>From command line, SASL Auth is working. The auth is from a remote zimbra (imap) server.
Init saslauthd /usr/sbin/saslauthd -m /var/run/saslauthd -a rimap -O IP -r -l -n 10 # cat /etc/sasl2/smtpd.conf pwcheck_method: saslauthd mech_list: plain login # testsaslauthd -u u...@domain.tld -p 'password' 0: OK "Success." As the log shows, Postfix is trying to auth from a local /etc/sasldb2 and not from the remote imap server as the log below shows. And in fact I'm monitoring Zimbra with tcpdump and it has no connection from the Postfix server. # tail -f /var/log/maillog Jan 9 10:35:29 DMZ postfix/submission/smtpd[16987]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory Jan 9 10:35:29 DMZ postfix/submission/smtpd[16987]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory Jan 9 10:35:29 DMZ postfix/submission/smtpd[16987]: warning: unknown[IP]: SASL LOGIN authentication failed: authentication failure Jan 9 10:35:31 DMZ postfix/submission/smtpd[16987]: disconnect from unknown[IP] # postconf -a cyrus dovecot # postconf -A cyrus # postconf -n alias_maps = broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix cyrus_sasl_config_path = /usr/lib/sasl2 daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 html_directory = no inet_interfaces = all inet_protocols = ipv4 mail_owner = postfix mailq_path = /usr/bin/mailq manpage_directory = /usr/local/man mydestination = $myhostname, localhost.$mydomain, localhost mynetworks = 127.0.0.1 mynetworks_style = host myorigin = $mydomain newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = no relayhost = relay.domain.tld:25 sample_directory = /etc/postfix sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtp_sasl_path = /usr/lib/sasl2 smtp_use_tls = yes smtpd_enforce_tls = no smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = smtpd_sasl_path = smtpd smtpd_sasl_security_options = noanonymous smtpd_tls_auth_only = yes smtpd_tls_cert_file = $config_directory/mails.cert smtpd_tls_key_file = $config_directory/mails.key smtpd_tls_loglevel = 1 smtpd_tls_security_level = may smtpd_use_tls = yes # cat master.cf # # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master" or # on-line: http://www.postfix.org/master.5.html). # # Do not forget to execute "postfix reload" after editing this file. # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - n - - smtpd #smtp inet n - n - 1 postscreen #smtpd pass - - n - - smtpd #dnsblog unix - - n - 0 dnsblog #tlsproxy unix - - n - 0 tlsproxy submission inet n - n - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_reject_unlisted_recipient=no # -o smtpd_client_restrictions=$mua_client_restrictions # -o smtpd_helo_restrictions=$mua_helo_restrictions # -o smtpd_sender_restrictions=$mua_sender_restrictions -o smtpd_recipient_restrictions= -o smtpd_relay_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING #smtps inet n - n - - smtpd # -o syslog_name=postfix/smtps # -o smtpd_tls_wrappermode=yes # -o smtpd_sasl_auth_enable=yes # -o smtpd_reject_unlisted_recipient=no # -o smtpd_client_restrictions=$mua_client_restrictions # -o smtpd_helo_restrictions=$mua_helo_restrictions # -o smtpd_sender_restrictions=$mua_sender_restrictions # -o smtpd_recipient_restrictions= # -o smtpd_relay_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING #628 inet n - n - - qmqpd pickup unix n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr unix n - n 300 1 qmgr #qmgr unix n - n 300 1 oqmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - n - - smtp relay unix - - n - - smtp # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 showq unix n - n - - showq error unix - - n - - error retry unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache # rpm -qa | grep cyrus cyrus-sasl-2.1.23-15.el6_6.1.x86_64 cyrus-sasl-devel-2.1.23-15.el6_6.1.x86_64 cyrus-sasl-lib-2.1.23-15.el6_6.1.x86_64 cyrus-sasl-md5-2.1.23-15.el6_6.1.x86_64 cyrus-sasl-plain-2.1.23-15.el6_6.1.x86_64 # postconf | grep mail_version mail_version = 2.11.3 What am I doing wrong? I want to only use submission (465) with SSL to send mail. Regards, Rodrigo.
