No SMTP AUTH when TLS enabled
in [Postfix]
|
From: froinds J on 2 Jan 2010 00:35 Hello, I'm having a problem with postfix in F12. I used to have my email server setup with F10. My setup had TLS enabled (self signed certs) with SASL using pwcheck_method=auxprop and CRAM-MD5 DIGEST-MD5. I had virtual accounts. Everything worked great until I installed F12. It was a clean install. My issue now is the following: If I disable TLS, postfix works as expected. If I enable it, I cannot authenticate. Without TLS I can telnet to my server and I get 250-AUTH CRAM-MD5 DIGEST-MD5 250-AUTH=CRAM-MD5 DIGEST-MD5. However, once I enable TLS this doesn't show. My mail client says the server does not support CRAM-MD5 or any other method of authentication I try when TLS is on. I've tested the certs with openssl and I don't get any errors. I've been running my mail server on Fedora since FC3 and I've never encountered this issue. Has anyone had this problem? A solution will be appreciated. Thanks in advance.
From: Patrick Ben Koetter on 2 Jan 2010 02:26 * froinds J <froinds(a)gmail.com>: > Hello, > I'm having a problem with postfix in F12. > I used to have my email server setup with F10. My setup had TLS > enabled (self signed certs) with SASL using pwcheck_method=auxprop and > CRAM-MD5 DIGEST-MD5. I had virtual accounts. > Everything worked great until I installed F12. It was a clean install. > My issue now is the following: > If I disable TLS, postfix works as expected. If I enable it, I cannot > authenticate. Without TLS I can telnet to my server and I get 250-AUTH > CRAM-MD5 DIGEST-MD5 > 250-AUTH=CRAM-MD5 DIGEST-MD5. However, once I enable TLS this doesn't show. > My mail client says the server does not support CRAM-MD5 or any other method > of authentication I try when TLS is on. > > I've tested the certs with openssl and I don't get any errors. > > I've been running my mail server on Fedora since FC3 and I've never > encountered this issue. > Has anyone had this problem? Blind guess: You have set $smtpd_tls_auth_only to yes and AUTH only shows up in a TLS session. If that is not the case follow the instructions at <http://de.postfix.org/httpmirror/DEBUG_README.html#mail> to provide debug output. p(a)rick -- All technical questions asked privately will be automatically answered on the list and archived for public access unless privacy is explicitely required and justified. saslfinger (debugging SMTP AUTH): <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
From: froinds J on 2 Jan 2010 03:02 On Sat, Jan 2, 2010 at 2:26 AM, Patrick Ben Koetter <p(a)state-of-mind.de>wrote: > * froinds J <froinds(a)gmail.com>: > > Hello, > > I'm having a problem with postfix in F12. > > I used to have my email server setup with F10. My setup had TLS > > enabled (self signed certs) with SASL using pwcheck_method=auxprop and > > CRAM-MD5 DIGEST-MD5. I had virtual accounts. > > Everything worked great until I installed F12. It was a clean install. > > My issue now is the following: > > If I disable TLS, postfix works as expected. If I enable it, I cannot > > authenticate. Without TLS I can telnet to my server and I get 250-AUTH > > CRAM-MD5 