Re: Fixing a SASL AUTH Problem

Fri, 29 Aug 2008 11:53:00 -0700 

Rich Shepard wrote:

  My wife uses her laptop connected wirelessly to the network, but sending
mail has failed since I upgraded postfix to 2.5.2 and enabled SASL
authorization. Thunderbird keeps asking for her password on the server when
she tries to send mail (incoming mail reaches her inbox with no problems)
and won't complete the attempt.

   From /var/log/maillog:
Aug 29 10:30:04 salmo postfix/smtpd[5938]: connect from wap.appl-ecosys.com[192.168.55.200] Aug 29 10:30:04 salmo postfix/smtpd[5938]: warning: SASL authentication failure: 
  cannot connect to saslauthd server: Permission denied
Aug 29 10:30:04 salmo postfix/smtpd[5938]: warning: SASL authentication failure: 
  Password verification failed
Aug 29 10:30:04 salmo postfix/smtpd[5938]: warning: wap.appl-ecosys.com[192.168.55.200]: 
  SASL PLAIN authentication failed: generic failure

   So, it's with my postfix setup. Reading again the SASL_README file,
/usr/lib/sasl2/smtpd.conf contains:

# Global parameters
log_level: 4
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN

   More:

[EMAIL PROTECTED] ~]$ telnet salmo.appl-ecosys.com 25
Trying 192.168.55.1...
Connected to salmo.appl-ecosys.com.
Escape character is '^]'.
220 salmo.appl-ecosys.com ESMTP Postfix
EHLO client.example.com
250-salmo.appl-ecosys.com
250-PIPELINING
250-SIZE 32768000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH PLAIN AHRlc3QAdGVzdHBhc3M=
535 5.7.8 Error: authentication failed: generic failure

The above uses the base64 code from the README file; my actual trial used
the code for her actual username and password.

  I created /etc/postfix/sasl_passwd with my server, her username, and her
password. Also modified /etc/postfix/main.cf so it now includes

smtpd_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_type = cyrus
smtp_* parameters are used by 'smtp', the thing that sends mail to other servers.
smtpd_* parameters are used by 'smtpd', the thing that listens for smtp connections. this is what you contact when you telnet or when Thunderbird send mail.
for the smtpd side, you can use either cyrus-sasl or dovecot. dovecot is easier to setup. you can use cryus-sasl if you want. but you must configure it correctly. the error you have is that postfix cannot contact saslauthd because of a permission denied. that's the thing to fix. 


  What have I missed? I'd really like to fix this issue for her as quickly
as I can.

TIA,

Rich

Reply via email to