HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   HOWTO-Related Questions (http://www.howtoforge.com/forums/forumdisplay.php?f=2)
-   -   Virtual Users And Domains With Postfix, Courier, MySQL...Ubuntu 8.04 (http://www.howtoforge.com/forums/showthread.php?t=24181)

glennv 13th June 2008 18:01
Virtual Users And Domains With Postfix, Courier, MySQL...Ubuntu 8.04
 
I've followed this tuturial step by step.. and everything has worked fine until I shall test smtp.
I try to telnet to port 25 -> connect's ..but get's disconnected afer 1 sec ..and reason according to logs is this.

Code:
warning: xsasl_cyrus_server_get_mechanism_list: no applicable SASL
fatal: no SASL authentication mechanisms
I've googled and banged my head against the wall for 7-8 hours now .. without solving it.

To me it looks like saslauthd dont find it's login mechanism.. and acording to some other forums this is solved by adding those libs ..

But what I can se both libplain and liblogin is pressent in /usr/lib/sasl2/
wich is the ones I list (And they offcause should be there since I've installed all packs according to tuto.) in /etc/postfix/sasl/smtpd.conf



Code:
pwcheck_method: saslauthd
mech_list: plain login
allow_plaintext: true
auxprop_plugin: mysql
sql_hostnames: 127.0.0.1
sql_user: mail_admin
sql_passwd: mypassw
sql_database: mail
sql_select: select password from users where email = '%u'
So. how do I find out what it is that fails ..??
What coud it be that results in the above error log.??

And I'm as sure as I can be that all config-files are exactly as the tuto says.
If I've done something wrong .. what can it be??
Please help me! I'l be gratefull forever!!

Iv'e narowed it down some I think . but still not able to find the solution
I found that I could test saslauthd by running
Code:
testsaslauthd -u user -p pass  -s smtp
ressult of that is
Connect() : No such file or directory
bit if I add this
Code:
testsaslauthd -u user -p pass -f /var/spool/postfix/var/run/saslauthd/mux -s smtp
It actualy works .. it says ok if I use correct user/password from the db and tels me auth fails if I use wrong password

I have myselfe no clue why it is like this .. can I ad dthat info somewhere in the configfiles so postfix can comunicate with it or am I on the wrong track here.

glennv 14th June 2008 00:51
Solved
 
As I suspected postfix trying to find the socket to communicate with saslauthd in /var/run .. I cannot understand why since every where I look (even in comment in /etc/default/saslauthd )It says that postfix will use /var/spool/postfix and so on.. but by testing with testsaslauthd I guest that postfix dont look where its supposed to . acording to every forum on internet.. :(

So I searched if there was a way to tell where it shall look and
found that I could add

smtpd_sasl_path = var/run/saslauthd
to main.cf

And that solved the whole thing.

Well I glad to find this .. but .. can annyone tell me why my postfix/sasl aint act like it's supposed to. I realy want to know why this happend .. or else the tuto might has an error (should maybe has that line included)

thecaoticone 14th June 2008 10:43
I have been using Falko's Postfix guides since the 6.06 LTS writing and never had a problem with SASL, outside of a small typo on my part.


What is in your /etc/default/saslauthd?

glennv 14th June 2008 10:57
My /etc/default/
 
I hope it's just something simple .. I've typed wrong ..
I'm just not the man to find it :(

Hop you can help me.

here it is

Code:
#
# Settings for saslauthd daemon
# Please read /usr/share/doc/sasl2-bin/README.Debian for details.
#

# Should saslauthd run automatically on startup? (default: no)
START=yes

# Description of this saslauthd instance. Recommended.
# (suggestion: SASL Authentication Daemon)
DESC="SASL Authentication Daemon"

# Short name of this saslauthd instance. Strongly recommended.
# (suggestion: saslauthd)
NAME="saslauthd"

# Which authentication mechanisms should saslauthd use? (default: pam)
#
# Available options in this Debian package:
# getpwent  -- use the getpwent() library function
# kerberos5 -- use Kerberos 5
# pam      -- use PAM
# rimap    -- use a remote IMAP server
# shadow    -- use the local shadow password file
# sasldb    -- use the local sasldb database file
# ldap      -- use LDAP (configuration is in /etc/saslauthd.conf)
#
# Only one option may be used at a time. See the saslauthd man page
# for more information.
#
# Example: MECHANISMS="pam"
MECHANISMS="pam"

# Additional options for this mechanism. (default: none)
# See the saslauthd man page for information about mech-specific options.
MECH_OPTIONS=""

# How many saslauthd processes should we run? (default: 5)
# A value of 0 will fork a new process for each connection.
THREADS=5

# Other options (default: -c -m /var/run/saslauthd)
# Note: You MUST specify the -m option or saslauthd won't run!
#
# See /usr/share/doc/sasl2-bin/README.Debian for Debian-specific information.
# See the saslauthd man page for general information about these options.
#
# Example for postfix users: "-c -m /var/spool/postfix/var/run/saslauthd"
# orginal
# OPTIONS="-c -m /var/run/saslauthd"

# edit enligt tutorial
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"

thecaoticone 14th June 2008 11:44
That part looks fine, no errors that I see.

Did you do:

Code:
/etc/init.d/saslauthd restart
If you did, then you have me baffled on this one.

Below is my main.cf file. As you can see I did not have to add anything other than what the guide called for. (The SPAM settings are the only thing extra.)


Code:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = /usr/share/doc/postfix

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = mail.domain.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = mail.domain.com, localhost, localhost.localdomain
relayhost =
mynetworks = 127.0.0.0/8
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
html_directory = /usr/share/doc/postfix/html
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /home/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
virtual_create_maildirsize = yes
virtual_maildir_extended = yes
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = "The user you are trying to reach is over quota."
virtual_overquota_bounce = yes
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps    $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps    $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings


##SPAM Settings


smtpd_recipient_restrictions =
  reject_unauth_pipelining,
  reject_non_fqdn_recipient,
  reject_unknown_recipient_domain,
  reject_rbl_client bl.spamcop.net,
  reject_rbl_client zen.spamhaus.org,
  reject_rbl_client dnsbl-1.uceprotect.net
  reject_rbl_client cbl.abuseat.org


smtpd_sender_restrictions =
    permit_sasl_authenticated,
    permit_mynetworks,
    permit


smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_helo_restrictions =
    permit_mynetworks,
    permit

glennv 14th June 2008 11:54
Restarted
 
Oh I restarted alright .. all services an even the mashine.. menny times :)

And . just like you . I've followed the tutorial verry close.. my main.cf is just like yours ..except .. spamsettings in the bottom .. and now even the path to sasl as I described.

Well well .. if you or annyone can understand why I have to use this.. extra param to get it working .. please let me know.


All times are GMT +2. The time now is 09:53.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.