[Dovecot] Problem with Dovecot SASL in Postfix

12 Jul 2007


      Ok lets try this again...
I'm trying to configure my postfix server to use Dovecot as an SASL
server and running into some problems. My server supports a couple of
domain, I have multiple user/password files for multiple domains to
make the files a little easier to manage. Not sure if this question
should belong in the dovecot mailing list or the postfix one, but here
goes anyway. I have everything configured to use CRAM-MD5
authentication, including my mail client.
Here is the Dovecot -n output:
mail# dovecot -n
# /usr/local/etc/dovecot.conf
log_path: /var/log/dovecot
info_log_path: /var/log/dovecot.info
protocols: imap pop3
ssl_disable: yes
disable_plaintext_auth: no
login_dir: /var/run/dovecot/login
login_executable(default): /usr/local/libexec/dovecot/imap-login
login_executable(imap): /usr/local/libexec/dovecot/imap-login
login_executable(pop3): /usr/local/libexec/dovecot/pop3-login
verbose_proctitle: yes
first_valid_gid: 0
mail_extra_groups: mail
mail_location: maildir:/home/vmail/%d/%n
mail_executable(default): /usr/local/libexec/dovecot/imap
mail_executable(imap): /usr/local/libexec/dovecot/imap
mail_executable(pop3): /usr/local/libexec/dovecot/pop3
mail_plugin_dir(default): /usr/local/lib/dovecot/imap
mail_plugin_dir(imap): /usr/local/lib/dovecot/imap
mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3
imap_client_workarounds(default): delay-newmail outlook-idle
netscape-eoh tb-extra-mailbox-sep
imap_client_workarounds(imap): delay-newmail outlook-idle netscape-eoh
tb-extra-mailbox-sep
imap_client_workarounds(pop3): outlook-idle
pop3_uidl_format(default):
pop3_uidl_format(imap):
pop3_uidl_format(pop3): %08Xu%08Xv
pop3_client_workarounds(default):
pop3_client_workarounds(imap):
pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh
auth default:
mechanisms: plain cram-md5
passdb:
driver: passwd-file
args: /usr/local/etc/dovecot/%d/passwd
userdb:
driver: passwd-file
args: /usr/local/etc/dovecot/%d/passwd
socket:
type: listen
client:
path: /var/spool/postfix/private/auth
mode: 432
user: postfix
group: postfix
master:
heres a sample line from one of the passwd files:
chrism:{CRAM-MD5}a67a65704086a046b3f875d1eaac8cb5c6fd13406507fead30d9bcb1bf82b:1003:1003::/home/vmail/example.com
and to login through SASL I am trying to use the username
chrism@example.com when I use the full email address like this to
login like this I get this output into my postfix log:
Jul 10 18:46:59 mail postfix/smtpd[57343]: connect from unknown[12.244.148.123]
Jul 10 18:46:59 mail postfix/smtpd[57343]: NOQUEUE: reject: RCPT from
unknown[12.244.148.123]: 554 5.7.1 <chrism@gmail.com>: Relay access
denied; from=<chrism@example.com> to=<chrism@gmail.com> proto=ESMTP
helo=<[192.168.1.14]>
Jul 10 18:47:00 mail postfix/smtpd[57343]: disconnect from
unknown[12.244.148.123]
(not actually using example.com but I changed it here)
heres my smtpd_recipient_restricitons from postconf
smtpd_recipient_restrictions = permit_mynetworks,
reject_unauth_destination, permit_sasl_authenticated
so when I use the full user name (chrism@example.com) it doesn't
appear to even attempt logging into the sasl server. If I change it to
simply chrism, heres the output:
Jul 10 18:50:36 mail postfix/smtpd[57356]: connect from unknown[12.244.148.123]
Jul 10 18:50:38 mail postfix/smtpd[57356]: warning:
unknown[12.244.148.123]: SASL CRAM-MD5 authentication failed:
PDI3NjU4MTE4NDExMTQzN0BtYWlsPg==
Jul 10 18:50:39 mail postfix/smtpd[57356]: lost connection after AUTH
from unknown[12.244.148.123]
Jul 10 18:50:39 mail postfix/smtpd[57356]: disconnect from
unknown[12.244.148.123]
if I put my user name in as chrism and don't add the @example.com it
tried to login but it can't login.
anyone have any ideas?

Chris McMacken

Timo Sirainen

Chris McMacken

tags

participants (2)