Loading ...
Sorry, an error occurred while loading the content.
 

SASL setup problem

Expand Messages
  • Sergio Ferreira
    Hi List, I´m trying to setup SASL and an error was logged: postfix/smtpd[25821]: connect from unknown[10.2.1.167] postfix/smtpd[25821]: warning: SASL
    Message 1 of 4 , Nov 28, 2005
      Hi List,

      I´m trying to setup SASL and an error was logged:

      postfix/smtpd[25821]: connect from unknown[10.2.1.167]
      postfix/smtpd[25821]: warning: SASL authentication failure: cannot connect
      to saslauthd server: No such file or directory
      postfix/smtpd[25821]: warning: unknown[10.2.1.167]: SASL LOGIN
      authentication failed
      postfix/smtpd[25821]: lost connection after AUTH from unknown[10.2.1.167]
      postfix/smtpd[25821]: disconnect from unknown[10.2.1.167]

      I have installed these packages:

      for SASL:

      sasl2-bin
      libsasl2 2.1.19-1.5
      libsasl2-dev 2.1.19-1.5
      libsasl2-modules 2.1.19-1.5
      sasl2-bin 2.1.19-1.5

      for Postfix:

      postfix-tls 2.1.5-9:


      My setup has involved Postfix + LDAP running on Debian Sarge.


      My conf files of the SASL:


      /etc/postfix/sasl/smtpd.conf

      pwcheck_method: saslauthd
      mech_list: plain login

      ###

      /etc/default/saslauthd

      START=yes
      MECHANISMS="ldap"
      PARAMS="-O /etc/postfix/sasl/saslauthd.conf"

      ###

      etc/postfix/saslauthd.conf

      ldap_servers: ldap://localhost/
      ldap_search_base: ou=Users,dc=cultura,dc=gov,dc=br
      ldap_auth_method: bind
      ldap_filter: uid=%u


      Bye,

      Sergio
    • Sandy Drobic
      ... Did you start saslauthd? Is there perhaps a chroot problem? Run saslfinger -s for better diagnosis. Sandy
      Message 2 of 4 , Nov 28, 2005
        Sergio Ferreira wrote:
        > Hi List,
        >
        > I´m trying to setup SASL and an error was logged:
        >
        > postfix/smtpd[25821]: connect from unknown[10.2.1.167]
        > postfix/smtpd[25821]: warning: SASL authentication failure: cannot connect
        > to saslauthd server: No such file or directory



        > /etc/postfix/sasl/smtpd.conf
        >
        > pwcheck_method: saslauthd
        > mech_list: plain login

        Did you start saslauthd? Is there perhaps a chroot problem? Run saslfinger
        -s for better diagnosis.

        Sandy
      • Sergio Ferreira
        Hi, ... Yep. I don´t have this command saslfinger -s . But, I have these: #testsaslauthd -u sergio.ferreira -p temppass 0: OK Success. And: # sasltestsuite
        Message 3 of 4 , Nov 29, 2005
          Hi,


          >>>>>Did you start saslauthd? Is there perhaps a chroot
          >>>>>problem? Run saslfinger -s for better diagnosis.
          >>>>>
          >>>>>Sandy
          >>>>>

          Yep. I don´t have this command "saslfinger -s". But, I have these:

          #testsaslauthd -u sergio.ferreira -p temppass
          0: OK "Success."


          And:

          # sasltestsuite
          NOTE:
          -For KERBEROS_V4 must be able to read srvtab file (usually /etc/srvtab)
          -For GSSAPI must be able to read srvtab (/etc/krb5.keytab)
          -For both KERBEROS_V4 and GSSAPI you must have non-expired tickets
          -For OTP (w/OPIE) must be able to read/write opiekeys (/etc/opiekeys)
          -For OTP you must have a non-expired secret
          -Must be able to read sasldb, which needs to be setup with a
          username and a password (see top of testsuite.c)


          Checking plaintext passwords... Failed with: sasl_checkpass() failed on
          simple case


          My log now is a bit different:


          postfix/smtpd[2950]: connect from unknown[10.2.1.167]
          postfix/smtpd[2950]: warning: SASL authentication failure: cannot connect to
          saslauthd server: No such file or directory
          postfix/smtpd[2950]: warning: unknown[10.2.1.167]: SASL LOGIN authentication
          failed
          postfix/smtpd[2950]: lost connection after AUTH from unknown[10.2.1.167]
          postfix/smtpd[2950]: disconnect from unknown[10.2.1.167]

          Any idea?

          thanks,

          bye

          Sergio
        • Sandor Geller
          ... Please note that debianized postfix uses chroot-ed smtpd, so at least the saslauthd socket (/var/run/saslauthd/mux) is unavailable in the chroot by
          Message 4 of 4 , Nov 29, 2005
            Sergio Ferreira wrote:
            > Hi,
            >
            >
            >
            >>>>>>Did you start saslauthd? Is there perhaps a chroot
            >>>>>>problem? Run saslfinger -s for better diagnosis.
            >>>>>>
            >>>>>>Sandy
            >>>>>>
            >
            >
            > Yep. I don´t have this command "saslfinger -s". But, I have these:
            >
            > #testsaslauthd -u sergio.ferreira -p temppass
            > 0: OK "Success."

            Please note that debianized postfix uses chroot-ed smtpd, so at least
            the saslauthd socket (/var/run/saslauthd/mux) is unavailable in the
            chroot by default. You can run smtpd outside of the chroot (edit
            /etc/postfix/master.cf) and set up the permissions of /var/run/saslauthd
            (I recommend dpkg-statoverride to make your changes permament), or you
            can move the saslauthd socket into the chroot:/var/spool/postfix, maybe
            a better approach is to use mount with the bind option).

            --
            Sandor Geller
            wildy@...
          Your message has been successfully submitted and would be delivered to recipients shortly.