From owner-freebsd-questions@freebsd.org Tue Jul 3 22:12:39 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 45DE6102D55A for ; Tue, 3 Jul 2018 22:12:39 +0000 (UTC) (envelope-from peo@nethead.se) Received: from ns1.nethead.se (ns1.nethead.se [5.150.237.139]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "ns1.nethead.se", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D7ED1739DB for ; Tue, 3 Jul 2018 22:12:38 +0000 (UTC) (envelope-from peo@nethead.se) X-Virus-Scanned: amavisd-new at Nethead AB DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=nethead.se; s=NETHEADSE; t=1530655948; bh=kHRm83qF6k6i2Ii2KBhM7Jx3dFW9Ua6yDI4p7YLlRK8=; h=Subject:To:References:From:Date:In-Reply-To; b=JUrFRNh5deuQPBcMGf3AGd+LhD3GGaFi5QxzLjJriOYZNxpET/7tt2ZYqPEYPv1jy 030cYBJMhsoH3IDe4F+Tt7NL9iDRLlCQ0uQQ02ZJ9zbWL4RJ+hdnyJic502/Gze5DV mWEYCkC4CZryu2Tb6wJVTgCcJTc65kV2Pw5XctVs= Subject: Re: Postfix-sasl on FreeBSD will not authenticate To: byrnejb@harte-lyne.ca, freebsd-questions@freebsd.org References: <523ffb82f14da9944a5368f28eddecac.squirrel@webmail.harte-lyne.ca> From: Per olof Ljungmark Message-ID: <0970ea44-1438-171a-4f44-221c4f9facd4@nethead.se> Date: Wed, 4 Jul 2018 00:12:27 +0200 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0 MIME-Version: 1.0 In-Reply-To: <523ffb82f14da9944a5368f28eddecac.squirrel@webmail.harte-lyne.ca> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Jul 2018 22:12:39 -0000 On 07/03/18 22:39, James B. Byrne via freebsd-questions wrote: > On server A we have cyrus-imapd running with spiped listening on > TCP:143. On server B we have postfix-sasl-3.3.0 running with spiped > listening on TCP:143 linked to server A. > > On server A saslauthd is configured in rc.conf to use rimap to the > localhost: > > saslauthd_flags="-a rimap \ > -O localhost" # Use Remote IMAP to authenticat > > Postfix is configured to use saslauth to authenticate outgoing senders: > > smtpd_sasl_auth_enable = yes > smtpd_sasl_authenticated_header = no > smtpd_sasl_exceptions_networks = > smtpd_sasl_local_domain = > smtpd_sasl_path = smtpd > smtpd_sasl_security_options = noanonymous > smtpd_sasl_service = smtp > smtpd_sasl_tls_security_options = $smtpd_sasl_security_options > smtpd_sasl_type = cyrus > > > But I cannot find any such file named smtpd.conf which, according to > the Postfix documentation, should exist and should contain: > > pwcheck_method: saslauthd > mech_list: PLAIN > > It appears to me that postfix is directly looking in > /usr/local/etc/sasldb2.db itself and, finding no entries, failing to > authenticate. How do I tell postfix to use the saslauthd daemon > instead? > You must create the file yourself and adjust it to whatever mech you use, in our case it is saslauthd: cat /usr/local/lib/sasl2/smtpd.conf pwcheck_method: saslauthd mech_list: plain login