Loading ...
Sorry, an error occurred while loading the content.

289919Re: warning:xsasl_cyrus_server_get_mechanism_list: no applicable SASL mechanisms

Expand Messages
  • Noel Jones
    Dec 5, 2012
    • 0 Attachment
      On 12/5/2012 7:23 PM, jugree@... wrote:
      >> The problem is a mis-match between smtpd_sasl_security_options
      >> (e.g., noplaintext) and the available server mechanisms (e.g.,
      >> plaintext only).
      >
      > I've configured UNIX-domain socket communication, enabled SASL
      > authentication and authorization(0), but I'm still getting `fatal: no
      > SASL authentication mechanisms'.
      >
      > Is it connected with my configuration? Is it connected with the
      > version of Postfix?
      >
      > dovecot.conf:
      > mechanisms = plain

      If you're using dovecot now, make sure you set in main.cf
      smtpd_sasl_type = dovecot

      Make sure "postconf -n" output contains the settings you expect!


      >
      > main.cf:
      > smtpd_sasl_security_options = noanonymous, noplaintext

      Well there's the problem. Postfix says noplaintext but dovecot only
      has PLAIN.

      >
      > AFAICT, it can't be connected with `noplaintext' because it `allows
      > plaintext mechanisms, but only over a TLS-encrypted connection'(1).

      For the above statement to be true, you need both
      smtpd_sasl_security_options = noanonymous, noplaintext
      smtpd_sasl_tls_security_options = noanonymous

      and for the above to /work/ dovecot needs to offer a non-plaintext
      mechanism, such as CRAM-MD5.

      I would strongly suggest removing the "noplaintext" keyword during
      testing.



      -- Noel Jones
    • Show all 13 messages in this topic