FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 11-13-2009, 01:05 PM
Leonardo Cuyar Morales
 
Default postfix and sasl

I'm having problem authenticating users in postfix through sasl, this is the main.cf part settings I make:



************************************************** ************************************************** *

myhostname = $mydomain

alias_maps = hash:/etc/aliases

alias_database = hash:/etc/aliases

mydestination = $mydomain, localhost.$mydomain

relayhost =

mynetworks = 127.0.0.0/8

mailbox_command = procmail -a "$EXTENSION"

mailbox_size_limit = 0

recipient_delimiter = +

inet_interfaces = all

mydomain = localdomain

myorigin = $mydomain



smtp_sasl_auth_enabled = yes

smtp_sender_login_maps = hash:/etc/postfix/sasl_senders

smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd

smtp_sender_dependent_authentication = yes



smtpd_sasl_auth_enabled = yes

smtpd_sasl_security_options = noanonymous

smtpd_sasl_local_domain = $mydomain

broken_sasl_auth_clients = yes

smtpd_sender_login_maps = hash:/etc/postfix/sasl_senders



#medidas anti UCE

smtpd_delay_reject = no

smtpd_helo_required = yes

smtpd_client_restrictions = check_client_access pcre:/etc/postfix/client_checks.pcre

smtpd_helo_restrictions = check_helo_access pcre:/etc/postfix/helo_checks.pcre

smtpd_sender_restrictions = check_sender_access pcre:/etc/postfix/sender_checks.pcre



smtpd_recipient_restrictions = permit_sasl_authenticated

mail_spool_directory = /var/spool/mail/

************************************************** ************************************************** *******



and the master.cf part concerning the smtp client:



************************************************** ************************************************** *******

smtp***** inet* n****** -****** -****** -****** -****** smtpd -v

#submission inet n****** -****** -****** -****** -****** smtpd

#* -o smtpd_enforce_tls=yes

** -o smtpd_sasl_auth_enable=yes

** -o smtpd_client_restrictions=permit_sasl_authenticate d

************************************************** ************************************************** *******



this above means I only can send mails if I'm authenticated first, but when I connect to the server with telnet to test, I can send mails without the need of authentication, is there something misconfigured here?








Ing. Leonardo Cuyar Morales

Grupo de Infraestructura Softel
 
Old 11-13-2009, 04:57 PM
Stan Hoeppner
 
Default postfix and sasl

You should probably ask this question on postfix-users@postfix.org

--
Stan


Leonardo Cuyar Morales put forth on 11/13/2009 8:05 AM:
> I'm having problem authenticating users in postfix through sasl, this is
> the main.cf part settings I make:
>
> ************************************************** ************************************************** *
> myhostname = $mydomain
> alias_maps = hash:/etc/aliases
> alias_database = hash:/etc/aliases
> mydestination = $mydomain, localhost.$mydomain
> relayhost =
> mynetworks = 127.0.0.0/8
> mailbox_command = procmail -a "$EXTENSION"
> mailbox_size_limit = 0
> recipient_delimiter = +
> inet_interfaces = all
> mydomain = localdomain
> myorigin = $mydomain
>
> smtp_sasl_auth_enabled = yes
> smtp_sender_login_maps = hash:/etc/postfix/sasl_senders
> smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
> smtp_sender_dependent_authentication = yes
>
> smtpd_sasl_auth_enabled = yes
> smtpd_sasl_security_options = noanonymous
> smtpd_sasl_local_domain = $mydomain
> broken_sasl_auth_clients = yes
> smtpd_sender_login_maps = hash:/etc/postfix/sasl_senders
>
> #medidas anti UCE
> smtpd_delay_reject = no
> smtpd_helo_required = yes
> smtpd_client_restrictions = check_client_access
> pcre:/etc/postfix/client_checks.pcre
> smtpd_helo_restrictions = check_helo_access
> pcre:/etc/postfix/helo_checks.pcre
> smtpd_sender_restrictions = check_sender_access
> pcre:/etc/postfix/sender_checks.pcre
>
> smtpd_recipient_restrictions = permit_sasl_authenticated
> mail_spool_directory = /var/spool/mail/
> ************************************************** ************************************************** *******
>
> and the master.cf part concerning the smtp client:
>
> ************************************************** ************************************************** *******
> smtp inet n - - - - smtpd -v
> #submission inet n - - - - smtpd
> # -o smtpd_enforce_tls=yes
> -o smtpd_sasl_auth_enable=yes
> -o smtpd_client_restrictions=permit_sasl_authenticate d
> ************************************************** ************************************************** *******
>
> this above means I only can send mails if I'm authenticated first, but
> when I connect to the server with telnet to test, I can send mails
> without the need of authentication, is there something misconfigured here?
>
>
> Ing. Leonardo Cuyar Morales
> Grupo de Infraestructura Softel
>


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 03-28-2014, 12:37 AM
David
 
Default Postfix and SASL

I was having the same problem with saslauthd and postfix logging this error:

May 6 23:54:39 rama postfix/smtpd[21897]: warning: SASL authentication failure: cannot
connect to
saslauthd server: Connection refused
May 6 23:54:39 rama postfix/smtpd[21897]: warning:
h24-70-240-178.ed.shawcable.net[24.70.240.178]:
SASL LOGIN authentication failed

The problem was /etc/postfix/sasl/smtpd.conf had

saslauthd_path: /var/run/saslauthd

which caused postfix to try to open the directory saslauthd as a socket file
the fix is is

saslauthd_path: /var/run/saslauthd/mux

the path to the socket

I found the problem with strace on the postfix master process.

David Walker


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 5334D23F.8040407@dsbw.org">https://lists.debian.org/5334D23F.8040407@dsbw.org
 
Old 03-28-2014, 05:53 AM
Daniel Pocock
 
Default Postfix and SASL

On 28/03/14 02:37, David wrote:
> I was having the same problem with saslauthd and postfix logging this
> error:
>
> May 6 23:54:39 rama postfix/smtpd[21897]: warning: SASL authentication
> failure: cannot
> connect to
> saslauthd server: Connection refused
> May 6 23:54:39 rama postfix/smtpd[21897]: warning:
> h24-70-240-178.ed.shawcable.net[24.70.240.178]:
> SASL LOGIN authentication failed
>
> The problem was /etc/postfix/sasl/smtpd.conf had
>
> saslauthd_path: /var/run/saslauthd
>
> which caused postfix to try to open the directory saslauthd as a socket
> file
> the fix is is
>
> saslauthd_path: /var/run/saslauthd/mux
>
> the path to the socket
>
> I found the problem with strace on the postfix master process.
>

Can you just leave that line out of smptd.conf and it will use the
correct value by default? It seems to be working for me without that
entry in the config at all.

If there is a bad example in the documentation, can you file a bug
against the relevant package?


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 53351C75.8010200@pocock.com.au">https://lists.debian.org/53351C75.8010200@pocock.com.au
 

Thread Tools




All times are GMT. The time now is 06:18 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org