Gerard <postfix.u...@yahoo.com> writes: > When sending from my network, I was receiving a warning message: > > Jul 5 15:57:06 scorpio postfix/smtpd[22724]: connect from > localhost[127.0.0.1] > Jul 5 15:57:07 scorpio postfix/smtpd[22724]: warning: SASL authentication > failure: no user in db > > I was advised to put the following in the main.cf file: > > smtpd_sasl_exceptions_networks = $mynetworks > > That works fine if I send from the same PC that is hosting Postfix. > However, if I send from another PC on the network, I receive a similar > waring message: > > Jul 5 15:57:06 scorpio postfix/smtpd[22724]: connect from > boss.seibercom.net[192.168.1.104] > Jul 5 15:57:07 scorpio postfix/smtpd[22724]: warning: SASL authentication > failure: no user in db > > So, I added this to the main.cf file: > > smtpd_sasl_exceptions_networks = $mynetworks, 192.168.1.0/24 > > Unfortunately, it does not stop the waring message from appearing. I > know it is only a harmless warning message; however, I would like to > know what I am doing wrong. > > This is the output of postconf -n > > alias_database = hash:/usr/local/etc/postfix/aliases > alias_maps = hash:/usr/local/etc/postfix/aliases > broken_sasl_auth_clients = yes > command_directory = /usr/local/sbin > config_directory = /usr/local/etc/postfix > daemon_directory = /usr/local/libexec/postfix > data_directory = /var/db/postfix > debug_peer_level = 2 > html_directory = no > inet_interfaces = all > mail_owner = postfix > mail_spool_directory = /var/mail > mailq_path = /usr/local/bin/mailq > manpage_directory = /usr/local/man > milter_default_action = accept > mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain > mydomain = seibercom.net > mynetworks_style = subnet > myorigin = $mydomain > newaliases_path = /usr/local/bin/newaliases > queue_directory = /var/spool/postfix > readme_directory = no > sample_directory = /usr/local/etc/postfix > sender_dependent_relayhost_maps = hash:/usr/local/etc/postfix/sender_relay > sendmail_path = /usr/local/sbin/sendmail > setgid_group = maildrop > smtp_sasl_auth_enable = yes > smtp_sasl_password_maps = hash:/usr/local/etc/postfix/sasl_passwd > smtp_sasl_security_options = noanonymous > smtp_sasl_type = cyrus > smtp_sender_dependent_authentication = yes > smtp_tls_CAfile = /usr/local/etc/postfix/certs/cacert.pem > smtp_tls_CApath = /usr/local/etc/postfix/certs > smtp_tls_cert_file = /usr/local/etc/postfix/certs/postfix-cert.pem > smtp_tls_key_file = /usr/local/etc/postfix/certs/postfix-key.pem > smtp_tls_loglevel = 0 > smtp_tls_note_starttls_offer = yes > smtp_tls_security_level = may > smtp_tls_session_cache_database = btree:/var/db/postfix/smtp_tls_session_cache > smtpd_milters = unix:/var/run/clamav/clmilter.sock > smtpd_recipient_restrictions = permit_sasl_authenticated > permit_mynetworks reject_unauth_destination > smtpd_sasl_auth_enable = yes > smtpd_sasl_authenticated_header = yes > smtpd_sasl_exceptions_networks = $mynetworks, 192.168.1.0/24 > smtpd_sasl_local_domain = > smtpd_sasl_path = smtpd > smtpd_sasl_security_options = noanonymous > smtpd_sasl_tls_security_options = noanonymous > smtpd_tls_CAfile = /usr/local/etc/postfix/certs/cacert.pem > smtpd_tls_cert_file = /usr/local/etc/postfix/certs/postfix-cert.pem > smtpd_tls_key_file = /usr/local/etc/postfix/certs/postfix-key.pem > smtpd_tls_received_header = yes > smtpd_tls_security_level = may > smtpd_tls_session_cache_database = > btree:/var/db/postfix/smtpd_tls_session_cache > tls_random_source = dev:/dev/urandom > transport_maps = hash:/usr/local/etc/postfix/transport > unknown_local_recipient_reject_code = 550
It's not your fault. See http://lists.freebsd.org/pipermail/freebsd-ports/2005-June/023801.html ;; If you do not want to see the error line in your Postfix logs, just switch saslauthd's authentication mechanism from "sasldb" to the others (e.g., "pam", "getpwent") by modifying /usr/local/lib/sasl2/smtpd.conf ;; FYI, currently, the default authentication mechanism in FreeBSD system is "pam" [1]. For more information, have a look saslauthd(8) with care ;; Sincerely, [1] http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/cyrus-sasl2-saslauthd/files/saslauthd.sh.in?rev=1.2;content-type=text%2Fplain -- Byung-Hee HWANG, KNU ∑ WWW: http://izb.knu.ac.kr/~bh/
