Re: Graphing mail stats
On 16/02/2013 12:59, Nikolaos Milas wrote: On 15/2/2013 9:47 μμ, Nikolaos Milas wrote: However, although I have successfully patched both mailgraph.pl and mailgraph.cgi, it doesn't seem to work. (I did it twice to confirm.) In the place of the "Bounced-Virus-... etc" diagram nothing appears except a "mailgraph" word. Only the "Sent-Received" diagram appears properly. Note that the patch proposed at: http://www.networkmonkey.de/mailgraph-und-postscreen/ to support postscreen does work. So, this is what I am using at the moment. If the more complete patch Birta proposes works, then it will be preferable because it should display postscreen activity separately (while now it appears as "spam"). So, if there is some suggestion on how to make it work, I would be interested. Regards, Nick Before patch you have working mailgraph? If yes, I think you need to delete the rrds. Levi smime.p7s Description: S/MIME Cryptographic Signature
Re: Unable to set postfix as smarthost with plain authentication on port 25 (no tls/ssl): error 550 5.1.0 xxxxx authentication failed - SOLVED!
Thanks Harald, for the sake of clarity I answered to you points in the mail, but after trying and retrying, it seems that I need to place: "smtp_sasl_mechanism_filter = plain" in the main.cf By forcing the mechanism the system is now able to connect to te server and send the mail. Thanks again, Luca On Thu, Feb 14, 2013 at 3:10 PM, Reindl Harald wrote: > > Am 14.02.2013 14:48, schrieb Luca Arzeni: > > I'm in need of using a smarthost to relay all of my mail. > > > > I'm unable to use an italia provider (aruba) as smarthos for my server. > > I obtain the (in)famous "550 5.1.0 X authentication failed" > > maybe he does not like PLAIN without encryption > why in the world would anybody do this? > > install "cyrus-sasl-md5" or however the package is called > in your dsitribution and postfix will automatically use > the best available method > > I can confirm that aruba smpt uses PLAIN authentication without encryption, so md5 (alas!) is not an option. I don't understand why they make this ugly thing, but "such is life!" (TM) :-) > > I've tested username/password using thunderbird as client, it works > > with unencrypted plain auth? > Yes it does work this way: unencrypted plain auth on port 25 > > > I've tested the same configuration with another provider: it works. > > does not matter > > agreed. I was just pointing out that postfix is working and it's able to do a md5 authentication with other providers, so the problem is really in the unencrypted PLAIN authentication > > My guess is that the provider uses different server to answer to my > request > > how should it do this? > > > and so postfix is unable to find a matching password in > > file /etc/postfix/sasl/saslpasswd. > > YOU control the match not the target server > > YOU control that host/port of the reylhost matchs EXACTLY > how it is defined in "saslpasswd" and my guess is that > you forgot to put the hostname inside [] to disable > MX lookups > > I did use the [] but, as far as I can see, the logs shows that I ask for a server, but there are other names that I find in the logs. (placing a smptd -v in the master.conf) > > cat /etc/postfix/saslpasswd > # CHANGES: postmap /etc/postfix/saslpasswd > [mail.thelounge.net]:587 user:pwd > > > But I've tried by using smtp_cname_overrides_servername=yes or > smtp_cname_overrides_servername=no and it failed in > > the same way. > > don't do mangling around everywhere > ok > > > I've also tried to declare all hostnames that I can see in the logs > placing all of them in the > > /etc/postfix/sasl/saslpasswd but even this way I cannot send my mail > > why are you doing this? > > also to be sure that there was a match between the entry in the saslpasswd file and the host. anyway: all well what ends well. Thanks again, Luca
Re: SASL question - SOLVED
On 2/13/2013 7:35 PM, Bob Proulx wrote:
Curtis Maurand wrote:
Patrick Ben Koetter wrote:
However, nothing in my configuration says to open the sasldb file
anywhere as the auth machanism is set to imap, but postfix seems
intent on opening this file anyway.
Cyrus SASL opens sasldb as fallback when all other attempts to do
AUTH have failed. That in turn says your current setup is
non-functional. Which docs did you follow? What's your current
setup?
My currwnt setup has the imap connecting to a remote server on a private
network. The imap server is dbmail 2.2.17.
Postfix is a member of the sasl group. There is an sasldb2 file
just in case.
I am not sure it is your desire to use the sasldb2 file. But if it is
then on Debian it needs to be made available in the chroot which on
Debian is usually located at /var/spool/postfix/etc. For me it meant
the easiest thing to do was to modify the /etc/init.d/postfix script
to make sure it was copied into the chroot when it was started.
I added etc/sasldb2 to this next section.
FILES="etc/sasldb2 etc/localtime etc/services etc/resolv.conf etc/hosts \
etc/nsswitch.conf etc/nss_mdns.config"
for file in $FILES; do
[ -d ${file%/*} ] || mkdir -p ${file%/*}
if [ -f /${file} ]; then rm -f ${file} && cp -p /${file} ${file}; fi
# if [ -f ${file} ]; then chmod a+rX ${file}; fi
done
And I also removed that line that is commented out so that the
original permissions are preserved. That causes permissions to be
preserved from the /etc file into the chroot area when the file is
copied into it. Otherwise the file would be available to everyone.
Using the original permissions on all of the files is okay.
Again, that is only if you are intending to use the sasldb2 file. It
is a nice simple fallback. But most schemes use other access control
methods.
Bob
Thanks for all your help everyone. I actually found the answer in an
email from about a year ago. Thank you to google. Apparently saslauthd
on Ubuntu runs chrooted while postfix does not. In order to make things
work I had to establish a symbolic link in
/var/spool/postfix/var/run/saslauthd to /var/run/sadlauthd and that
solved the trouble.
Cheers,
--Curtis