DIGEST-MD5 > > 250-AUTH=CRAM-MD5 DIGEST-MD5. However, once I enable TLS this doesn't > show. > > My mail client says the server does not support CRAM-MD5 or any other > method > > of authentication I try when TLS is on. > > > > I've tested the certs with openssl and I don't get any errors. > > > > I've been running my mail server on Fedora since FC3 and I've never > > encountered this issue. > > Has anyone had this problem? > > Blind guess: You have set $smtpd_tls_auth_only to yes and AUTH only shows > up > in a TLS session. > > If that is not the case follow the instructions at > <http://de.postfix.org/httpmirror/DEBUG_README.html#mail> to provide debug > output. > > p(a)rick My problem is: if I allow TLS I cannot authenticate. Without TLS everything works. Here is the output from saslfinger. Thanks for your help. saslfinger - postfix Cyrus sasl configuration Sat Jan 2 02:12:49 EST 2010 version: 1.0.2 mode: server-side SMTP AUTH -- basics -- Postfix: 2.6.5 System: Fedora release 12 (Constantine) -- smtpd is linked to -- libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x00110000) -- active SMTP AUTH and TLS parameters for smtpd -- broken_sasl_auth_clients = yes smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_security_options = noanonymous, noplaintext smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key smtpd_tls_loglevel = 3 smtpd_tls_received_header = yes smtpd_tls_security_level = encrypt smtpd_tls_session_cache_timeout = 3600s -- listing of /usr/lib/sasl -- total 80 drwxr-xr-x. 2 root root 4096 2009-12-29 12:31 . dr-xr-xr-x. 150 root root 69632 2010-01-01 16:52 .. -rw-r--r--. 1 root root 70 2009-09-16 09:38 smtpd.conf -- listing of /usr/lib/sasl2 -- total 504 drwxr-xr-x. 2 root root 4096 2009-12-29 12:31 . dr-xr-xr-x. 150 root root 69632 2010-01-01 16:52 .. -rwxr-xr-x. 1 root root 14912 2009-09-24 06:20 libanonymous.so -rwxr-xr-x. 1 root root 14912 2009-09-24 06:20 libanonymous.so.2 -rwxr-xr-x. 1 root root 14912 2009-09-24 06:20 libanonymous.so.2.0.23 -rwxr-xr-x. 1 root root 17596 2009-09-24 06:20 libcrammd5.so -rwxr-xr-x. 1 root root 17596 2009-09-24 06:20 libcrammd5.so.2 -rwxr-xr-x. 1 root root 17596 2009-09-24 06:20 libcrammd5.so.2.0.23 -rwxr-xr-x. 1 root root 48032 2009-09-24 06:20 libdigestmd5.so -rwxr-xr-x. 1 root root 48032 2009-09-24 06:20 libdigestmd5.so.2 -rwxr-xr-x. 1 root root 48032 2009-09-24 06:20 libdigestmd5.so.2.0.23 -rwxr-xr-x. 1 root root 15356 2009-09-24 06:20 liblogin.so -rwxr-xr-x. 1 root root 15356 2009-09-24 06:20 liblogin.so.2 -rwxr-xr-x. 1 root root 15356 2009-09-24 06:20 liblogin.so.2.0.23 -rwxr-xr-x. 1 root root 15452 2009-09-24 06:20 libplain.so -rwxr-xr-x. 1 root root 15452 2009-09-24 06:20 libplain.so.2 -rwxr-xr-x. 1 root root 15452 2009-09-24 06:20 libplain.so.2.0.23 -rwxr-xr-x. 1 root root 20872 2009-09-24 06:20 libsasldb.so -rwxr-xr-x. 1 root root 20872 2009-09-24 06:20 libsasldb.so.2 -rwxr-xr-x. 1 root root 20872 2009-09-24 06:20 libsasldb.so.2.0.23 -rw-r--r--. 1 root root 25 2009-09-16 14:55 Sendmail.conf -rw-r--r--. 