P.S. I'm sorry I looked quickly and thought your name was Rob, forgive me Patrick. I'm reading your book, I like it. I also use the postfix web site and debian-wiki/arch-wiki.
On Mon, Oct 22, 2012 at 5:53 PM, William Holt <holt.william.aa...@gmail.com> wrote: > Hi Rob, thanks. I use the reserved adresses because I'm testing the > box via local net (my laptop), I have everything setup straight > through GoDaddy to my router I just forward the ports when I'm ready. > > I'll check out the smtpd_sasl_local_domain = $myhostname problem. By > the way, do you know of any docs which list and explain the sasl and > tls options? > > this is the result of saslfinger...I'm looking at it now but I > forwarded it to you... > > <code> > postfix start > postfix/postfix-script: starting the Postfix mail system > [root@messenger saslfinger-1.0.3]# saslfinger -s > saslfinger - postfix Cyrus sasl configuration Mon Oct 22 17:45:14 EDT 2012 > version: 1.0.2 > mode: server-side SMTP AUTH > > -- basics -- > Postfix: 2.9.4 > System: Arch Linux \r (\l) > > -- smtpd is linked to -- > libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7712000) > > -- active SMTP AUTH and TLS parameters for smtpd -- > broken_sasl_auth_clients = yes > smtpd_sasl_auth_enable = yes > smtpd_sasl_local_domain = $myhostname > smtpd_sasl_security_options = noanonymous > smtpd_sasl_tls_security_options = $smtpd_sasl_security_options > smtpd_sasl_type = cyrus > smtpd_tls_CAfile = /etc/ssl/private/CA-Messenger-key.pem > smtpd_tls_cert_file = /etc/postfix/smtpd.crt > smtpd_tls_key_file = /etc/postfix/smtpdpub.key > smtpd_tls_security_level = may > > > -- listing of /usr/lib/sasl2 -- > total 604 > drwxr-xr-x 2 root root 4096 Oct 19 14:21 . > drwxr-xr-x 52 root root 20480 Oct 19 14:14 .. > -rwxr-xr-x 1 root root 17956 Jan 9 2012 libanonymous.so > -rwxr-xr-x 1 root root 17956 Jan 9 2012 libanonymous.so.2 > -rwxr-xr-x 1 root root 17956 Jan 9 2012 libanonymous.so.2.0.23 > -rwxr-xr-x 1 root root 17956 Jan 9 2012 libcrammd5.so > -rwxr-xr-x 1 root root 17956 Jan 9 2012 libcrammd5.so.2 > -rwxr-xr-x 1 root root 17956 Jan 9 2012 libcrammd5.so.2.0.23 > -rwxr-xr-x 1 root root 51012 Jan 9 2012 libdigestmd5.so > -rwxr-xr-x 1 root root 51012 Jan 9 2012 libdigestmd5.so.2 > -rwxr-xr-x 1 root root 51012 Jan 9 2012 libdigestmd5.so.2.0.23 > -rwxr-xr-x 1 root root 17956 Jan 9 2012 liblogin.so > -rwxr-xr-x 1 root root 17956 Jan 9 2012 liblogin.so.2 > -rwxr-xr-x 1 root root 17956 Jan 9 2012 liblogin.so.2.0.23 > -rwxr-xr-x 1 root root 34436 Jan 9 2012 libntlm.so > -rwxr-xr-x 1 root root 34436 Jan 9 2012 libntlm.so.2 > -rwxr-xr-x 1 root root 34436 Jan 9 2012 libntlm.so.2.0.23 > -rwxr-xr-x 1 root root 17956 Jan 9 2012 libplain.so > -rwxr-xr-x 1 root root 17956 Jan 9 2012 libplain.so.2 > -rwxr-xr-x 1 root root 17956 Jan 9 2012 libplain.so.2.0.23 > -rwxr-xr-x 1 root root 21940 Jan 9 2012 libsasldb.so > -rwxr-xr-x 1 root root 21940 Jan 9 2012 libsasldb.so.2 > -rwxr-xr-x 1 root root 21940 Jan 9 2012 libsasldb.so.2.0.23 > -rw-r--r-- 1 root root 160 Oct 21 12:42 smtpd.conf > > > > > -- content of /usr/lib/sasl2/smtpd.conf -- > ##sasl authentication methods### > pwcheck_method: auxprop > #saslauthd_path: /var/run/saslauthd/mux > mech_list: plain login > auxprop_plugin: sasldb2 > log_level: 7 > > > > -- active services in /etc/postfix/master.cf -- > # service type private unpriv chroot wakeup maxproc command + args > # (yes) (yes) (yes) (never) (100) > smtp inet n - n - - smtpd -v > pickup fifo n - n 60 1 pickup > cleanup unix n - n - 0 cleanup > qmgr fifo n - n 300 1 qmgr > tlsmgr unix - - n 1000? 1 tlsmgr > rewrite unix - - n - - trivial-rewrite > bounce unix - - n - 0 bounce > defer unix - - n - 0 bounce > trace unix - - n - 0 bounce > verify unix - - n - 1 verify > flush unix n - n 1000? 0 flush > proxymap unix - - n - - proxymap > proxywrite unix - - n - 1 proxymap > smtp unix - - n - - smtp > relay unix - - n - - smtp > showq unix n - n - - showq > error unix - - n - - error > retry unix - - n - - error > discard unix - - n - - discard > local unix - n n - - local > virtual unix - n n - - virtual > lmtp unix - - n - - lmtp > anvil unix - - n - 1 anvil > scache unix - - n - 1 scache > > -- mechanisms on localhost -- > 250-AUTH PLAIN LOGIN > 250-AUTH=PLAIN LOGIN > > -- end of saslfinger output -- > > [root@messenger saslfinger-1.0.3]# > </code> > > Thanks. > > On Sun, Oct 21, 2012 at 4:15 PM, /dev/rob0 <r...@gmx.co.uk> wrote: >> On Sun, Oct 21, 2012 at 03:51:13PM -0400, William Holt wrote: >>> hi, new to the forum. I'm running arch and have postfix/cyrus. >> >> Generally I recommend Dovecot for SASL and IMAP. >> >>> I can telnet to the smtp daemon, smtp is running and acceptd >>> connection: >>> ---------telnet #.#.#.# 25------ >>> [remotehost ~]# telnet #.#.#.# 25 >>> Trying 192.168.1.x... >>> Connected to 192.168.1.x. >> >> 1. You are munging an RFC1918 address? Why? >> 2. Typically AUTH should be offered on submission, not smtp. See >> RFC6409 and the commented "submission" example in master.cf. >> >> snip >>> auth plain (base64encodedstring) >>> 535 5.7.8 Error: authentication failed: authentication failure >> >> Cyrus SASL did not like the credentials as presented. Nothing more >> can be said. You might find testsaslauth(1) (provided by, and >> possibly also supported by Cyrus SASL) helpful in debugging. >> >>> ]# cat /etc/postfix/main.cf >> >> As the list welcome message told you, this is not recommended. In >> your case, saslfinger might be useful. >> >> http://www.postfix.org/DEBUG_README.html#mail >> >>> broken_sasl_auth_clients = yes >> >> Why? >> >>> smtpd_sasl_local_domain = $myhostname >> >> My WAG would be that this is the problem. See the Cyrus SASL >> documentation and: >> >> http://www.postfix.org/postconf.5.html#smtpd_sasl_local_domain >> >>> smtpd_recipient_restrictions = >>> permit_sasl_authenticated,permit_mynetworks,check_relay_domains >> >> What? Why are you using check_relay_domains here? Long ago >> deprecated. >> -- >> http://rob0.nodns4.us/ -- system administration and consulting >> Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
