Re: Sasl Authentication not running on Postfix-2.1.5-5 on FC3

• Previous message: Andreas Winkelmann: "Re: Sasl Authentication not running on Postfix-2.1.5-5 on FC3"
• Maybe in reply to: ankush grover: "Sasl Authentication not running on Postfix-2.1.5-5 on FC3"
• Next in thread: Andreas Winkelmann: "Re: Sasl Authentication not running on Postfix-2.1.5-5 on FC3"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

ankush grover wrote:
>> then if it still doesn't work, post, in _one_single_ mail:
>> - output of 'postconf -n'
>
> alias_database = hash:/etc/aliases
> alias_maps = hash:/etc/aliases
> broken_sasl_auth_clients = yes
> command_directory = /usr/sbin
> config_directory = /etc/postfix
> daemon_directory = /usr/libexec/postfix
> debug_peer_level = 2
> default_destination_concurrency_limit = 20
> fast_flush_domains = $relay_domains
> header_checks = regexp:/etc/postfix/header_checks
> home_mailbox = Maildir/
> html_directory = no
> in_flow_delay = 1s
> inet_interfaces = all
> local_destination_concurrency_limit = 2
> mail_owner = postfix
> mailq_path = /usr/bin/mailq.postfix
> manpage_directory = /usr/share/man
> masquerade_domains = example.com
> message_size_limit = 51200000
> mime_header_checks = regexp:/etc/postfix/mime_header_checks
> mydestination = $myhostname, localhost.$mydomain, $mydomain
> myhostname = mail.example.net
> mynetworks = 192.168.1.0/24, 127.0.0.0/8
> mynetworks_style = subnet
> myorigin = $mydomain
> newaliases_path = /usr/bin/newaliases.postfix
> queue_directory = /var/spool/postfix
> readme_directory = /usr/share/doc/postfix-2.1.5/README_FILES
> recipient_delimiter = +
> relayhost = mail.example.net
> sample_directory = /usr/share/doc/postfix-2.1.5/samples
> sendmail_path = /usr/sbin/sendmail.postfix
> setgid_group = postdrop
> smtp_sasl_auth_enable = yes
> smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
> smtp_sasl_security_options = noanonymous
> smtp_use_tls = yes
> smtpd_recipient_restrictions = check_recipient_access
> hash:/etc/postfix/recipient_access,
> permit_mynetworks,permit_sasl_authenticated,reject_invalid_hostname,
>
> reject_unknown_sender_domain,reject_unknown_recipient_domain,reject_unauth_destination,
>
> reject_rbl_client relays.ordb.org,reject_rbl_client
> opm.blitzed.org, reject_rbl_client
> list.dsbl.org,reject_rbl_client sbl.spamhaus.org,
> reject_rbl_client cbl.abuseat.org, reject_rbl_client
> dul.dnsbl.sorbs.net,permit
> smtpd_restriction_classes = insiders_only
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_local_domain =
> smtpd_sasl_security_options = noanonymous
> smtpd_sender_restrictions =
> permit_mynetworks,permit_sasl_authenticated,
> reject_unknown_sender_domain,reject_rbl_client relays.ordb.org,
> reject_rbl_client opm.blitzed.org,reject_rbl_client
> list.dsbl.org, reject_rbl_client
> sbl.spamhaus.org,reject_rbl_client cbl.abuseat.org,
> reject_rbl_client dul.dsnbl.sorbs.net,permit
> smtpd_tls_CAfile = /etc/postfix/cacert.pem
> smtpd_tls_auth_only = yes
> smtpd_tls_cert_file = /etc/postfix/newcert.pem
> smtpd_tls_key_file = /etc/postfix/newreq.pem
> smtpd_tls_loglevel = 1
> smtpd_tls_received_header = yes
> smtpd_tls_session_cache_timeout = 3600s
> smtpd_use_tls = yes
> tls_random_source = dev:/dev/urandom
> unknown_local_recipient_reject_code = 550
>
>
>
>> - logs The logs which were generated when I tried to send a mail from
>> a remote pc through this email server
>
>
> Oct 3 21:49:47 mail postfix/smtpd[6999]: warning: smtpd_peer_init:
> 125.23.52.249: hostname
> dsl-ncr-dynamic-249.52.23.125.airtelbroadband.in verification failed:
> Name or service not known
> Oct 3 21:49:47 mail postfix/smtpd[6999]: connect from
> unknown[125.23.52.249]
> Oct 3 21:49:48 mail postfix/smtpd[6999]: lost connection after
> CONNECT from unknown[125.23.52.249]
> Oct 3 21:49:48 mail postfix/smtpd[6999]: disconnect from
> unknown[125.23.52.249]

I can not see any attempt to authenticate. Please verify that the client
did indeed try to authenticate.

>> - output of saslfinger
>>
>
> saslfinger -s localhost
> saslfinger - postfix Cyrus sasl configuration
> mode: server-side SMTP AUTH
>
> -- basics --
> Postfix: 2.1.5
> System: Fedora Core release 3 (Heidelberg)
>
> -- smtpd is linked to --
> libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x00cdf000)
>
> -- active SMTP AUTH and TLS parameters for smtpd --
> broken_sasl_auth_clients = yes
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_local_domain =
> smtpd_sasl_security_options = noanonymous
> smtpd_tls_CAfile = /etc/postfix/cacert.pem
> smtpd_tls_auth_only = yes

Ah, that explains why you don't get an auth line. Please deactive that
line while you debug sasl auth.

smtpd_tls_auth_only = no

Then execute "postfix reload".

You can only authenticate now, if you use tls for your connection.

> smtpd_tls_cert_file = /etc/postfix/newcert.pem
> smtpd_tls_key_file = /etc/postfix/newreq.pem
> smtpd_tls_loglevel = 1
> smtpd_tls_received_header = yes
> smtpd_tls_session_cache_timeout = 3600s
> smtpd_use_tls = yes
>
>

Sandy

-- 
List replies only please!
Please address PMs to: news-reply2 (@) japantest (.) homelinux (.) com

• Previous message: Andreas Winkelmann: "Re: Sasl Authentication not running on Postfix-2.1.5-5 on FC3"
• Maybe in reply to: ankush grover: "Sasl Authentication not running on Postfix-2.1.5-5 on FC3"
• Next in thread: Andreas Winkelmann: "Re: Sasl Authentication not running on Postfix-2.1.5-5 on FC3"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]