1 root root 138 2010-01-02 01:22 smtpd.conf -- listing of /etc/sasl2 -- total 16 drwxr-xr-x. 2 root root 4096 2009-09-24 06:20 . drwxr-xr-x. 122 root root 12288 2010-01-01 16:31 .. -- content of /usr/lib/sasl/smtpd.conf -- pwcheck_method: saslauthd mech_list: plain login saslauthd_version: 2 -- content of /usr/lib/sasl2/smtpd.conf -- pwcheck_method: auxprop mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5 log_level: 4 -- active services in /etc/postfix/master.cf -- # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) 52525 inet n - n - - smtpd -v pickup fifo n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - n - - smtp relay unix - - n - - smtp -o smtp_fallback_relay= showq unix n - n - - showq error unix - - n - - error retry unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache -- mechanisms on localhost -- -- end of saslfinger output --
From: Patrick Ben Koetter on 2 Jan 2010 03:50 * froinds J <froinds(a)gmail.com>: > My problem is: if I allow TLS I cannot authenticate. Without TLS everything > works. Here is the output from saslfinger. > Thanks for your help. > > saslfinger - postfix Cyrus sasl configuration Sat Jan 2 02:12:49 EST 2010 > version: 1.0.2 > mode: server-side SMTP AUTH > > -- basics -- > Postfix: 2.6.5 > System: Fedora release 12 (Constantine) > > -- smtpd is linked to -- > libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x00110000) > > -- active SMTP AUTH and TLS parameters for smtpd -- > broken_sasl_auth_clients = yes > smtpd_sasl_auth_enable = yes > smtpd_sasl_authenticated_header = yes > smtpd_sasl_local_domain = $myhostname > smtpd_sasl_security_options = noanonymous, noplaintext > smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem > smtpd_tls_auth_only = yes > smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt > smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key > smtpd_tls_loglevel = 3 > smtpd_tls_received_header = yes > smtpd_tls_security_level = encrypt > smtpd_tls_session_cache_timeout = 3600s > > > -- listing of /usr/lib/sasl -- > total 80 > drwxr-xr-x. 2 root root 4096 2009-12-29 12:31 . > dr-xr-xr-x. 150 root root 69632 2010-01-01 16:52 .. > -rw-r--r--. 1 root root 70 2009-09-16 09:38 smtpd.conf Delete /usr/lib/sasl/smtpd.conf. Postfix will not use Cyrus SASL 1.x anymore. > -- listing of /usr/lib/sasl2 -- > total 504 > drwxr-xr-x. 2 root root 4096 2009-12-29 12:31 . > dr-xr-xr-x. 150 root root 69632 2010-01-01 16:52 .. > -rwxr-xr-x. 1 root root 14912 2009-09-24 06:20 libanonymous.so > -rwxr-xr-x. 1 root root 14912 2009-09-24 06:20 libanonymous.so.2 > -rwxr-xr-x. 1 root root 14912 2009-09-24 06:20 libanonymous.so.2.0.23 > -rwxr-xr-x. 1 root root 17596 2009-09-24 06:20 libcrammd5.so > -rwxr-xr-x. 1 root root 17596 2009-09-24 06:20 libcrammd5.so.2 > -rwxr-xr-x. 1 root root 17596 2009-09-24 06:20 libcrammd5.so.2.0.23 > -rwxr-xr-x. 1 root root 48032 2009-09-24 06:20 libdigestmd5.so > -rwxr-xr-x. 1 root root 48032 2009-09-24 06:20 libdigestmd5.so.2 > -rwxr-xr-x. 1 root root 48032 2009-09-24 06:20 libdigestmd5.so.2.0.23 > -rwxr-xr-x. 1 root root 15356 2009-09-24 06:20 liblogin.so > -rwxr-xr-x. 1 root root 15356 2009-09-24 06:20 liblogin.so.2 > -rwxr-xr-x. 1 root root 15356 2009-09-24 06:20 liblogin.so.2.0.23 > -rwxr-xr-x. 1 root root 15452 2009-09-24 06:20 libplain.so > -rwxr-xr-x. 1 root root 15452 2009-09-24 06:20 libplain.so.2 > -rwxr-xr-x. 1 root root 15452 2009-09-24 06:20 libplain.so.2.0.23 > -rwxr-xr-x. 1 root root 20872 2009-09-24 06:20 libsasldb.so > -rwxr-xr-x. 1 root root 20872 2009-09-24 06:20 libsasldb.so.2 > -rwxr-xr-x. 1 root root 20872 2009-09-24 06:20 libsasldb.so.2.0.23 > -rw-r--r--. 