 |
| Prev-20 | Home | Next-20 |
| Prev-20 | Home | Next-20 |
| Prev-Msg | Prev-Thread | Postfix-users | May-2007 | Next-Thread | Next-Msg |
| Subject: | [Re: sasl problem] |
| Group: | Postfix-users |
| From: | Göran Höglund |
| Date: | 16 May 2007 |
Andreas Winkelmann skrev:
> On Monday 14 May 2007 20:38, Göran Höglund wrote:
>
>> I have problem to see what is wrong with my sasl install.
>> I get errors in my maillog when I try to connect locally:
>> May 14 06:34:31 apollo postfix/smtpd[28368]: [ID 197553 mail.info]
>> connection established
>> May 14 06:34:31 apollo postfix/smtpd[28368]: [ID 197553 mail.info]
>> master_notify: status 0
>> May 14 06:34:31 apollo postfix/smtpd[28368]: [ID 197553 mail.info]
>> name_mask: resource
>> May 14 06:34:31 apollo postfix/smtpd[28368]: [ID 197553 mail.info]
>> name_mask: software
>> May 14 06:34:31 apollo postfix/smtpd[28368]: [ID 197553 mail.info]
>> xsasl_cyrus_server_create: SASL service=smtp, realm=telemar.se
>> May 14 06:34:31 apollo postfix/smtpd[28368]: [ID 197553 mail.info]
>> name_mask: noanonymous
>> May 14 06:34:31 apollo postfix/smtpd[28368]: [ID 947731 mail.warning]
>> warning: xsasl_cyrus_server_get_mechanism_list: no applicable SASL
>> mechanisms
>
> Found/Installed Cyrus-SASL Plugins matched with (smtpd_sasl_security_options
> and mech_list in smtpd.conf) results in a count of zero.
>
>> May 14 06:34:31 apollo postfix/smtpd[28368]: [ID 947731 mail.crit]
>> fatal: no SASL authentication mechanisms
>> May 14 06:34:32 apollo postfix/master[275]: [ID 947731 mail.warning]
>> warning: process /usr/libexec/postfix/smtpd pid 28368 exit status 1
>> May 14 06:34:32 apollo postfix/master[275]: [ID 947731 mail.warning]
>> warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
>>
>> My postconf -n:
>> broken_sasl_auth_clients = yes
>> command_directory = /usr/sbin
>> config_directory = /etc/postfix
>> daemon_directory = /usr/libexec/postfix
>> debug_peer_level = 2
>> html_directory = no
>> inet_interfaces = all
>> local_transport = maildrop
>> mail_owner = postfix
>> mailq_path = /usr/bin/mailq
>> manpage_directory = /usr/local/man
>> mydestination = $myhostname, localhost.$mydomain, localhost
>> mydomain = telemar.se
>> myhostname = apollo.telemar.se
>> mynetworks = 172.16.0.0/24, 172.16.1.0/24, 172.16.254.0/24, 127.0.0.0/8
>> newaliases_path = /usr/bin/newaliases
>> queue_directory = /var/spool/postfix
>> readme_directory = /etc/postfix/readme
>> sample_directory = /etc/postfix
>> sendmail_path = /usr/lib/sendmail
>> setgid_group = postdrop
>> smtpd_recipient_restrictions = permit_mynetworks,
>> permit_sasl_authenticated, reject_unauth_destination
>> smtpd_sasl_auth_enable = yes
>> smtpd_sasl_authenticated_header = yes
>> smtpd_sasl_local_domain = telemar.se
>> smtpd_sasl_path = smtpd
>> smtpd_sasl_security_options = noanonymous
>> unknown_local_recipient_reject_code = 550
>> virtual_alias_maps = mysql:/etc/postfix/sql/virtual_alias_maps.cf
>> virtual_gid_maps = mysql:/etc/postfix/sql/virtual_gid_maps.cf
>> virtual_mailbox_domains = mysql:/etc/postfix/sql/virtual_mailbox_domains.cf
>> virtual_mailbox_maps = mysql:/etc/postfix/sql/virtual_mailbox_recipients.cf
>> virtual_uid_maps = mysql:/etc/postfix/sql/virtual_uid_maps.cf
>>
>> Output from saslfinger:
>> saslfinger - postfix Cyrus sasl configuration Mon May 14 11:17:07 PDT 2007
>> version: 1.0.1
>> mode: server-side SMTP AUTH
>>
>> -- basics --
>> Postfix: 2.3.7
>> System: This is a PRIVATE computer system. All unauthorized use or
>> unauthorized access
>> is prohibited according to Swedish laws.
