From owner-freebsd-security@FreeBSD.ORG Mon Jul 21 09:50:54 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8027337B40D for ; Mon, 21 Jul 2003 09:50:54 -0700 (PDT) Received: from blacklamb.mykitchentable.net (209-63-47-141.br1.elk.ca.frontiernet.net [209.63.47.141]) by mx1.FreeBSD.org (Postfix) with ESMTP id 051A743F93 for ; Mon, 21 Jul 2003 09:50:53 -0700 (PDT) (envelope-from drew@mykitchentable.net) Received: from tagalong (unknown [165.107.42.110]) by blacklamb.mykitchentable.net (Postfix) with SMTP id 0E5A83BF429; Mon, 21 Jul 2003 09:50:52 -0700 (PDT) Message-ID: <011501c34fa8$3ed6cb30$6e2a6ba5@lc.ca.gov> From: "Drew Tomlinson" To: "Hajimu UMEMOTO" References: <039801c34d60$c3e59cb0$6e2a6ba5@lc.ca.gov><03cf01c34d6a$f3002150$6e2a6ba5@lc.ca.gov> Date: Mon, 21 Jul 2003 09:50:17 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 cc: freebsd-security@freebsd.org Subject: Re: ASMTP setup on 4.8 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Jul 2003 16:50:54 -0000 ----- Original Message ----- From: "Hajimu UMEMOTO" To: "Drew Tomlinson" Cc: "Chris Boyd" ; Sent: Friday, July 18, 2003 1:57 PM Subject: Re: ASMTP setup on 4.8 > Hi, > > >>>>> On Fri, 18 Jul 2003 13:26:56 -0700 > >>>>> "Drew Tomlinson" said: > > > Okay, I found the problem, and I've just committed the fix. Please > > re-cvsup and try it. > > drew> Thanks!!! > > You are welcome. > > > drew> It's been a few weeks since I looked at it but I recall having > drew> to create > > drew> a /usr/local/lib/sasl2/smtpd.conf file. What should the correct > > drew> contents be? > > > > Though I have no experience with postfix, I heared that > > /usr/local/lib/sasl2/smtpd.conf is for postfix. Are you using > > sendmail? If so, it should be /usr/local/lib/sasl2/Sendmail.conf. > > drew> Yes, I'm using Postfix. > > I see. Is your postfix able to access /var/state/saslauthd? It > should be: > > drwxrwx--- 2 cyrus mail 512 Jul 19 04:52 saslauthd Yes, mine is like this and Postfix is a member of the mail group. > Old cyrus-sasl2 port made the directory with wrong permission, and > postfix couldn't access it. This problem was corrected. I believe > postfix user belongs to mail group, so that postfix can access the > directory. > > Oops, I didn't answer your question. If you want to use saslauthd for > plain text password, the correct contents of smtpd.conf should be: > > pwcheck_method: saslauthd I have this. /var/log/maillog shows: Jul 21 09:34:38 blacklamb postfix/smtpd[66225]: warning: SASL authentication failure: no user in db Jul 21 09:34:38 blacklamb postfix/smtpd[66225]: warning: SASL authentication failure: no secret in database I have also tried "pwcheck_method: pam" but then /var/log/maillog shows: Jul 21 09:38:34 blacklamb postfix/smtpd[66269]: warning: SASL authentication problem: unknown password verifier Jul 21 09:38:34 blacklamb postfix/smtpd[66269]: warning: unknown[165.107.42.110]: SASL LOGIN authentication failed Chris Boyd posted he had success by adding the following to /etc/rc.conf: sasl_saslauthd_enable="YES" sasl_saslauthd_flags="-a getpwent" Is this preferred over the script in /usr/local/etc/rc.d? Still confused. Thanks, Drew P.S. Thanks for fixing the man page. Looks good now!