John wrote:
Help!
[snip]
Please show output of "postconf -n". This will show best how your config is working. General:/etc/postfix # postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases biff = no broken_sasl_auth_clients = yes canonical_maps = hash:/etc/postfix/canonical command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/lib/postfix debug_peer_level = 2 defer_transports = disable_dns_lookups = no disable_mime_output_conversion = no home_mailbox = Maildir/
Thanks, Sandy. Sandy Drobic wrote: html_directory = /usr/share/doc/packages/postfix/html inet_interfaces = all inet_protocols = all mail_owner = postfix mail_spool_directory = /var/mail mailbox_command = /usr/bin/procmail mailbox_size_limit = 0 mailbox_transport = mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man masquerade_classes = envelope_sender, header_sender, header_recipient masquerade_domains = masquerade_exceptions = root message_size_limit = 10240000 mydestination = $myhostname, localhost.$mydomain, DMJ-Consultancy.co.uk, DMJ-Consultancy.me.uk, DMJ-Consultancy.org.uk myhostname = General.DMJ-Consultancy.local mynetworks = 127.0.0.0/8, 192.168.74.0/24, 192.168.80.0/24, 10.0.0.0/24 myorigin = DMJ-Consultancy.me.uk newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/packages/postfix/README_FILES relayhost = relocated_maps = hash:/etc/postfix/relocated sample_directory = /usr/share/doc/packages/postfix/samples sender_canonical_maps = hash:/etc/postfix/sender_canonical sendmail_path = /usr/sbin/sendmail setgid_group = maildrop smtp_use_tls = no smtpd_client_restrictions = smtpd_helo_required = no smtpd_helo_restrictions = smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_sender_login_mismatch smtpd_sasl_application_name = smtpd smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_security_options = noanonymous smtpd_sender_restrictions = hash:/etc/postfix/access smtpd_use_tls = no strict_8bitmime = no strict_rfc821_envelopes = no transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 550
In /etc/syslog.conf, I've added: auth.* /var/log/auth
but I get no log file from this
Postfix logs to mail facility mail.*, not auth, so it's not surprising.
I had the impression that sasl would log here, not postfix.
In /usr/lib/sasl2/smtpd.conf, I have: pwcheck_method: saslauthd log_level: 3 mech_list: PLAIN LOGIN
Okay, looks good, though log_level is not evaluated.
I hope in /usr/lib/sasl2 the neccessary libraries are installed?
and in /etc/sysconfig/saslauthd, I have SASLAUTHD_AUTHMECH=getpwent
I have set it to PAM, you can also use SHADOW.
Now, what does the following command say: testsaslauthd -s smtp -u user -p password
0: NO "authentication failed"
If that command is successful, then authentication from within Postfix should work.
[snip]
That looks a bit strange. the plain string should have an equal sign as the last character. This is the result of binhex64 encoding user "testuser" and password "testpass":
dGVzdHVzZXIAdGVzdHVzZXIAdGVzdHBhc3M=
Are you sure you have encoded the string correctly?
Without putting username and full text password in the email, all I can say is I've typed the line several times and gotten the same result each time (am9obgBqb2huAENyaWNrZXQ4MzM0) from perl -MMIME::Base64 -e 'print encode_base64("uuuuu\0uuuuu\0pppppppp");'
So I conclude that SASL is up and hooked into postfix but each time I try to telnet, or even access through Thunderbird, I find authentication failed and in /var/log/mail.warn, I find Sep 19 18:34:15 General postfix/smtpd[6684]: warning: SASL authentication failure: Password verification failed Sep 19 18:34:15 General postfix/smtpd[6684]: warning: unknown[192.168.74.180]: SASL PLAIN authentication failed Sep 19 18:34:15 General postfix/smtpd[6684]: warning: unknown[192.168.74.180]: SASL LOGIN authentication failed
This definitely looks as if you have the wrong password. Puzzling since, in Thunderbird, I type it in at the keyboard exactly as if logging in to SuSE. Could it be that it's not looking at the passwd file?
but I can log on to the server using the same user name and password that I am trying for Thunderbird and telnet.
Where have I gone wrong? I am convinced that I've missed something simple - clearly so simple that each time I go through one of the above references again, I miss it again!
BTW I've tried Patrick Koetter's saslfinger; this gives me runtime errors of its own so I haven't any output from it.
What kind of error? saslfinger is a simple bash script, it should run without any problem on suse 10.
I'll have to get back on that since I'll have to re-download it and try again BTW, I believe that postfix is not CHROOTed, either.
Sandy
J