* Alejandro Facultad <[EMAIL PROTECTED]>: >>> apt-get install sasl2-bin libsasl2-modules >>> >>> /etc/default/saslauthd: >>> START=yes >>> MECHANISMS="ldap" >>> MECH_OPTIONS="" >>> THREADS=5 >>> OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd" >>> >>> /etc/saslauthd.conf: >>> ldap_servers: ldap://ldap.company.com/ >>> ldap_search_base: ou=people,dc=company,dc=com >>> ldap_bind_dn: cn=admin,dc=company,dc=com >>> ldap_bind_pw: xyz >>> ldap_filter: (&(objectClass=CourierMailAccount)(cn=%U)) >>> ldap_scope: sub >>> ldap_auth_method: bind >>> >>> I execute: >>> dpkg-statoverride --add root sasl 710 >>> /var/spool/postfix/var/run/saslauthd >>> adduser postfix sasl >>> >>> /etc/postfix/sasl/smtpd.conf: >>> pwcheck_method: saslauthd >>> mech_list: plain login >>> log_level: 7 >>> >>> /etc/postfix/master.cf: >>> smtp inet n - n - - smtpd -o >>> content_filter=spamassassin # No chroot >>> >>> /etc/postfix/main.cf: >>> # TLS >>> smtp_tls_security_level = may >>> smtpd_tls_security_level = may >>> smtpd_tls_auth_only = no >>> smtpd_tls_cert_file = /etc/courier/smtpd.cert >>> smtpd_tls_key_file = /etc/courier/smtpd.key >>> smtpd_tls_loglevel = 2 >>> smtpd_tls_received_header = yes >>> smtpd_tls_session_cache_timeout = 3600s >>> tls_random_source = dev:/dev/urandom >>> # SASL >>> smtpd_sasl_auth_enable = yes >>> smtpd_sasl_security_options = noanonymous >>> smtpd_sasl_local_domain = >>> broken_sasl_auth_clients = yes >>> # SMTP Restrictions >>> smtpd_recipient_restrictions = permit_sasl_authenticate, >>> permit_mynetworks >>> >>> Restart postfix and saslauthd >>> >>> After that: >>> >>> $telnet mail 25 >>> >>> and I see: >>> 250-STARTTLS >>> 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN >>> So TLS and SASL are OK. >>> >>> Finally I configure my mail client (Iceweasel) and sens a mail, >>> asking me for the password, but I FAIL !!! I see this in >>> /var/log/auth.log: >>> >>> Aug 13 15:25:45 mail postfix/cleanup[4182]: looking for plugins in >>> '/usr/lib/sasl2', failed to open directory, error: No such file or >>> directory >>> Aug 13 15:25:53 mail postfix/smtpd[4196]: looking for plugins in >>> '/usr/lib/sasl2', failed to open directory, error: No such file or >>> directory >>> Aug 13 15:27:15 mail postfix/cleanup[4222]: looking for plugins in >>> '/usr/lib/sasl2', failed to open directory, error: No such file or >>> directory >>> Aug 13 15:29:41 mail postfix/cleanup[4290]: looking for plugins in >>> '/usr/lib/sasl2', failed to open directory, error: No such file or >>> directory >>> Aug 13 15:29:57 mail postfix/smtpd[4303]: looking for plugins in >>> '/usr/lib/sasl2', failed to open directory, error: No such file or >>> directory >>> Aug 13 15:30:01 mail CRON[4306]: (pam_unix) session opened for user >>> vmail by (uid=0) >>> Aug 13 15:30:01 mail pam_limits[4306]: setrlimit limit #11 to >>> soft=-1, hard=-1 failed: Operation not permitted; uid=0 euid=0 >>> Aug 13 15:30:01 mail pam_limits[4306]: setrlimit limit #12 to >>> soft=-1, hard=-1 failed: Operation not permitted; uid=0 euid=0 >>> Aug 13 15:30:01 mail CRON[4306]: (pam_unix) session closed for user >>> vmail >>> >>> >> You need to install either the courier or dovecot packages to provide >> the necessary utilities/libraries. >> >> For the courier option, you'll need libsasl2-modules and sasl2-bin at >> a minimum. I don't think the dovecot packages have broken out the >> auth portion yet, so you would need to install dovecot-imapd and/or >> dovecot-pop3d. >> > I had libsasl2-modules and sasl2-bin as I just said above. > > What can I do ????
Simplify (for the moment). 1. $ ls -l /usr/lib/sasl2 2. Verify it works with testsaslauthd. 3. Move on to Postfix. [EMAIL PROTECTED] -- The Book of Postfix <http://www.postfix-book.com> saslfinger (debugging SMTP AUTH): <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
