Date: Thu, 31 May 2007 10:33:08 -0500 From: Paul Schmehl <pauls@utdallas.edu> To: freebsd-questions@freebsd.org Subject: Re: Wierd postfix/cyrus SASL error... Message-ID: <4215074055BD1BFDD24D2509@utd59514.utdallas.edu> In-Reply-To: <294439d20705310218q5a8f65c0jb6b30c6dfc9a51a7@mail.gmail.com> References: <294439d20705310218q5a8f65c0jb6b30c6dfc9a51a7@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--==========D7EBEC76D8497FA6E7FC==========
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
--On Thursday, May 31, 2007 14:48:55 +0530 Amarendra Godbole=20
<amarendra.godbole@gmail.com> wrote:
> Hi,
>
> I use postfix as an smtp client to deliver email to our enterprise
> smtp server. Since the smtp server needs authentication, I used cyrus
> sasl with postfix and things worked fine. After a portupgrade, postfix
> has stopped working, and gives some wierd authentication error.
> Googling did not help much, and hence I am posting here. Relevant
> details follow:
>
> ----------8<-----------------
> Postfix version: postfix-2.4.1,1
> Cyrus SASL version: cyrus-sasl-2.1.22
>
> Postfix built with: (contents of makedefs.out)
> SYSTYPE =3D FREEBSD6
> AR =3D ar
> ARFL =3D rv
> RANLIB =3D ranlib
> SYSLIBS =3D -L/usr/local/lib -lpcre -L/usr/local/lib -lsasl2 -lpam =
-lcrypt
> CC =3D cc -DHAS_PCRE -I/usr/local/include -DUSE_SASL_AUTH
> -DUSE_CYRUS_SASL -I
> /usr/local/include -I/usr/local/include/sasl
> OPT =3D -O2 -fno-strict-aliasing -pipe
> DEBUG =3D
> AWK =3D awk
> STRCASE =3D
> EXPORT =3D AUXLIBS=3D'-L/usr/local/lib -lpcre -L/usr/local/lib -lsasl2 =
-lpam
> -lcryp
> t' CCARGS=3D'-DHAS_PCRE -I/usr/local/include -DUSE_SASL_AUTH
> -DUSE_CYRUS_SASL -I/u
> sr/local/include -I/usr/local/include/sasl' OPT=3D'-O2 =
-fno-strict-aliasing
> -pipe
> ' DEBUG=3D''
> WARN =3D -Wall -Wno-comment -Wformat -Wimplicit -Wmissing-prototypes \
> -Wparentheses -Wstrict-prototypes -Wswitch -Wuninitialized \
> -Wunused
>
> main.cf has the following entries:
># cyrus sasl stuff
> smtp_sasl_auth_enable =3D yes
> smtp_sasl_password_maps =3D hash:/usr/local/etc/postfix/sasl_passwd
> smtp_security_options =3D
>
> sasl_passwd.db exists created with postmap hash: command
>
> Error in the maillog shows:
> May 31 14:35:12 zimbu postfix/smtp[49765]: warning: SASL
> authentication failure: GSSAPI Error: Miscellaneous failure (see
> text) (open(/tmp/krb5cc_125): No such file or directory)
> May 31 14:35:12 zimbu postfix/smtp[49765]: 1E722B895:
> to=3D<xyz@xyz.com>, relay=3Dsmtp.foo.com[xx.xx.xx.xx]:25, delay=3D1.4,
> delays=3D0.02/0.01/1.4/0, dsn=3D4.7.0, status=3Ddeferred (SASL
> authentication failed; cannot authenticate to server
> smtp.foo.com[xx.xx.xx.xx]: generic failure)
>
> I don't quiet understand the first message of "no such file or =
directory".
>
> I used exactly the same configuration earlier, and postfix was happily
> working for the last year or so. Any pointers to fix this issue will
> be appreciated. Thanks in advance!
>
I have a similar setup:
smtpd_sasl_auth_enable =3D yes
smtpd_sasl_security_options =3D noanonymous
smtpd_sasl_local_domain =3D $myhostname
smtpd_sasl_application_name =3D smtpd
broken_sasl_auth_clients =3D yes
permit_sasl_authenticated
But I don't use a db password file. Have you tried re-running the postfix=20
hash utility (postmap) on the db? That's the first thing that I would try.
--=20
Paul Schmehl (pauls@utdallas.edu)
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
--==========D7EBEC76D8497FA6E7FC==========--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4215074055BD1BFDD24D2509>