Hello all,
I have finally attained the unenviable position of being able to effortlessly
see
the entire wood without being able to clearly identify a single tree. IOW, I'm
completely stuck.
OS = Centos 5.5 (2.6.18-194.26.1.el5) x86_64
Postfix = postfix-2.3.3-2.1.el5_2
Dovecot = dovecot-1.0.7-7.el5
Goal = Enable SMTP AUTH using Postfix and Dovecot
Problem = Postfix cannot locate a suitable authentication mechanism ?
Common errors shown in /var/log/maillog :
Nov 12 21:49:46 caprica postfix/postfix-script: starting the Postfix mail
system
Nov 12 21:49:46 caprica postfix/master[7182]: daemon started -- version
2.3.3, configuration /etc/postfix
Nov 12 21:50:09 caprica postfix/smtpd[7189]: fatal: no SASL authentication
mechanisms
Nov 12 21:50:10 caprica postfix/master[7182]: warning: process
/usr/libexec/postfix/smtpd pid 7189 exit status$
When 'smtpd_sasl_auth_enable = yes' is set, I cannot connect to Postfix using
a simple telnet command :
[r...@caprica postfix]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
This just times out and gives the aforementioned 'no SASL authentication'
error in /var/log/maillog. Commenting out 'smtpd_sasl_auth_enable = yes' gives
this output :
[r...@caprica postfix]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 caprica.nrth.lab ESMTP Postfix
ehlo localhost
250-caprica.nrth.lab
250-PIPELINING
250-SIZE 15728640
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit
221 2.0.0 Bye
Connection closed by foreign host.
I'm not sure exactly what to include here so apologies if I've included the
wrong output or too much. My configurations are below.
postconf -n :
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
disable_vrfy_command = yes
header_checks = pcre:/etc/postfix/header_checks
html_directory = no
inet_interfaces = $myhostname, localhost
mail_owner = postfix
mailbox_command = /usr/bin/procmail
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 15728640
mydestination = $myhostname, localhost.$mydomain, localhost, nrth.org
mydomain = nrth.lab
myhostname = caprica.nrth.lab
mynetworks = 127.0.0.0/8, 10.20.30.0/24
mynetworks_style = subnet
myorigin = nrth.org
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
relayhost = outbound.mailhop.org
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options =
smtp_tls_security_level = may
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination,
reject_unauth_pipelining, reject_invalid_helo_hostname,
reject_unknown_sender_domain, check_sender_access
hash:/etc/postfix/smtp_sender_access, check_client_access
hash:/etc/postfix/smtp_client_access, reject_invalid_hostname
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = /var/spool/postfix/private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_cert_file = /etc/pki/tls/certs/caprica.nrth.lab.cert
smtpd_tls_key_file = /etc/pki/tls/private/caprica.nrth.lab.key
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_database = btree:/var/spool/postfix/smtpd_tls_cache
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
postconf -m :
btree
cidr
environ
hash
ldap
nis
pcre
proxy
regexp
static
unix
dovecot -n :
# 1.0.7: /etc/dovecot.conf
login_dir: /var/run/dovecot/login
login_executable(default): /usr/libexec/dovecot/imap-login
login_executable(imap): /usr/libexec/dovecot/imap-login
login_executable(pop3): /usr/libexec/dovecot/pop3-login
mail_executable(default): /usr/libexec/dovecot/imap
mail_executable(imap): /usr/libexec/dovecot/imap
mail_executable(pop3): /usr/libexec/dovecot/pop3
mail_plugin_dir(default): /usr/lib64/dovecot/imap
mail_plugin_dir(imap): /usr/lib64/dovecot/imap
mail_plugin_dir(pop3): /usr/lib64/dovecot/pop3
auth default:
mechanisms: plain login
passdb:
driver: pam
userdb:
driver: passwd
socket:
type: listen
client:
path: /var/run/dovecot/auth-client
mode: 432
user: postfix
group: postfix
master:
path: /var/spool/postfix/private/auth
mode: 432
user: postfix
group: postfix
Thanks for any information anyone may have toward helping me set up SMTP AUTH
for clients on my LAN.
Regards,
Pete.