1 root root 25 2009-09-16 14:55 Sendmail.conf > -rw-r--r--. 1 root root 138 2010-01-02 01:22 smtpd.conf > > -- listing of /etc/sasl2 -- > total 16 > drwxr-xr-x. 2 root root 4096 2009-09-24 06:20 . > drwxr-xr-x. 122 root root 12288 2010-01-01 16:31 .. > > > -- content of /usr/lib/sasl2/smtpd.conf -- > pwcheck_method: auxprop Add: auxprop_plugin: sasldb > mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5 > log_level: 4 > -- active services in /etc/postfix/master.cf -- > # service type private unpriv chroot wakeup maxproc command + args > # (yes) (yes) (yes) (never) (100) > 52525 inet n - n - - smtpd -v At a first glance your configuration looks sane. Maybe your problem is not SASL, but TLS. You are running smtpd verbose. What does the log say about errors? > pickup fifo n - n 60 1 pickup > cleanup unix n - n - 0 cleanup > qmgr fifo n - n 300 1 qmgr > tlsmgr unix - - n 1000? 1 tlsmgr > rewrite unix - - n - - trivial-rewrite > bounce unix - - n - 0 bounce > defer unix - - n - 0 bounce > trace unix - - n - 0 bounce > verify unix - - n - 1 verify > flush unix n - n 1000? 0 flush > proxymap unix - - n - - proxymap > proxywrite unix - - n - 1 proxymap > smtp unix - - n - - smtp > relay unix - - n - - smtp > -o smtp_fallback_relay= > showq unix n - n - - showq > error unix - - n - - error > retry unix - - n - - error > discard unix - - n - - discard > local unix - n n - - local > virtual unix - n n - - virtual > lmtp unix - - n - - lmtp > anvil unix - - n - 1 anvil > scache unix - - n - 1 scache > > > -- mechanisms on localhost -- > > > -- end of saslfinger output -- -- All technical questions asked privately will be automatically answered on the list and archived for public access unless privacy is explicitely required and justified. saslfinger (debugging SMTP AUTH): <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
From: froinds J on 2 Jan 2010 11:01 I made the changes you suggested and still can't authenticate. Here is the log from maillog. Thanks Jan 2 10:14:41 fedora postfix/smtpd[17435]: connection established Jan 2 10:14:41 fedora postfix/smtpd[17435]: master_notify: status 0 Jan 2 10:14:41 fedora postfix/smtpd[17435]: name_mask: resource Jan 2 10:14:41 fedora postfix/smtpd[17435]: name_mask: software Jan 2 10:14:41 fedora postfix/smtpd[17435]: connect from adsl-012-034-567-890.sip.my.isp.net [12.34.56.78] Jan 2 10:14:41 fedora postfix/smtpd[17435]: match_list_match: adsl-012-034-567-890.sip.my.isp.net : no match Jan 2 10:14:41 fedora postfix/smtpd[17435]: match_list_match: 12.34.56.78: no match Jan 2 10:14:41 fedora postfix/smtpd[17435]: match_list_match: adsl-012-034-567-890.sip.my.isp.net : no match Jan 2 10:14:41 fedora postfix/smtpd[17435]: match_list_match: 12.34.56.78: no match Jan 2 10:14:41 fedora postfix/smtpd[17435]: match_hostname: adsl-012-034-567-890.sip.my.isp.net ~? 