From owner-freebsd-questions@freebsd.org Wed Sep 9 11:51:13 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B4CC83CCC77 for ; Wed, 9 Sep 2020 11:51:13 +0000 (UTC) (envelope-from jerry@seibercom.net) Received: from mail-pf1-x442.google.com (mail-pf1-x442.google.com [IPv6:2607:f8b0:4864:20::442]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BmgMh2Sx7z478J for ; Wed, 9 Sep 2020 11:51:12 +0000 (UTC) (envelope-from jerry@seibercom.net) Received: by mail-pf1-x442.google.com with SMTP id d6so1917603pfn.9 for ; Wed, 09 Sep 2020 04:51:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seibercom.net; s=google; h=date:from:to:subject:message-id:in-reply-to:references:reply-to :organization:mime-version; bh=qrcAPY9x/QHZUgBgPNUE97zGpqnTlAIRm5tSWyzW730=; b=aln+0C8JY0qqr2gP+dN4FXi/cvFe8uNs9BmNvLvTWwAck6Moy52xbJWV09bhgh/kW9 9WSic2v+O5L+LcX/D53FU9EIgLA5t7ZbyJ+EPbpvrJa3QZEhggmShKh5SjcsPSevz6o9 PyR87gxGPLs7TI+FMH//F1QSMrpJkce1H7qpI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:in-reply-to :references:reply-to:organization:mime-version; bh=qrcAPY9x/QHZUgBgPNUE97zGpqnTlAIRm5tSWyzW730=; b=qziCG8eRgvekEdRo6crWiYuMK0O3Y2QhkVc9qdwv2kQv03L5u+mAUEe9wAXqOXK2rY HmzxYrQlwYH+KMNP14mzb/I4dM6xeMixh3Sn7HNOs8eIPauTK7joiVOsfsAXTZsAl+qL ECdtUClITxebP6YKHFM3H0c1bP0g5sWT8YML4JvGBuQDY1mg08b/ZYNWbqXtwsnwmBmr WqQ4y0kTDkilUkFmc+Wy3WwJNtQUFxQ/TlnppxqAKQvu1qVCNmF3KDYS2i+SxduP87tU f5WYcT2GYMhi/rMJt9e/cS6SwVXAyXvdEy3VDtCL4lw6dn9udUrkEuc6PosSdgeiyzPx A84Q== X-Gm-Message-State: AOAM532dLUlETmffhR8TGSbXv80di7RxzM2nEs8eUf4/0ZUXPoAldrJm MECL+m++sTPbr24FZoPOxxvQsc/jwPMNTg== X-Google-Smtp-Source: ABdhPJyEM0zz1qHACSnNZI6cLXoPS5cn+pc8OOwp4SHywRzSHZ1pPxxetLlRkrqglDlRNMNk97kymw== X-Received: by 2002:a0c:e904:: with SMTP id a4mr3615026qvo.28.1599651808492; Wed, 09 Sep 2020 04:43:28 -0700 (PDT) Received: from scorpio.seibercom.net (cpe-174-109-231-236.nc.res.rr.com. [174.109.231.236]) by smtp.gmail.com with ESMTPSA id 201sm2237633qkf.103.2020.09.09.04.43.26 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Sep 2020 04:43:27 -0700 (PDT) Received: from scorpio.seibercom.net (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by scorpio.seibercom.net (Postfix) with ESMTPS id 4BmgBk0GZ0ztyY for ; Wed, 9 Sep 2020 07:43:25 -0400 (EDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.102.4 at scorpio.seibercom.net Date: Wed, 9 Sep 2020 07:43:18 -0400 From: Jerry To: "User Questions" Subject: Re: Postfix-sasl on FreeBSD will not authenticate Message-ID: <20200909074318.4cf75f6d@scorpio.seibercom.net> In-Reply-To: References: <523ffb82f14da9944a5368f28eddecac.squirrel@webmail.harte-lyne.ca> <0970ea44-1438-171a-4f44-221c4f9facd4@nethead.se> Reply-To: "User Questions" Organization: seibercom NET X-Mailer: Claws Mail 3.17.5 (GTK+ 2.24.32; amd64-portbld-freebsd11.4) MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; boundary="Sig_/=1V9ilOS5OtX_Lcd6sFjnJ="; protocol="application/pgp-signature" X-Rspamd-Queue-Id: 4BmgMh2Sx7z478J X-Spamd-Bar: ++ Authentication-Results: mx1.freebsd.org; dkim=pass header.d=seibercom.net header.s=google header.b=aln+0C8J; dmarc=none; spf=pass (mx1.freebsd.org: domain of jerry@seibercom.net designates 2607:f8b0:4864:20::442 as permitted sender) smtp.mailfrom=jerry@seibercom.net X-Spamd-Result: default: False [2.39 / 15.00]; HAS_REPLYTO(0.00)[freebsd-questions@freebsd.org]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; HAS_ORG_HEADER(0.00)[]; RCVD_COUNT_THREE(0.00)[4]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[seibercom.net:+]; NEURAL_HAM_SHORT(-0.34)[-0.338]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; REPLYTO_EQ_TO_ADDR(5.