On Wed, Sep 10, 2014 at 10:46:43PM +0200, giacomo wrote:

> > So you're using Cyrus SASL, but not showing any details of the SASL
> > configuration, available plugins, ...
> >  
> 
> The configuration of SASL is in /usr/local/lib/sasl2/smtpd.conf
> 
> pwcheck_method: saslauthd
> mech_list: PLAIN LOGIN
> #authdaemond_path: /var/sasl2/socket
> authdaemond_path: /var/run/courier-auth/socket
> log_level: 7

The documentation for "authdaemond_path" says:

    Path to Courier-IMAP authdaemond's unix socket.
    Only applicable when pwcheck_method is set to authdaemond.

So your smtpd.conf can't work as configured.

Is the authdaemond_path correctly specified?
Does the "postfix" user have permission to access the socket?
Is smtpd(8) chrooted?

> > > > AUTH PLAIN AGQubGlzYWlhQGdydXBwb2lzaWwuY29tAGxpc2FpYQ==
> > > > 535 5.7.8 Error: authentication failed: generic failure
> > 
> > Avoid posting "AUTH PLAIN" and "AUTH LOGIN" command arguments, they
> > contain reversibly (base64) encoded passwords.
> 
> I don't understand this. Please specificy what it mean.

It means that you should not send the data after "AUTH PLAIN " to
a public mailing list.  It can be easily decoded to recover your
no longer secret password.  For example:

    $ echo "AGQubGlzYWlhQGdydXBwb2lzaWwuY29tAGxpc2FpYQ==" |
        openssl base64 -A -d |
        cat -etv
    ^@d.lis...@gruppoisil.com^@lisaia

-- 
        Viktor.

Reply via email to