On 03/06/2011 01:18 PM, David Touzeau wrote:
dear
i would like to use submission port for authenticate users from internet
allowing them to the postfix smtpd server
For testing purpose, i have set a network different from the LAN to be
sure that postfix allow SASL connections
but it seems that postfix did not want to test the authentication method
and pass it's rules trough subnet rules to finally refuse the connection
with a "Client host rejected: Access denied"
We can see that there an request to saslauthd
"xsasl_cyrus_server_create: SASL service=smtp, realm=(null)" but i did
not really understand what is means..
I'm using saslauthd trough LDAP to perform credentials checking and
postfix 2.8.0
Where i'm wrong ??
When using testssaslauthd
----------------------------------------------------------------------
testsaslauthd -u david.touzeau -p secret -f /var/run/saslauthd/mux -s
smtp
0: OK "Success."
Content of /etc/postfix/sasl/smtpd.conf
----------------------------------------------------------------------
pwcheck_method: saslauthd
mech_list: LOGIN PLAIN CRAM-MD5 DIGEST-MD5
log_level: 5
master.cf
----------------------------------------------------------------------
smtp inet n - n - - smtpd
submission inet n - n - - smtpd
-o smtpd_etrn_restrictions=reject
-o smtpd_enforce_tls=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtp_generic_maps=
-o sender_canonical_maps=
Here it is a piece of debug logs :
----------------------------------------------------------------------
Debug logs should not be required to solve SASL issues.
Please include the output of postconf -n and the normal postfix logs for
the observed behaviour, as described in:
http://www.postfix.org/DEBUG_README.html#mail
--
J.
