From owner-freebsd-questions@freebsd.org Tue Sep 8 22:22:47 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C08A23D9EAC for ; Tue, 8 Sep 2020 22:22:47 +0000 (UTC) (envelope-from doug@safeport.com) Received: from cyrus.watson.org (cyrus.watson.org [204.107.128.30]) by mx1.freebsd.org (Postfix) with ESMTP id 4BmKQv1Rq6z4Y94 for ; Tue, 8 Sep 2020 22:22:47 +0000 (UTC) (envelope-from doug@safeport.com) Received: from fledge.watson.org (fledge.watson.org [198.74.231.63]) by cyrus.watson.org (Postfix) with ESMTPS id 340B98FE9F for ; Tue, 8 Sep 2020 22:12:51 +0000 (UTC) Received: from fledge.watson.org (doug@localhost [127.0.0.1]) by fledge.watson.org (8.16.1/8.16.1) with ESMTPS id 088MCpjL033927 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO) for ; Tue, 8 Sep 2020 22:12:51 GMT (envelope-from doug@safeport.com) Received: from localhost (doug@localhost) by fledge.watson.org (8.16.1/8.16.1/Submit) with ESMTP id 088MCoFC033924 for ; Tue, 8 Sep 2020 22:12:51 GMT (envelope-from doug@safeport.com) X-Authentication-Warning: fledge.watson.org: doug owned process doing -bs Date: Tue, 8 Sep 2020 22:12:50 +0000 (UTC) From: doug@safeport.com X-X-Sender: doug@fledge.watson.org To: freebsd-questions@freebsd.org Subject: Re: Postfix-sasl on FreeBSD will not authenticate In-Reply-To: Message-ID: References: <523ffb82f14da9944a5368f28eddecac.squirrel@webmail.harte-lyne.ca> <0970ea44-1438-171a-4f44-221c4f9facd4@nethead.se> User-Agent: Alpine 2.21.9999 (BSF 287 2018-06-16) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed X-Rspamd-Queue-Id: 4BmKQv1Rq6z4Y94 X-Spamd-Bar: ++++++ Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=fail (mx1.freebsd.org: domain of doug@safeport.com does not designate 204.107.128.30 as permitted sender) smtp.mailfrom=doug@safeport.com X-Spamd-Result: default: False [6.54 / 15.00]; ARC_NA(0.00)[]; R_SPF_FAIL(1.00)[-all:c]; DMARC_NA(0.00)[safeport.com]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_SPAM_SHORT(0.40)[0.404]; MIME_GOOD(-0.10)[text/plain]; HAS_XAW(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; NEURAL_SPAM_MEDIUM(0.83)[0.827]; RCPT_COUNT_ONE(0.00)[1]; RCVD_COUNT_THREE(0.00)[4]; TO_DN_NONE(0.00)[]; VIOLATED_DIRECT_SPF(3.50)[]; NEURAL_SPAM_LONG(0.81)[0.813]; FROM_NO_DN(0.00)[]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:11288, ipnet:204.107.128.0/24, country:US]; GREYLIST(0.00)[pass,body]; MAILMAN_DEST(0.00)[freebsd-questions] X-Spam: Yes X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Sep 2020 22:22:47 -0000 On Tue, 3 Jul 2018, James B. Byrne via freebsd-questions wrote: > > On Tue, July 3, 2018 18:12, Per olof Ljungmark wrote: >> >> >> On 07/03/18 22:39, James B. Byrne via freebsd-questions wrote: >>> On server A we have cyrus-imapd running with spiped listening on >>> TCP:143. On server B we have postfix-sasl-3.3.0 running with spiped >>> listening on TCP:143 linked to server A. >>> >>> On server A saslauthd is configured in rc.conf to use rimap to the >>> localhost: >>> >>> saslauthd_flags="-a rimap \ >>> -O localhost" # Use Remote IMAP to authenticat >>> >>> Postfix is configured to use saslauth to authenticate outgoing >>> senders: >>> >>> smtpd_sasl_auth_enable = yes >>> smtpd_sasl_authenticated_header = no >>> smtpd_sasl_exceptions_networks = >>> smtpd_sasl_local_domain = >>> smtpd_sasl_path = smtpd >>> smtpd_sasl_security_options = noanonymous >>> smtpd_sasl_service = smtp >>> smtpd_sasl_tls_security_options = $smtpd_sasl_security_options >>> smtpd_sasl_type = cyrus >>> >>> >>> But I cannot find any such file named smtpd.conf which, according to >>> the Postfix documentation, should exist and should contain: >>> >>> pwcheck_method: saslauthd >>> mech_list: PLAIN >>> >>> It appears to me that postfix is directly looking in >>> /usr/local/etc/sasldb2.db itself and, finding no entries, failing to >>> authenticate. How do I tell postfix to use the saslauthd daemon >>> instead? >>> >> >> You must create the file yourself and adjust it to whatever mech you >> use, in our case it is saslauthd: >> >> cat /usr/local/lib/sasl2/smtpd.conf >> pwcheck_method: saslauthd >> mech_list: plain login >> > > Thank you. Do you know where the path to the file location is > specified in the FreeBSD documentation? It is in the postfix docs. As I recall it says put it in ../sasls (or some such).