On 1/29/2014 9:35 AM, Dennis Putnam wrote: > On 1/29/2014 8:49 AM, Dennis Putnam wrote: >> On 1/28/2014 9:44 PM, Viktor Dukhovni wrote: >>> On Tue, Jan 28, 2014 at 09:15:02PM -0500, Dennis Putnam wrote: >>> >>>> The following is in my main.cf. >>>> >>>> smtp_sasl_auth_enable = yes >>>> smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd >>>> smtp_sasl_security_options = >>> You might think so, but that does not make it so. >>> >>>> However, when I run postconf, I get this: >>>> >>>> smtp_sasl_auth_enable = no >>> That's the actual setting in main.cf, or else there is no setting >>> of this parameter in main.cf, and so the default value is in effect. >>> >>> Run "postconf -n | grep smtp_sasl_auth_enable", and see for yourself >>> where your mistake is. Some whitespace is more equal than other >>> whitespace. >>> >>>> Can anyone explain what has happened? >>> You have not set "smtp_sasl_auth_enable = yes", and perhaps other >>> required settings are not in fact set as intended. >>> >> Thanks for the reply. I did not thing to use -n as normally I use -d. >> The output is: >> >> smtp_sasl_auth_enable = yes >> >> Since there are no errors in the log, I can't imagine why the difference. >> >> Can you confirm from my log that I am correct in that it is not even >> attempting to authenticate (as opposed to some failed authentication >> attempt)? The only change that may have occurred is an automatic update. >> I am running this on CentOS 6 and the current postfix version is 2.6.6. >> I would need to dig through the 'yum' log to see what the previous >> version was and whether or not an update occurred at the same time as >> this problem. >> > I have just made another discovery. I have another mail relay that also > requires authentication. That relay still works so it cannot be the sasl > parameters per se. What actually triggers the authentication sequence? > Is it some prompt from the relay host or does the local server just know > when and how to authenticate? Could something have changed on the relay > host that would stop the local server from trying to authenticate? > I have made yet another discovery. Perhaps this is the problem. When the EHLO command is send, should there not be the line:
250-AUTH LOGIN DIGEST-MD5 CRAM-MD5 PLAIN Is that not what triggers the sasl authentication? That line is missing. Is that perhaps the crux problem? If so is there a way for forced postfix to authenticate anyway? Thanks.
signature.asc
Description: OpenPGP digital signature
