From owner-freebsd-questions@FreeBSD.ORG Wed Sep 24 15:42:42 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 73CE016A4C0 for ; Wed, 24 Sep 2003 15:42:42 -0700 (PDT) Received: from blacklamb.mykitchentable.net (207-173-226-17.bras01.elk.ca.frontiernet.net [207.173.226.17]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1B38343FE1 for ; Wed, 24 Sep 2003 15:42:40 -0700 (PDT) (envelope-from drew@mykitchentable.net) Received: from L035522 (unknown [165.107.22.101]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by blacklamb.mykitchentable.net (Postfix) with ESMTP id C23673BF3BD; Wed, 24 Sep 2003 15:42:38 -0700 (PDT) To: Charlie Schluting , freebsd-questions@freebsd.org References: <20030923171919.M85629@cheshire.cat.pdx.edu> Message-ID: From: Drew Tomlinson Content-Type: text/plain; format=flowed; charset=iso-8859-15 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Date: Wed, 24 Sep 2003 15:42:26 -0700 In-Reply-To: <20030923171919.M85629@cheshire.cat.pdx.edu> User-Agent: Opera7.20/Win32 M2 build 3144 Subject: Re: saslauthd not working? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Sep 2003 22:42:42 -0000 On Tue, 23 Sep 2003 17:32:33 -0700 (PDT), Charlie Schluting wrote: > Hi, > > Trying to configure sasl with postfix.. and I keep getting "Login > Failed" I had a hell of a tough time getting this configured on my system. As I recall, once one knows about the Postfix bug (which you do based on your Postfix config), the default install works. > Here's what I have: > > telnet localhost 25: > AUTH PLAIN Y2hhcm... > 535 Error: authentication failed > > The maillog simply shows: > warning: localhost[127.0.0.1]: SASL PLAIN authentication failed > > /etc/rc.conf: > sasl_saslauthd_enable="YES" > sasl_saslauthd_flags="-a getpwent" I am using 4.8-STABLE as of 06/29/03. I have nothing in my rc.conf regarding saslauthd. I do have in /usr/local/etc/rc.d/saslauthd.sh. By default, it runs "saslauthd -a pam". This is the script that came with the port. I've made no mods. > /usr/local/lib/sasl2/smtpd.conf > pwcheck_method: saslauthd > mech_list: plain login I also have "auto_transition: yes" in this file. I don't know what it means or does. > I'm not using pam for anything else, so I figured that this method had > the best chance of working :) > Postfix is NOT chrooted, and postfix is in group mail. > > Postfix config: > > smtpd_sasl_auth_enable = yes > smtpd_sasl_security_options = noanonymous > smtpd_sasl_local_domain = This line is the bug I mentioned. Must be null, as you have it. > broken_sasl_auth_clients = yes > > Here's the perms on saslauthd: > drwxrwx--- 2 cyrus mail 512 Sep 23 17:27 saslauthd/ > > Am I missing anything? > I tried adding -d to saslauthd_flags in rc.conf. When I started > saslauthd, it just hung there, like I expected, only, I didn't get any > output when I tried to login to postfix. Everything seems similar to my setup except your rc.conf. As I recall, /etc/pam.conf did not need any additions because the last section defaults to using getpwnam(). Good luck! It's great when it works. HTH, Drew