 |
| Prev-20 | Home | Next-20 |
| Prev-20 | Home | Next-20 |
| Prev-Msg | Prev-Thread | Postfix-users | Sep-2007 | Next-Thread | Next-Msg |
| Subject: | another authentication failure( with sasl) |
| Group: | Postfix-users |
| From: | Alessia Moretti |
| Date: | 20 Sep 2007 |
From: mouss <mlist.only>
Date: Sep 20, 2007 11:54 AM
Subject: Re: another authentication failure( with sasl)
To: alemim
Alessia Moretti wrote:
> Thanks
You should post to the list. you'll get more feedback, more eyes to spot
problems and more information from people who know better than me. I
can't forward your email, but I encourage you to followup on the list,
and either repost your mails or reply to this one without remmoving its
content (note that I munged your domain and IP).
PS. use the text button in gmail to avoid wrong html-ization.
> here the output of
> postconf -n
>
> [snip]
> smtp_tls_note_starttls_offer = yes
> smtp_use_tls = yes
> smtpd_recipient_restrictions = permit_sasl_authenticated,
> permit_mynetworks, reject_unauth_destination
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_local_domain = $mydestination
> smtpd_sasl_security_options = noanonymous
> smtpd_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
> smtpd_tls_cert_file = /etc/pki/tls/certs/localhost.crt
> smtpd_tls_key_file = /etc/pki/tls/private/localhost.key
so you have the files defined in your main.cf, but the logs show a: no
such file or directory. do these files exist?
> smtpd_tls_loglevel = 1
> smtpd_tls_session_cache_timeout = 3600s
> smtpd_use_tls = yes
> [snip]
>
> here is /var/log/maillog
>
> [snip]
> Sep 20 10:26:47 mail postfix/smtpd[4613]: warning: cannot get
> certificate from file /etc/pki/tls/certs/localhost.crt
> Sep 20 10:26:47 mail postfix/smtpd[4613]: warning: TLS library problem:
> 4613:error:02001002:system library:fopen:No such file or
> directory:bss_file.c:352:fopen('/etc/pki/tls/certs/localhost.crt','r'):
> Sep 20 10:26:47 mail postfix/smtpd[4613]: warning: TLS library problem:
> 4613:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:354:
> Sep 20 10:26:47 mail postfix/smtpd[4613]: warning: TLS library problem:
> 4613:error:140DC002:SSL
> routines:SSL_CTX_use_certificate_chain_file:system lib:ssl_rsa.c:720:
> Sep 20 10:26:47 mail postfix/smtpd[4613]: cannot load RSA certificate
> and key data
> Sep 20 10:26:47 mail postfix/smtpd[4613]: connect from
> mail.example.com[10.1.2.3]
> Sep 20 10:27:20 mail postfix/smtpd[4613]: warning: SASL authentication
> failure: Password verification failed
> Sep 20 10:27:20 mail postfix/smtpd[4613]: warning:mail.
> example.com[10.1.2.3]: SASL PLAIN
> authentication failed: authentication failure
> [snip]
> Here is the output of saslfinger -c
>
> saslfinger - postfix Cyrus sasl configuration Thu Sep 20 11:04:49
CEST > 2007
> version: 1.0.2
> mode: client-side SMTP AUTH
>
> -- basics --
> Postfix: 2.3.3
> System: CentOS release 5 (Final)
>
> -- smtp is linked to --
> libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x00c32000)
>
> -- active SMTP AUTH and TLS parameters for smtp --
> smtp_tls_note_starttls_offer = yes
> smtp_use_tls = yes
>
>
> -- listing of /usr/lib/sasl --
> total 68
> drwxr-xr-x 2 root root 4096 Sep 17 09:36 .
> drwxr-xr-x 114 root root 53248 Sep 19 10:28 ..
> -rw-r--r-- 1 root root 47 Sep 17 09:31 smtpd.conf
>
> -- listing of /usr/lib/sasl2 --
> total 3288
> drwxr-xr-x 2 root root 4096 Sep 20 10:20 .
> drwxr-xr-x 114 root root 53248 Sep 19 10:28 ..
> -rwxr-xr-x 1 root root 884 Jan 7 2007 libanonymous.la
> <http://libanonymous.la>
> -rwxr-xr-x 1 root root 14372 Jan 7 2007 libanonymous.so
> -rwxr-xr-x 1 root root 14372 Jan 7 2007 libanonymous.so.2
> -rwxr-xr-x 1 root root 14372 Jan 7 2007 libanonymous.so.2.0.22
> -rwxr-xr-x 1 root root 870 Jan 7 2007 libcrammd5.la
> <http://libcrammd5.la>
> -rwxr-xr-x 1 root root 16832 Jan 7 2007 libcrammd5.so
> -rwxr-xr-x 1 root root 16832 Jan 7 2007 libcrammd5.so.2
> -rwxr-xr-x 1 root root 16832 Jan 7 2007 libcrammd5.so.2.0.22
> -rwxr-xr-x 1 root root 893 Jan 7 2007 libdigestmd5.la
> <http://libdigestmd5.la>
> -rwxr-xr-x 1 root root 47204 Jan 7 2007 libdigestmd5.so
> -rwxr-xr-x 1 root root 47204 Jan 7 2007 libdigestmd5.so.2
> -rwxr-xr-x 1 root root 47204 Jan 7 2007 libdigestmd5.so.2.0.22
> -rwxr-xr-x 1 root root 856 Jan 7 2007 liblogin.la
> <http://liblogin.la>
> -rwxr-xr-x 1 root root 14752 Jan 7 2007 liblogin.so
> -rwxr-xr-x 1 root root 14752 Jan 7 2007 liblogin.so.2
> -rwxr-xr-x 1 root root 14752 Jan 7 2007 liblogin.so.2.0.22
> -rwxr-xr-x 1 root root 856 Jan 7 2007 libplain.la
> <http://libplain.la>
> -rwxr-xr-x 1 root root 14848 Jan 7 2007 libplain.so
> -rwxr-xr-x 1 root root 14848 Jan 7 2007 libplain.so.2
> -rwxr-xr-x 1 root root 14848 Jan 7 2007 libplain.so.2.0.22
> -rwxr-xr-x 1 root root 930 Jan 7 2007 libsasldb.la
> <http://libsasldb.la>
> -rwxr-xr-x 1 root root 905200 Jan 7 2007 libsasldb.so
> -rwxr-xr-x 1 root root 905200 Jan 7 2007 libsasldb.so.2
> -rwxr-xr-x 1 root root 905200 Jan 7 2007 libsasldb.so.2.0.22
> -rwxr-xr-x 1 root root 878 Jan 7 2007 libsql.la <http://libsql.la>
> -rwxr-xr-x 1 root root 23084 Jan 7 2007 libsql.so
> -rwxr-xr-x 1 root root 23084 Jan 7 2007 libsql.so.2
> -rwxr-xr-x 1 root root 23084 Jan 7 2007 libsql.so.2.0.22
> -rw-r--r-- 1 root root 25 Mar 15 2007 Sendmail.conf
> -rw-r--r-- 1 root root 269 Sep 20 10:20 smtpd.conf
>
> -- listing of /etc/sasl2 --
> total 24
> drwxr-xr-x 2 root root 4096 Jan 7 2007 .
> drwxr-xr-x 100 root root 12288 Sep 20 10:23 ..
>
>
> Cannot find the smtp_sasl_password_maps parameter in main.cf
> <http://main.cf>.
> Client-side SMTP AUTH cannot work without this parameter!
| Prev-Msg | Prev-Thread | Postfix-users | Sep-2007 | Next-Thread | Next-Msg |