192.168.1.0/28 Jan 2 10:14:41 fedora postfix/smtpd[17435]: match_hostaddr: 12.34.56.78 ~? 192.168.1.0/28 Jan 2 10:14:41 fedora postfix/smtpd[17435]: match_hostname: adsl-012-034-567-890.sip.my.isp.net ~? 127.0.0.0/8 Jan 2 10:14:41 fedora postfix/smtpd[17435]: match_hostaddr: 12.34.56.78 ~? 127.0.0.0/8 Jan 2 10:14:41 fedora postfix/smtpd[17435]: match_hostname: adsl-012-034-567-890.sip.my.isp.net ~? 12.34.56.78 Jan 2 10:14:41 fedora postfix/smtpd[17435]: match_hostaddr: 12.34.56.78 ~? 12.34.56.78 Jan 2 10:14:41 fedora postfix/smtpd[17435]: >>> START Client host RESTRICTIONS <<< Jan 2 10:14:41 fedora postfix/smtpd[17435]: generic_checks: name=permit_mynetworks Jan 2 10:14:41 fedora postfix/smtpd[17435]: permit_mynetworks: adsl-012-034-567-890.sip.my.isp.net 12.34.56.78 Jan 2 10:14:41 fedora postfix/smtpd[17435]: match_hostname: adsl-012-034-567-890.sip.my.isp.net ~? 192.168.1.0/28 Jan 2 10:14:41 fedora postfix/smtpd[17435]: match_hostaddr: 12.34.56.78 ~? 192.168.1.0/28 Jan 2 10:14:41 fedora postfix/smtpd[17435]: match_hostname: adsl-012-034-567-890.sip.my.isp.net ~? 127.0.0.0/8 Jan 2 10:14:41 fedora postfix/smtpd[17435]: match_hostaddr: 12.34.56.78 ~? 127.0.0.0/8 Jan 2 10:14:41 fedora postfix/smtpd[17435]: match_hostname: adsl-012-034-567-890.sip.my.isp.net ~? 12.34.56.78 Jan 2 10:14:41 fedora postfix/smtpd[17435]: match_hostaddr: 12.34.56.78 ~? 12.34.56.78 Jan 2 10:14:41 fedora postfix/smtpd[17435]: generic_checks: name=permit_mynetworks status=1 Jan 2 10:14:41 fedora postfix/smtpd[17435]: > adsl-012-034-567-890.sip.my.isp.net [12.34.56.78]: 220 myDomName.com ESMTP Postfix Jan 2 10:14:42 fedora postfix/smtpd[17435]: < adsl-012-034-567-890.sip.my.isp.net [12.34.56.78]: EHLO [192.168.0.105] Jan 2 10:14:42 fedora postfix/smtpd[17435]: >>> START Helo command RESTRICTIONS <<< Jan 2 10:14:42 fedora postfix/smtpd[17435]: generic_checks: name=reject_invalid_hostname Jan 2 10:14:42 fedora postfix/smtpd[17435]: reject_invalid_hostaddr: [192.168.0.105] Jan 2 10:14:42 fedora postfix/smtpd[17435]: generic_checks: name=reject_invalid_hostname status=0 Jan 2 10:14:42 fedora postfix/smtpd[17435]: >>> END Helo command RESTRICTIONS <<< Jan 2 10:14:42 fedora postfix/smtpd[17435]: > adsl-012-034-567-890.sip.my.isp.net [12.34.56.78]: 250-myDomName.com Jan 2 10:14:42 fedora postfix/smtpd[17435]: > adsl-012-034-567-890.sip.my.isp.net [12.34.56.78]: 250-PIPELINING Jan 2 10:14:42 fedora postfix/smtpd[17435]: > adsl-012-034-567-890.sip.my.isp.net [12.34.56.78]: 250-SIZE 10240000 Jan 2 10:14:42 fedora postfix/smtpd[17435]: > adsl-012-034-567-890.sip.my.isp.net [12.34.56.78]: 250-VRFY Jan 2 10:14:42 fedora postfix/smtpd[17435]: > adsl-012-034-567-890.sip.my.isp.net [12.34.56.78]: 250-ETRN Jan 2 10:14:42 fedora postfix/smtpd[17435]: match_list_match: adsl-012-034-567-890.sip.my.isp.net : no match Jan 2 10:14:42 fedora postfix/smtpd[17435]: match_list_match: 12.34.56.78: no match Jan 2 10:14:42 fedora postfix/smtpd[17435]: > adsl-012-034-567-890.sip.my.isp.net [12.34.56.78]: 250-STARTTLS Jan 2 10:14:42 fedora postfix/smtpd[17435]: > adsl-012-034-567-890.sip.my.isp.net [12.34.56.78]: 250-ENHANCEDSTATUSCODES Jan 2 10:14:42 fedora postfix/smtpd[17435]: > adsl-012-034-567-890.sip.my.isp.net [12.34.56.78]: 250-8BITMIME Jan 2 10:14:42 fedora postfix/smtpd[17435]: > adsl-012-034-567-890.sip.my.isp.net [12.34.56.78]: 250 DSN Jan 2 10:14:42 fedora postfix/smtpd[17435]: smtp_get: EOF Jan 2 10:14:42 fedora postfix/smtpd[17435]: match_hostname: adsl-012-034-567-890.sip.my.isp.net ~? 