exact command
> I'm using.
>
> /usr/local/sbin/saslauthd -a getpwent
>
> This results in the following processes appearing in ps.
>
> featherweb: {47} ps -aux|grep saslauthd
> root 8383 0.0 0.0 88 432 ? IW 8:56AM 0:00.02
> /usr/local/sbin/saslauthd -a getpwent root 12915 0.0 0.0 88 432 ?
> IW 8:56AM 0:00.01 /usr/local/sbin/saslauthd -a getpwent root
> 13309 0.0 0.0 88 756 ? IWs 8:56AM 0:00.04
> /usr/local/sbin/saslauthd -a getpwent root 15962 0.0 0.0 88 432 ?
> IW 8:56AM 0:00.02 /usr/local/sbin/saslauthd -a getpwent root
> 17889 0.0 0.0 88 432 ? IW 8:56AM 0:00.03
> /usr/local/sbin/saslauthd -a getpwent root 13031 0.0 1.5 232 944
> ttyp0 RV 9:40AM 0:00.00 grep saslauthd (csh) featherweb: {48}
>
> The output of postconf -n follows. I promise that it is unaltered, not
> "cleaned up" in any way. ;-) However, note that I do not have TLS turned on
> at the moment. I'll worry about it after I get SASL working.
>
> featherweb: {45} postconf -n
> address_verify_sender = <>
> alias_database = hash:/etc/mail/postfix.aliases
> alias_maps = hash:/etc/mail/postfix.aliases
> broken_sasl_auth_clients = yes
> command_directory = /usr/sbin
> config_directory = /etc/postfix
> daemon_directory = /usr/libexec/postfix
> debug_peer_level = 2
> default_destination_concurrency_limit = 8
> default_privs = nobody
> disable_dns_lookups = no
> home_mailbox = Maildir/
> html_directory = no
> inet_interfaces = 192.168.42.130, localhost
> local_destination_concurrency_limit = 2
> local_recipient_maps = $alias_maps unix:passwd.byname
> mail_owner = postfix
> mailbox_size_limit = 100000000
> mailq_path = /usr/bin/mailq
> manpage_directory = /usr/share/man
> mydestination = $myhostname, localhost.$mydomain, $mydomain
> mydomain = bluefeathertech.com
> myhostname = featherweb.bluefeathertech.com
> mynetworks = 192.168.42.0/24, 127.0.0.0/8
> mynetworks_style = subnet
> myorigin = $mydomain
> newaliases_path = /usr/bin/newaliases
> queue_directory = /var/spool/postfix
> readme_directory = /usr/share/examples/postfix
> relay_domains = $mydestination
> sample_directory = /usr/share/examples/postfix
> sendmail_path = /usr/sbin/sendmail
> setgid_group = maildrop
> smtp_tls_note_starttls_offer = yes
> smtp_use_tls = no
> smtpd_banner = $myhostname ESMTP $mail_name - Unsolicited Commercial E-mail
> prohibited! smtpd_data_restrictions = reject_unauth_pipelining, permit
> smtpd_enforce_tls = no
> smtpd_helo_required = yes
> smtpd_recipient_restrictions = permit_sasl_authenticated,
> permit_mynetworks, reject_invalid_hostname,
> reject_non_fqdn_hostname, reject_non_fqdn_sender,
> reject_non_fqdn_recipient, reject_unknown_sender_domain,
> reject_unauth_destination, check_sender_mx_access
> cidr:/etc/postfix/mx_access, reject_unknown_recipient_domain,
> check_recipient_mx_access cidr:/etc/postfix/mx_access,
> check_recipient_access regexp:/etc/postfix/recipient_checks.re,
> check_helo_access hash:/etc/postfix/helo_checks, check_sender_access
> regexp:/etc/postfix/verizon_sav_sender.re, check_sender_access
> hash:/etc/postfix/client_checks, check_client_access
> hash:/etc/postfix/client_checks, check_sender_access
> cidr:/etc/postfix/mx_access, check_client_access
> cidr:/etc/postfix/mx_access, reject_rbl_client relays.ordb.org,
> reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client dnsbl.ahbl.org,
> reject_rhsbl_client rhsbl.sorbs.net, permit
> smtpd_restriction_classes = from_verizon_sav
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_authenticated_header = yes
> smtpd_sasl_local_domain = $myhostname
> smtpd_sasl_security_options = noanonymous
> smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
> smtpd_tls_cert_file = /etc/postfix/ssl/newcert.pem
> smtpd_tls_key_file = /etc/postfix/ssl/newreq.pem
> smtpd_tls_loglevel = 2
> smtpd_tls_received_header = no
> smtpd_tls_session_cache_database = btree:/etc/postfix/smtpd_scache
> smtpd_tls_session_cache_timeout = 3600s
> smtpd_use_tls = no
> soft_bounce = no
> tls_random_source = dev:/dev/urandom
> unknown_address_reject_code = 553
> unknown_client_reject_code = 554
> unknown_hostname_reject_code = 554
> featherweb: {46}
>
> I will continue to research this while waiting for responses.
>
> Thanks in advance to all, and I apologize again if my ignorance and
> assumptions caused anyone heartburn over this.
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Bruce Lane, Owner & Head Hardware Heavy,
> Blue Feather Technologies -- http://www.bluefeathertech.com
> kyrrin (at) bluefeathertech do/t c=o=m
> "If Salvador Dali had owned a computer, would it have been equipped with
> surreal ports?"

--
        Andreas

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]