Re: Postfix plain text authentication with SASL

Suresh Kumar Prajapati Thu, 09 Jun 2011 00:48:48 -0700

Hi,

I've follow all the info you have give and the command show the following
output


[root@hostname postfix]# testsaslauthd -u tom -p redhat
0: NO "authentication failed"



On Thu, Jun 9, 2011 at 1:03 PM, Patrick Ben Koetter 
<p...@state-of-mind.de>wrote:

> * Suresh Kumar Prajapati <er.sureshprajap...@gmail.com>:
> > [root@quranmail postfix]# saslfinger -s
> > saslfinger - postfix Cyrus sasl configuration Thu Jun  9 11:24:25 MSD
> 2011
> > version: 1.0.2
> > mode: server-side SMTP AUTH
> >
> > -- basics --
> > Postfix: 2.3.3
> > System: CentOS release 5.6 (Final)
> >
> > -- smtpd is linked to --
> >     libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x009ad000)
> >
> > -- active SMTP AUTH and TLS parameters for smtpd --
> > broken_sasl_auth_clients = yes
> > smtpd_sasl_auth_enable = yes
> > smtpd_sasl_local_domain = <domain.com>
> >
> >
> > -- listing of /usr/lib/sasl --
> > total 28
> > drwxr-xr-x  2 root root  4096 Jun  7 14:43 .
> > drwxr-xr-x 36 root root 20480 Jun  7 14:43 ..
> > -rw-r--r--  1 root root    47 May 31 20:34 smtpd.conf
>
>
> Please remove /usr/lib/sasl/smtpd.conf. Cyrus SASL 2 will not use it.
>
>
> > -- listing of /usr/lib/sasl2 --
> > total 3064
> > drwxr-xr-x  2 root root   4096 Jun  9 08:07 .
> > drwxr-xr-x 36 root root  20480 Jun  7 14:43 ..
> > -rwxr-xr-x  1 root root    884 Mar 17  2010 libanonymous.la
> > -rwxr-xr-x  1 root root  14372 Mar 17  2010 libanonymous.so
> > -rwxr-xr-x  1 root root  14372 Mar 17  2010 libanonymous.so.2
> > -rwxr-xr-x  1 root root  14372 Mar 17  2010 libanonymous.so.2.0.22
> > -rwxr-xr-x  1 root root    870 Mar 17  2010 libcrammd5.la
> > -rwxr-xr-x  1 root root  16832 Mar 17  2010 libcrammd5.so
> > -rwxr-xr-x  1 root root  16832 Mar 17  2010 libcrammd5.so.2
> > -rwxr-xr-x  1 root root  16832 Mar 17  2010 libcrammd5.so.2.0.22
> > -rwxr-xr-x  1 root root    893 Mar 17  2010 libdigestmd5.la
> > -rwxr-xr-x  1 root root  47172 Mar 17  2010 libdigestmd5.so
> > -rwxr-xr-x  1 root root  47172 Mar 17  2010 libdigestmd5.so.2
> > -rwxr-xr-x  1 root root  47172 Mar 17  2010 libdigestmd5.so.2.0.22
> > -rwxr-xr-x  1 root root    856 Mar 17  2010 liblogin.la
> > -rwxr-xr-x  1 root root  14752 Mar 17  2010 liblogin.so
> > -rwxr-xr-x  1 root root  14752 Mar 17  2010 liblogin.so.2
> > -rwxr-xr-x  1 root root  14752 Mar 17  2010 liblogin.so.2.0.22
> > -rwxr-xr-x  1 root root    856 Mar 17  2010 libplain.la
> > -rwxr-xr-x  1 root root  14848 Mar 17  2010 libplain.so
> > -rwxr-xr-x  1 root root  14848 Mar 17  2010 libplain.so.2
> > -rwxr-xr-x  1 root root  14848 Mar 17  2010 libplain.so.2.0.22
> > -rwxr-xr-x  1 root root    930 Mar 17  2010 libsasldb.la
> > -rwxr-xr-x  1 root root 905200 Mar 17  2010 libsasldb.so
> > -rwxr-xr-x  1 root root 905200 Mar 17  2010 libsasldb.so.2
> > -rwxr-xr-x  1 root root 905200 Mar 17  2010 libsasldb.so.2.0.22
> > -rw-r--r--  1 root root     25 Mar 31  2010 Sendmail.conf
> >
> > -- listing of /var/lib/sasl2 --
> > total 8
> > drwxr-xr-x  2 root root 4096 Jun  9 08:07 .
> > drwxr-xr-x 18 root root 4096 Jun  9 10:54 ..
> >
> > -- listing of /etc/sasl2 --
> > total 16
> > drwxr-xr-x  2 root root    4096 Jun  9 08:09 .
> > drwxr-xr-x 54 root postfix 4096 Jun  9 10:54 ..
> > -rw-r--r--  1 root root      49 Jun  9 08:09 smtpd.conf
> > -rw-r--r--  1 root root      99 Jun  7 10:10 smtpd.conf.bak
> >
> >
> > -- content of /usr/lib/sasl/smtpd.conf --
> > pwcheck_method: saslauthd
> > saslauthd_version: 2
> >
> > -- content of /etc/sasl2/smtpd.conf --
> > pwcheck_method: saslauthd
> > mech_list: plain login
>
> OK. Did you check for whitespace? There must be no trailing whitespace.
>
> > -- active services in /etc/postfix/master.cf --
> > # service type  private unpriv  chroot  wakeup  maxproc command + args
> > #               (yes)   (yes)   (yes)   (never) (100)
> >
> > 21      inet  n       -       n       -       -       smtpd
>
> I leave it up to you to run the Postfix smtpd server on a different port.
> For
> the moment please disable the line above and follow the standard:
>
> smtp      inet  n       -       n       -       -       smtpd
>
>
> > -- mechanisms on localhost --
> >
> > -- end of saslfinger output --
> >
> > Please let me know if anything else is required.
>
> Can you test if authenication works without Postfix? Use the testsaslauthd
> command to prove it works:
>
> % testsaslauthd -u username -p password
>
> If that doesn't work we need to fix more than only Postfix configuration.
>
> p@rick
>
> --
> All technical questions asked privately will be automatically answered on
> the
> list and archived for public access unless privacy is explicitely required
> and
> justified.
>
> saslfinger (debugging SMTP AUTH):
> <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
>



-- 
Best Regards,
Suresh Kumar Prajapati
Linux Security Admin
E-mail: er.sureshprajap...@gmail.com
----------------------------------------------------------------------------------------
Pencils could be made with erasers at both ends, but what would be the
point?

Re: Postfix plain text authentication with SASL

Reply via email to