>> Your operations are logged.
>
> Which OS is this?
SUN Solaris 8
>
> Which Cyrus-SASL Version?
cyrus-sasl-2.1.22
>
> Architecture x64?
SPARC - Netra T1
>
> How did you install Postfix and Cyrus-SASL?
SASL:
$ ./configure --enable-login --enable-plain --disable-gssapi
--with-mysql=/usr/local/mysql/lib/mysql --without-pam
--without-saslauthd --without-pwcheck --with-dblib=berkeley
--with-bdb-libdir=/usr/local/BerkeleyDB/lib --with-bdb-incdir
/usr/local/BerkeleyDB/ --with-openssl=/usr/local/ssl
$ make
$ make install
$ ln -s /usr/local/lib/sasl2 /usr/lib/sasl2
$ libtool --finish /usr/lib/sasl2
postfix-2.3.7:
$ export LD_LIBRAY_PATH=
$ make makefiles 'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql
-DUSE_SASL_AUTH -I/usr/local/include/sasl'
'AUXLIBS=-L/usr/local/mysql/lib/mysql -lmysqlclient
-R/usr/local/mysql/lib/mysql -R/usr/local/lib -lz -lm -L/usr/local/lib
-lsasl2 -L/usr/lib -ldl -L/usr/local/lib'
$ make
$ make install
and so on
>
>> -- smtpd is linked to --
>
> Looks strange. Please show the Output of ldd/otool/whatever (depends on your
> OS) on your smtpd.
>
> # ldd /usr/libexec/postfix/smtpd
>
>> -- active SMTP AUTH and TLS parameters for smtpd --
>> broken_sasl_auth_clients = yes
>> smtpd_sasl_auth_enable = yes
>> smtpd_sasl_authenticated_header = yes
>> smtpd_sasl_local_domain = telemar.se
>> smtpd_sasl_path = smtpd
>> smtpd_sasl_security_options = noanonymous
>>
>>
>> -- listing of /usr/lib/sasl2 --
>> total 1220
>> drwxr-xr-x 2 root other 512 May 13 08:36 .
>> drwxr-xr-x 9 bin bin 2048 May 13 08:36 ..
>> -rw-r--r-- 1 root other 63514 May 13 08:36 libanonymous.a
>> -rwxr-xr-x 1 root other 670 May 13 08:36 libanonymous.la
>> -rw-r--r-- 1 root other 71720 May 13 08:36 libcrammd5.a
>> -rwxr-xr-x 1 root other 664 May 13 08:36 libcrammd5.la
>> -rw-r--r-- 1 root other 167582 May 13 08:36 libdigestmd5.a
>> -rwxr-xr-x 1 root other 703 May 13 08:36 libdigestmd5.la
>> -rw-r--r-- 1 root other 65508 May 13 08:36 liblogin.a
>> -rwxr-xr-x 1 root other 658 May 13 08:36 liblogin.la
>> -rw-r--r-- 1 root other 152484 May 13 08:36 libotp.a
>> -rwxr-xr-x 1 root other 661 May 13 08:36 libotp.la
>> -rw-r--r-- 1 root other 65876 May 13 08:36 libplain.a
>> -rwxr-xr-x 1 root other 658 May 13 08:36 libplain.la
>> -r-------- 1 postfix postfix 300 May 14 11:02 sample.conf
>> -r-------- 1 postfix postfix 300 May 14 11:02 smtpd.conf
>>
>> -- listing of /usr/local/lib/sasl2 --
>> total 1220
>> drwxr-xr-x 2 root other 512 May 13 08:36 .
>> drwxr-xr-x 9 bin bin 2048 May 13 08:36 ..
