From owner-freebsd-questions@FreeBSD.ORG Thu Nov 13 07:48:25 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B9C4316A4CE for ; Thu, 13 Nov 2003 07:48:25 -0800 (PST) Received: from mail.skiltech.com (bunning.skiltech.com [216.235.79.240]) by mx1.FreeBSD.org (Postfix) with ESMTP id D9CF243FAF for ; Thu, 13 Nov 2003 07:48:24 -0800 (PST) (envelope-from minter@mail.skiltech.com) Received: from localhost (localhost [127.0.0.1]) by mail.skiltech.com (Postfix) with ESMTP id 6590A1204E0 for ; Thu, 13 Nov 2003 10:48:24 -0500 (EST) Received: from mail.skiltech.com ([127.0.0.1]) by localhost (bunning.skiltech.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 56336-09 for ; Thu, 13 Nov 2003 10:48:23 -0500 (EST) Received: by mail.skiltech.com (Postfix, from userid 1000) id ADAD61204D9; Thu, 13 Nov 2003 10:48:23 -0500 (EST) Date: Thu, 13 Nov 2003 10:48:21 -0500 (EST) From: "H. Wade Minter" X-X-Sender: minter@bunning.skiltech.com To: freebsd-questions@freebsd.org Message-ID: <20031113104404.V56167@bunning.skiltech.com> x-gpg-fingerprint: 24460EC7 x-gpg-key: http://www.lunenburg.org/wade/pgp.php X-Folkin-Excellent: Eddie From Ohio (efohio.com) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Virus-Scanned: by amavisd-new at skiltech.com Subject: Postfix and SASL2 authentication X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Nov 2003 15:48:25 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I've been able to get Postfix and SASL1 to authenticate to system accounts under FreeBSD with no problem, but now I'm trying to use SASL2. I'm running into problems. I built postfix and sasl2 from ports with no problems. I created /usr/local/lib/sasl2/smtpd.conf: pwcheck_method: saslauthd mech_list: plain login saslauthd is being run with the "-a getpwent" flags from /etc/rc.conf. Postfix is set up to use SASL: enable_sasl_authentication = yes smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = $myhostname broken_sasl_auth_clients = yes However, when I test with a base64-encoded username\0username\0password string, it doesn't authenticate: Nov 13 07:46:29 taz postfix/smtpd[327]: < localhost[127.0.0.1]: AUTH PLAIN bWludGVyAG1pbnRlcgBjaGFuZ2VtZQ== Nov 13 07:46:29 taz postfix/smtpd[327]: smtpd_sasl_authenticate: sasl_method PLAIN, init_response bWludGVyAG1pbnRlcgBjaGFuZ2VtZQ== Nov 13 07:46:29 taz postfix/smtpd[327]: smtpd_sasl_authenticate: decoded initial response minter Nov 13 07:46:29 taz postfix/smtpd[327]: warning: SASL authentication failure: Password verification failed Nov 13 07:46:29 taz postfix/smtpd[327]: warning: localhost[127.0.0.1]: SASL PLAIN authentication failed Nov 13 07:46:29 taz postfix/smtpd[327]: > localhost[127.0.0.1]: 535 Error: authentication failed Does anyone know what I'm doing wrong? - --Wade -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/s6fHo4DwsyRGDscRAtq5AJ9jV/BCr0r8n/Mc6n73Miv07b1NAwCePs5m uOeXWaE2WlXwBSvWJuW8mfA= =XVfP -----END PGP SIGNATURE-----