192.168.1.0/28 Jan 2 10:14:42 fedora postfix/smtpd[17435]: match_hostaddr: 12.34.56.78 ~? 192.168.1.0/28 Jan 2 10:14:42 fedora postfix/smtpd[17435]: match_hostname: adsl-012-034-567-890.sip.my.isp.net ~? 127.0.0.0/8 Jan 2 10:14:42 fedora postfix/smtpd[17435]: match_hostaddr: 12.34.56.78 ~? 127.0.0.0/8 Jan 2 10:14:42 fedora postfix/smtpd[17435]: match_hostname: adsl-012-034-567-890.sip.my.isp.net ~? 12.34.56.78 Jan 2 10:14:42 fedora postfix/smtpd[17435]: match_hostaddr: 12.34.56.78 ~? 12.34.56.78 Jan 2 10:14:42 fedora postfix/smtpd[17435]: lost connection after EHLO from adsl-012-034-567-890.sip.my.isp.net [12.34.56.78] Jan 2 10:14:42 fedora postfix/smtpd[17435]: disconnect from adsl-012-034-567-890.sip.my.isp.net [12.34.56.78] Jan 2 10:14:42 fedora postfix/smtpd[17435]: master_notify: status 1 Jan 2 10:14:42 fedora postfix/smtpd[17435]: connection closed On Sat, Jan 2, 2010 at 3:50 AM, Patrick Ben Koetter <p(a)state-of-mind.de>wrote: > * froinds J <froinds(a)gmail.com>: > > My problem is: if I allow TLS I cannot authenticate. Without TLS > everything > > works. Here is the output from saslfinger. > > Thanks for your help. > > > > > > > > > saslfinger - postfix Cyrus sasl configuration Sat Jan 2 02:12:49 EST > 2010 > > version: 1.0.2 > > mode: server-side SMTP AUTH > > > > -- basics -- > > Postfix: 2.6.5 > > System: Fedora release 12 (Constantine) > > > > -- smtpd is linked to -- > > libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x00110000) > > > > -- active SMTP AUTH and TLS parameters for smtpd -- > > broken_sasl_auth_clients = yes > > smtpd_sasl_auth_enable = yes > > smtpd_sasl_authenticated_header = yes > > smtpd_sasl_local_domain = $myhostname > > smtpd_sasl_security_options = noanonymous, noplaintext > > smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem > > smtpd_tls_auth_only = yes > > smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt > > smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key > > smtpd_tls_loglevel = 3 > > smtpd_tls_received_header = yes > > smtpd_tls_security_level = encrypt > > smtpd_tls_session_cache_timeout = 3600s > > > > > > -- listing of /usr/lib/sasl -- > > total 80 > > drwxr-xr-x. 2 root root 4096 2009-12-29 12:31 . > > dr-xr-xr-x. 150 root root 69632 2010-01-01 16:52 .. > > -rw-r--r--. 1 root root 70 2009-09-16 09:38 smtpd.conf > > Delete /usr/lib/sasl/smtpd.conf. Postfix will not use Cyrus SASL 1.x > anymore. > > > > -- listing of /usr/lib/sasl2 -- > > total 504 > > drwxr-xr-x. 2 root root 4096 2009-12-29 12:31 . > > dr-xr-xr-x. 150 root root 69632 2010-01-01 16:52 .. > > -rwxr-xr-x. 1 root root 14912 2009-09-24 06:20 libanonymous.so > > -rwxr-xr-x. 1 root root 14912 2009-09-24 06:20 libanonymous.so.2 > > -rwxr-xr-x. 1 root root 14912 2009-09-24 06:20 