>> -rw-r--r-- 1 root other 63514 May 13 08:36 libanonymous.a
>> -rwxr-xr-x 1 root other 670 May 13 08:36 libanonymous.la
>> -rw-r--r-- 1 root other 71720 May 13 08:36 libcrammd5.a
>> -rwxr-xr-x 1 root other 664 May 13 08:36 libcrammd5.la
>> -rw-r--r-- 1 root other 167582 May 13 08:36 libdigestmd5.a
>> -rwxr-xr-x 1 root other 703 May 13 08:36 libdigestmd5.la
>> -rw-r--r-- 1 root other 65508 May 13 08:36 liblogin.a
>> -rwxr-xr-x 1 root other 658 May 13 08:36 liblogin.la
>> -rw-r--r-- 1 root other 152484 May 13 08:36 libotp.a
>> -rwxr-xr-x 1 root other 661 May 13 08:36 libotp.la
>> -rw-r--r-- 1 root other 65876 May 13 08:36 libplain.a
>> -rwxr-xr-x 1 root other 658 May 13 08:36 libplain.la
>> -r-------- 1 postfix postfix 300 May 14 11:02 sample.conf
>> -r-------- 1 postfix postfix 300 May 14 11:02 smtpd.conf
>>
>>
>>
>>
>> -- content of /usr/lib/sasl2/smtpd.conf --
>> # Global parameters
>> log_level: 3
>> pwcheck_method: auxprop
>> auxprop_plugin: sql
>> mech_list: plain login
>> sql_engine: mysql
>> sql_hostnames: localhost
>> sql_database: mail
>> sql_user: --- replaced ---
>> sql_passwd: --- replaced ---
>> sql_select: SELECT %p FROM virtual_users WHERE username = '%u' and
>> 'userrealm' '%r' and auth = '1'
>>
>> -- content of /usr/local/lib/sasl2/smtpd.conf --
>> # Global parameters
>> log_level: 3
>> pwcheck_method: auxprop
>> auxprop_plugin: sql
>> mech_list: plain login
>> sql_engine: mysql
>> sql_hostnames: localhost
>> sql_database: mail
>> sql_user: --- replaced ---
>> sql_passwd: --- replaced ---
>> sql_select: SELECT %p FROM virtual_users WHERE username = '%u' and
>> 'userrealm' '%r' and auth = '1'
>>
>>
>> -- active services in /etc/postfix/master.cf --
>> # service type private unpriv chroot wakeup maxproc command + args
>> # (yes) (yes) (yes) (never) (100)
>> smtp inet n - n - - smtpd -v
>> pickup fifo n - n 60 1 pickup
>> cleanup unix n - n - 0 cleanup
>> qmgr fifo n - n 300 1 qmgr
>> tlsmgr unix - - n 1000? 1 tlsmgr
>> rewrite unix - - n - - trivial-rewrite
>> bounce unix - - n - 0 bounce
>> defer unix - - n - 0 bounce
>> trace unix - - n - 0 bounce
>> verify unix - - n - 1 verify
>> flush unix n - n 1000? 0 flush
>> proxymap unix - - n - - proxymap
>> smtp unix - - n - - smtp
>> relay unix - - n - - smtp
>> -o fallback_relay=
>> showq unix n - n - - showq
>> error unix - - n - - error
>> discard unix - - n - - discard
>> local unix - n n - - local
>> virtual unix - n n - - virtual
>> lmtp unix - - n - - lmtp
>> anvil unix - - n - 1 anvil
>> scache unix - - n - 1 scache
>> maildrop unix - n n - - pipe
>> flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
>> old-cyrus unix - n n - - pipe
>> flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
>> cyrus unix - n n - - pipe
>> user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension}
>> ${user}
>> uucp unix - n n - - pipe
>> flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
>> ($recipient)
>> ifmail unix - n n - - pipe
>> flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
>> bsmtp unix - n n - - pipe
>> flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop
>> $recipient
>>
>> -- mechanisms on localhost --
>>
>> -- end of saslfinger output --
>>
>>
>>
>>
>> My virtual_users table:
>> +-----------------+------------------+------+-----+------------+-----------
>> -----+
>>
>> | Field | Type | Null | Key | Default | Extra
>>
>> +-----------------+------------------+------+-----+------------+-----------
>> -----+
>>
>> | id | int(11) unsigned | NO | PRI | |
>>
>> auto_increment |
>>
>> | username | varchar(255) | NO | | 0 | |
>> | userrealm | varchar(255) | NO | | telemar.se | |
>> | userpassword | varchar(255) | NO | | 1stP@aa | |
>> | auth | tinyint(1) | YES | | 1 | |
>> | active | tinyint(1) | YES | | 1 | |
>> | email | varchar(255) | NO | MUL | | |
>> | virtual_uid | smallint(5) | YES | | 1000 | |
>> | virtual_gid | smallint(5) | YES | | 1000 | |
>> | virtual_mailbox | varchar(255) | YES | | | |
>>
>> +-----------------+------------------+------+-----+------------+-----------
>> -----+
>
| Prev-Msg | Prev-Thread | Postfix-users | May-2007 | Next-Thread | Next-Msg |