Hi,
I send you the configuration of Postfix.
$ postconf -nf
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/local/sbin
config_directory = /etc/postfix
daemon_directory = /usr/local/libexec/postfix
data_directory = /var/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd
$daemon_directory/$process_name $process_id & sleep 5
header_checks = pcre:/etc/postfix/header_checks
html_directory = /usr/local/share/doc/postfix/html
inet_interfaces = all
inet_protocols = all
mail_owner = _postfix
mailq_path = /usr/local/sbin/mailq
manpage_directory = /usr/local/man
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain = domain.com
myhostname = mail2.domain.com
mynetworks = 127.0.0.0/8, 192.168.1.0/24, 192.168.3.0/24
myorigin = $myhostname
newaliases_path = /usr/local/sbin/newaliases
qdeliver_destination_concurrency_limit = 1
qdeliver_destination_recipient_limit = 1
queue_directory = /var/spool/postfix
readme_directory = /usr/local/share/doc/postfix/readme
relay_domains = $mydestination
sample_directory = /etc/postfix
sendmail_path = /usr/local/sbin/sendmail
setgid_group = _postdrop
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_milters = unix:/var/spool/postfix/var/run/milter-spamd/spamd.sock
unix:/var/spool/postfix/var/run/milter-clamav/clamav.sock
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated,
reject_unauth_destination, reject_unauth_pipelining,
reject_non_fqdn_recipient, reject_unknown_recipient_domain,
reject_invalid_hostname, reject_non_fqdn_sender,
reject_unknown_sender_domain, reject_unauth_destination, reject_rbl_client
bl.spamcop.net, reject_rbl_client zombie.dnsbl.sorbs.net, reject_rbl_client
list.dsbl.org, reject_rbl_client sbl.spamhaus.org, reject_rbl_client
sbl-xbl.spamhaus.org, reject_rbl_client blackholes.easynet.nl,
reject_rbl_client combined.njabl.org, reject_rbl_client dul.dnsbl.sorbs.net,
permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $mydomain
smtpd_sasl_security_options =
smtpd_tls_CAfile = /etc/ssl/ca.crt
smtpd_tls_cert_file = /etc/postfix/ssl/server.crt
smtpd_tls_key_file = /etc/postfix/ssl/private/server.key
smtpd_tls_loglevel = 1
smtpd_tls_security_level = may
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:2000
virtual_mailbox_base = /var/mail/vhosts
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailboxes.cf
virtual_minimum_uid = 2000
virtual_transport = qdeliver
virtual_uid_maps = static:2000
$ postconf -Mf
smtp inet n - n - - smtpd
smtps inet n - - - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
pickup unix n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr unix n - - 300 1 qmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp
showq unix n - - - - showq
error unix - - - - - error
retry unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
qdeliver unix - n n - - pipe flags=uh
user=vmail argv=/usr/local/bin/deliverquota -c -w 90
/var/mail/vhosts/${domain}/${user}
The mail system is based on virtual users on OpenBSD.
Thanks.
--
Isaia Luciano
On 07.09.14, 14:42, giacomo wrote:
> Hello everyone.
> I recently created a mail server based on Postfix with MySQL and
> SASL authentication and TLS. I have problems to use authentication
> SASL. The errors are:
>
> telnet 192.168.1.242 25
> Trying 192.168.1.242...
> Connected to 192.168.1.242.
> Escape character is '^]'.
> 220 mail2.domain.com ESMTP Postfix
> ehlo tin.it
> 250-mail2.domain.com
> 250-PIPELINING
> 250-SIZE 10240000
> 250-VRFY
> 250-ETRN
> 250-STARTTLS
> 250-AUTH PLAIN LOGIN
> 250-AUTH=PLAIN LOGIN
> 250-ENHANCEDSTATUSCODES
> 250-8BITMIME
> 250 DSN
> AUTH PLAIN AGQubGlzYWlhQGdydXBwb2lzaWwuY29tAGxpc2FpYQ==
> 535 5.7.8 Error: authentication failed: generic failure
>
> /var/maillog
>
> Jul 5 23:11:19 mail2 postfix/smtpd[3717]:
> warning: SASL authentication failure: could not verify password
> Jul 5 23:11:19 mail2 postfix/smtpd[3717]:
> warning: SASL authentication failure: Password verification failed
> Jul 5 23:11:19 mail2 postfix/smtpd[3717]:
> warning: unknown[192.168.1.248]:
> SASL PLAIN authentication failed: generic failure
>
> /var/maillog
>
> Jul 5 23:11:19 mail2 postfix/smtpd[3717]:
> warning: SASL authentication failure: could not verify password
> Jul 5 23:11:19 mail2 postfix/smtpd[3717]:
> warning: SASL authentication failure: Password verification failed
> Jul 5 23:11:19 mail2 postfix/smtpd[3717]:
> warning: unknown[192.168.1.248]:
> SASL PLAIN authentication failed: generic failure
>
> System OpenBSD v. 5.5
>
> Packages:
>
> courier-authlib-0.65.0p2
> courier-authlib-mysql-0.65.0p5
> courier-imap-4.13p0
> courier-pop3-4.13p0
> cyrus-sasl-2.1.26p10-mysql
> mysql-client-5.1.73v0
> mysql-server-5.1.73v0
>
> Port:
> postfix-2.12.20140109-sasl2-mysql (compilated to enable SASL e MySQL)
>
> In the old version of OpenBSD it seam to work.
>
> Any suggestions?
>
> Thanks.
>
>
>
> --
> Isaia Luciano
