John wrote:
Help!
I'm running SuSE 10.0 as a server and have had Postfix up and running for some time. Coupled with Courier IMAP and Squirrelmail, I can read, and send, email from my workstation from either Thunderbird or Firefox (via the Squirrel) with no problems.
I tried to configure my mobile phone to allow me access to my IMAP mail account on the server and, surprise, surprise, encountered relay problems. OK, let's look at Cyrus SASL for SMTP AUTH.
I've followed three setup descriptions, including Pat Koetter's How-To document on the Postfix site, his, and others, book 'Linux Email' and Kyle Dent's 'Postfix, the definitive guide' but can not get beyond one simple hurdle.
sasl authentication can be a bit tricky.
Postfix and Cyrus are straight out of the SuSE 10.0 distribution, installed using YaST.
My goal is to have login verification against the passwd file, eventually using TLS, but, one step at a time.
In /etc/postfix/main.cf, I have: smtpd_sasl_auth_enable = yes smtpd_sasl_application_name = smtpd smtpd_sasl_security_options = noanonymous smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_sender_login_mismatch smtpd_sasl_local_domain = $myhostname broken_sasl_auth_clients = yes
Please show output of "postconf -n". This will show best how your config is working.
In /etc/syslog.conf, I've added: auth.* /var/log/auth
but I get no log file from this
Postfix logs to mail facility mail.*, not auth, so it's not surprising.
In /usr/lib/sasl2/smtpd.conf, I have: pwcheck_method: saslauthd log_level: 3 mech_list: PLAIN LOGIN
Okay, looks good, though log_level is not evaluated. I hope in /usr/lib/sasl2 the neccessary libraries are installed?
and in /etc/sysconfig/saslauthd, I have SASLAUTHD_AUTHMECH=getpwent
I have set it to PAM, you can also use SHADOW. Now, what does the following command say: testsaslauthd -s smtp -u user -p password If that command is successful, then authentication from within Postfix should work.
When I try Telnet, I see this: General:/etc/postfix # telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 General.DMJ-Consultancy.local ESMTP Postfix ehlo localhost 250-General.DMJ-Consultancy.local 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN 250 8BITMIME auth plain am...zM0 <---edited! 535 Error: authentication failed
That looks a bit strange. the plain string should have an equal sign as the last character. This is the result of binhex64 encoding user "testuser" and password "testpass": dGVzdHVzZXIAdGVzdHVzZXIAdGVzdHBhc3M= Are you sure you have encoded the string correctly?
So I conclude that SASL is up and hooked into postfix but each time I try to telnet, or even access through Thunderbird, I find authentication failed and in /var/log/mail.warn, I find Sep 19 18:34:15 General postfix/smtpd[6684]: warning: SASL authentication failure: Password verification failed Sep 19 18:34:15 General postfix/smtpd[6684]: warning: unknown[192.168.74.180]: SASL PLAIN authentication failed Sep 19 18:34:15 General postfix/smtpd[6684]: warning: unknown[192.168.74.180]: SASL LOGIN authentication failed
This definitely looks as if you have the wrong password.
but I can log on to the server using the same user name and password that I am trying for Thunderbird and telnet.
Where have I gone wrong? I am convinced that I've missed something simple - clearly so simple that each time I go through one of the above references again, I miss it again!
BTW I've tried Patrick Koetter's saslfinger; this gives me runtime errors of its own so I haven't any output from it.
What kind of error? saslfinger is a simple bash script, it should run without any problem on suse 10. Sandy -- List replies only please! Please address PMs to: news-reply2 (@) japantest (.) homelinux (.) com