PDA

View Full Version : How to get SMTP Auth working Postfix on Fedora Core 4???



objec
1st September 2005, 09:18 AM
I am trying to get SMTP Auth working with Postfix on Fedora Core 4. I've read and tried many, many howto's on the topic and spent quite a bit of time on google trying to get this to work...but nothing seams to work.

I have a new clean install of Fedora Core 4. I'm using Postfix and SASL, both the versions included with the distro (or later if updated through yum).

I want to use my unix user/passwords for SMTP Auth.

Here are the relevant config files:

/usr/lib/sasl2/smtpd.conf (permisssions are 777):
pwcheck_method:saslauthd
mech_list: plain login

/etc/postfix/main.cf has these additions:
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname (there is/was a bug with this, so i've also tried it with nothing defined)
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions =
permit_sasl_authenticated,
permit_mynetworks,
check_relay_domains


When I startup saslauthd, have tried -a getpwent and -a shadow

Here's the verbose log output (de-sensitived of course):

Sep 1 02:54:34 mybox postfix/smtpd[32013]: connection established
Sep 1 02:54:34 mybox postfix/smtpd[32013]: master_notify: status 0
Sep 1 02:54:34 mybox postfix/smtpd[32013]: name_mask: resource
Sep 1 02:54:34 mybox postfix/smtpd[32013]: name_mask: software
Sep 1 02:54:34 mybox postfix/smtpd[32013]: name_mask: noanonymous
Sep 1 02:54:34 mybox postfix/smtpd[32013]: connect from unknown[192.168.40.100]
Sep 1 02:54:34 mybox postfix/smtpd[32013]: match_list_match: unknown: no match
Sep 1 02:54:34 mybox postfix/smtpd[32013]: match_list_match: 192.168.40.100: no match
Sep 1 02:54:34 mybox postfix/smtpd[32013]: match_list_match: unknown: no match
Sep 1 02:54:34 mybox postfix/smtpd[32013]: match_list_match: 192.168.40.100: no match
Sep 1 02:54:34 mybox postfix/smtpd[32013]: match_hostname: unknown ~? 127.0.0.0/8
Sep 1 02:54:34 mybox postfix/smtpd[32013]: match_hostaddr: 192.168.40.100 ~? 127.0.0.0/8
Sep 1 02:54:34 mybox postfix/smtpd[32013]: match_hostname: unknown ~? 192.168.40.0/24
Sep 1 02:54:34 mybox postfix/smtpd[32013]: match_hostaddr: 192.168.40.100 ~? 192.168.40.0/24
Sep 1 02:54:34 mybox postfix/smtpd[32013]: > unknown[192.168.40.100]: 220 mail.mydomain.com ESMTP Postfix
Sep 1 02:54:34 mybox postfix/smtpd[32013]: < unknown[192.168.40.100]: EHLO [192.168.40.100]
Sep 1 02:54:34 mybox postfix/smtpd[32013]: > unknown[192.168.40.100]: 250-mail.mydomain.com
Sep 1 02:54:34 mybox postfix/smtpd[32013]: > unknown[192.168.40.100]: 250-PIPELINING
Sep 1 02:54:34 mybox postfix/smtpd[32013]: > unknown[192.168.40.100]: 250-SIZE 10240000
Sep 1 02:54:34 mybox postfix/smtpd[32013]: > unknown[192.168.40.100]: 250-VRFY
Sep 1 02:54:34 mybox postfix/smtpd[32013]: > unknown[192.168.40.100]: 250-ETRN
Sep 1 02:54:34 mybox postfix/smtpd[32013]: > unknown[192.168.40.100]: 250-AUTH LOGIN PLAIN
Sep 1 02:54:34 mybox postfix/smtpd[32013]: match_list_match: unknown: no match
Sep 1 02:54:34 mybox postfix/smtpd[32013]: match_list_match: 192.168.40.100: no match
Sep 1 02:54:34 mybox postfix/smtpd[32013]: > unknown[192.168.40.100]: 250-AUTH=LOGIN PLAIN
Sep 1 02:54:34 mybox postfix/smtpd[32013]: > unknown[192.168.40.100]: 250 8BITMIME
Sep 1 02:54:34 mybox postfix/smtpd[32013]: < unknown[192.168.40.100]: AUTH PLAIN <removed>
Sep 1 02:54:34 mybox postfix/smtpd[32013]: smtpd_sasl_authenticate: sasl_method PLAIN, init_response <removed>
Sep 1 02:54:34 mybox postfix/smtpd[32013]: smtpd_sasl_authenticate: decoded initial response
Sep 1 02:54:34 mybox postfix/smtpd[32013]: warning: SASL authentication failure: Password verification failed
Sep 1 02:54:34 mybox postfix/smtpd[32013]: warning: unknown[192.168.40.100]: SASL PLAIN authentication failed
Sep 1 02:54:34 mybox postfix/smtpd[32013]: > unknown[192.168.40.100]: 535 Error: authentication failed
Sep 1 02:54:34 mybox postfix/smtpd[32013]: smtp_get: EOF
Sep 1 02:54:34 mybox postfix/smtpd[32013]: match_hostname: unknown ~? 127.0.0.0/8
Sep 1 02:54:34 mybox postfix/smtpd[32013]: match_hostaddr: 192.168.40.100 ~? 127.0.0.0/8
Sep 1 02:54:34 mybox postfix/smtpd[32013]: match_hostname: unknown ~? 192.168.40.0/24
Sep 1 02:54:34 mybox postfix/smtpd[32013]: match_hostaddr: 192.168.40.100 ~? 192.168.40.0/24
Sep 1 02:54:34 mybox postfix/smtpd[32013]: lost connection after AUTH from unknown[192.168.40.100]
Sep 1 02:54:34 mybox postfix/smtpd[32013]: disconnect from unknown[192.168.40.100]
Sep 1 02:54:34 mybox postfix/smtpd[32013]: master_notify: status 1
Sep 1 02:54:34 mybox postfix/smtpd[32013]: connection closed


Can anyone point me in the right direction on how to solve this?

corsair2056
1st September 2005, 06:55 PM
This is how it works for me:

- /usr/lib/sasl2/smtpd.conf
pwcheck_method:saslauthd

- /etc/postfix/main.cf
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
smtpd_recipient_restrictions = permit_sasl_authenticated, reject_unauth_destination

In your configuration, the lines below "smtpd_recipient_restrictions =" should begin with a white space or tab so that they are considered as the actual recipient restrictions. In the way you have written them in your message they are considered as postfix options and not as smtpd restrictions.
Moreover, if I remember well the recipient restriction "check_relay_domains" is valid for older versions of postfix. You should use "reject_unauth_destination" instead. Hope these help.