libanonymous.so.2.0.23 > > -rwxr-xr-x. 1 root root 17596 2009-09-24 06:20 libcrammd5.so > > -rwxr-xr-x. 1 root root 17596 2009-09-24 06:20 libcrammd5.so.2 > > -rwxr-xr-x. 1 root root 17596 2009-09-24 06:20 libcrammd5.so.2.0.23 > > -rwxr-xr-x. 1 root root 48032 2009-09-24 06:20 libdigestmd5.so > > -rwxr-xr-x. 1 root root 48032 2009-09-24 06:20 libdigestmd5.so.2 > > -rwxr-xr-x. 1 root root 48032 2009-09-24 06:20 libdigestmd5.so.2.0.23 > > -rwxr-xr-x. 1 root root 15356 2009-09-24 06:20 liblogin.so > > -rwxr-xr-x. 1 root root 15356 2009-09-24 06:20 liblogin.so.2 > > -rwxr-xr-x. 1 root root 15356 2009-09-24 06:20 liblogin.so.2.0.23 > > -rwxr-xr-x. 1 root root 15452 2009-09-24 06:20 libplain.so > > -rwxr-xr-x. 1 root root 15452 2009-09-24 06:20 libplain.so.2 > > -rwxr-xr-x. 1 root root 15452 2009-09-24 06:20 libplain.so.2.0.23 > > -rwxr-xr-x. 1 root root 20872 2009-09-24 06:20 libsasldb.so > > -rwxr-xr-x. 1 root root 20872 2009-09-24 06:20 libsasldb.so.2 > > -rwxr-xr-x. 1 root root 20872 2009-09-24 06:20 libsasldb.so.2.0.23 > > -rw-r--r--. 1 root root 25 2009-09-16 14:55 Sendmail.conf > > -rw-r--r--. 1 root root 138 2010-01-02 01:22 smtpd.conf > > > > -- listing of /etc/sasl2 -- > > total 16 > > drwxr-xr-x. 2 root root 4096 2009-09-24 06:20 . > > drwxr-xr-x. 122 root root 12288 2010-01-01 16:31 .. > > > > > > -- content of /usr/lib/sasl2/smtpd.conf -- > > pwcheck_method: auxprop > > Add: > > auxprop_plugin: sasldb > > > mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5 > > log_level: 4 > > > > > -- active services in /etc/postfix/master.cf -- > > # service type private unpriv chroot wakeup maxproc command + args > > # (yes) (yes) (yes) (never) (100) > > 52525 inet n - n - - smtpd -v > > At a first glance your configuration looks sane. Maybe your problem is not > SASL, but TLS. You are running smtpd verbose. What does the log say about > errors? > > > > pickup fifo n - n 60 1 pickup > > cleanup unix n - n - 0 cleanup > > qmgr fifo n - n 300 1 qmgr > > tlsmgr unix - - n 1000? 1 tlsmgr > > rewrite unix - - n - - trivial-rewrite > > bounce unix - - n - 0 bounce > > defer unix - - n - 0 bounce > > trace unix - - n - 0 bounce > > verify unix - - n - 1 verify > > flush unix n - n 1000? 0 flush > > proxymap unix - - n - - proxymap > > proxywrite unix - - n - 1 proxymap > > smtp unix - - n - - smtp > > relay unix - - n - - smtp > > -o smtp_fallback_relay= > > showq unix n - n - - showq > > error unix - - n - - error > > retry unix - - n - - error > > discard unix - - n - - discard > > local unix - n n - - local > > virtual unix - n n - - virtual > > lmtp unix - - n - - lmtp > > anvil unix - - n - 1 anvil > > scache unix - - n - 1 scache > > > > > > -- mechanisms on localhost -- > > > > > > -- end of saslfinger output -- > > -- > All technical questions asked privately will be automatically answered on > the > list and archived for public access unless privacy is explicitely required > and > justified. > > saslfinger (debugging SMTP AUTH): > <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/> >
|
Next
|
Last
Pages: 1 2 3 Prev: bug in spamassassin date rule may lead to false spam marking Next: smtpd crashes |