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RECEIVED_SPAMHAUS_PBL(0.00)[174.109.231.236:received]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.72)[-0.722]; R_DKIM_ALLOW(-0.20)[seibercom.net:s=google]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-0.95)[-0.953]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; DMARC_NA(0.00)[seibercom.net]; RCPT_COUNT_ONE(0.00)[1]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::442:from]; RCVD_TLS_ALL(0.00)[]; GREYLIST(0.00)[pass,body]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Sep 2020 11:51:13 -0000 --Sig_/=1V9ilOS5OtX_Lcd6sFjnJ= Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On Tue, 8 Sep 2020 22:12:50 +0000 (UTC), doug@safeport.com stated: >On Tue, 3 Jul 2018, James B. Byrne via freebsd-questions wrote: > >> On Tue, July 3, 2018 18:12, Per olof Ljungmark wrote: =20 >>> >>> On 07/03/18 22:39, James B. Byrne via freebsd-questions wrote: =20 >>>> On server A we have cyrus-imapd running with spiped listening on >>>> TCP:143. On server B we have postfix-sasl-3.3.0 running with >>>> spiped listening on TCP:143 linked to server A. >>>> >>>> On server A saslauthd is configured in rc.conf to use rimap to the >>>> localhost: >>>> >>>> saslauthd_flags=3D"-a rimap \ >>>> -O localhost" # Use Remote IMAP to authenticat >>>> >>>> Postfix is configured to use saslauth to authenticate outgoing >>>> senders: >>>> >>>> smtpd_sasl_auth_enable =3D yes >>>> smtpd_sasl_authenticated_header =3D no >>>> smtpd_sasl_exceptions_networks =3D >>>> smtpd_sasl_local_domain =3D >>>> smtpd_sasl_path =3D smtpd >>>> smtpd_sasl_security_options =3D noanonymous >>>> smtpd_sasl_service =3D smtp >>>> smtpd_sasl_tls_security_options =3D $smtpd_sasl_security_options >>>> smtpd_sasl_type =3D cyrus >>>> >>>> But I cannot find any such file named smtpd.conf which, according >>>> to the Postfix documentation, should exist and should contain: >>>> >>>> pwcheck_method: saslauthd >>>> mech_list: PLAIN >>>> >>>> It appears to me that postfix is directly looking in >>>> /usr/local/etc/sasldb2.db itself and, finding no entries, failing >>>> to authenticate. How do I tell postfix to use the saslauthd daemon >>>> instead? >>>> =20 >>> >>> You must create the file yourself and adjust it to whatever mech you >>> use, in our case it is saslauthd: >>> >>> cat /usr/local/lib/sasl2/smtpd.conf >>> pwcheck_method: saslauthd >>> mech_list: plain login >> >> Thank you. Do you know where the path to the file location is >> specified in the FreeBSD documentation? =20 > >It is in the postfix docs. As I recall it says put it in ../sasls (or >some such). This question really belongs on the Postfix forum. In any case, have you investigated: http://www.postfix.org/DEBUG_README.html http://www.postfix.org/DEBUG_README.html#mail http://www.postfix.org/SASL_README.html I would highly recommend the following two suggestions: Better, provide output from the postfinger tool. This can be found at http://ftp.wl0.org/SOURCES/postfinger. If the problem is SASL related, consider including the output from the saslfinger tool. This can be found at http://postfix.state-of-mind.de/patrick.koetter/saslfinger/. --=20 Jerry --Sig_/=1V9ilOS5OtX_Lcd6sFjnJ= Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEIQb/tTwl6I1ueEVtOHMGOIfexWQFAl9Yv9YACgkQOHMGOIfe xWTUiAf9HF/71PhtCP7ZDTUiDk4VLIeCy4oGpqPgxwR4/khFfk9qYOUp6q7T8Auj yAvBKWcXPxL6YrE3BN3y8MRpKAL0w0kV0GTUw0/d0hChotz7s52sla6NG6/bkF1q cPK+U3JUXORCLUoD57JtS1kYqUiZamY9f6bndXEtBK1BCz4xD1F9Brsi+18owKUy FclLYbpULCobu41DS9r84xerAbKHqAjpH5t738m8j8o1W5uI+nYOeT4Q7n1/vMGR e/BhpFHNE3d59oIT6CddYOVlF8lDSei6pNZbMDjkel0EzOIXuFIhBh79FRfpq/7W LroTUJrW1t20aoI9fBUO3SdUniJ17Q== =YT75 -----END PGP SIGNATURE----- --Sig_/=1V9ilOS5OtX_Lcd6sFjnJ=--