[Dovecot] Postfix and Dovecot SASL
Hello all,
I am struggeling to get my Dovecot SASL to work within postfix. I have used the configuration example listed on the main-site of dovecot and it basically isn't giving me any success at all. I am probably missing something easy, but after spending a few days testing and walking through everything I could think about I thought figured it was better to ask :) Hope someone can point me to the right direction.
My setup is that I have installed Ubuntu 9.04 (64bit), postfix and dovecot linked to a MySQL database. The services are using maildirs which are stored locally (no NFS). Postfix is using the LDA from dovecot to deliver the mail and dovecot is used for IMAP and POP3. This is working and no problems at all so far. The problem starts when I just want to enable the SASL authentication from Dovecot. I used the 'guide' posted on http://wiki.dovecot.org/HowTo/PostfixAndDovecotSASL
When I try to telnet to port 25 (smtp) than I doesn't looks like the SASL is working... 220 mail003 ESMTP Postfix (Ubuntu) ehlo localhost 250-mail003 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN
Anything I missed in my configuration from either postfix/dovecot? root@mail003:/etc/postfix# dovecot --version 1.1.11 root@mail003:~# dpkg-query -l postfix +++-==============-==============-============================================ ii postfix 2.5.5-1.1 High-performance mail transport agent
Here are my configurations of both: root@mail003:/etc/postfix# dovecot -n # 1.1.11: /etc/dovecot/dovecot.conf # OS: Linux 2.6.28-16-server x86_64 Ubuntu 9.04 ext4 log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap pop3 imaps pop3s managesieve ssl_cert_file: /etc/ssl/certs/ssl-mail.pem ssl_key_file: /etc/ssl/private/ssl-mail.key ssl_cipher_list: ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(pop3): /usr/lib/dovecot/pop3-login login_executable(managesieve): /usr/lib/dovecot/managesieve-login login_greeting_capability(default): yes login_greeting_capability(imap): yes login_greeting_capability(pop3): no login_greeting_capability(managesieve): no mail_max_userip_connections(default): 10 mail_max_userip_connections(imap): 10 mail_max_userip_connections(pop3): 3 mail_max_userip_connections(managesieve): 10 mail_privileged_group: mail mail_uid: 5000 mail_gid: 5000 mail_location: maildir:/home/vmail/%d/%n/.Maildir mail_executable(default): /usr/lib/dovecot/imap mail_executable(imap): /usr/lib/dovecot/imap mail_executable(pop3): /usr/lib/dovecot/pop3 mail_executable(managesieve): /usr/lib/dovecot/managesieve mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 mail_plugin_dir(managesieve): /usr/lib/dovecot/modules/managesieve imap_client_workarounds(default): outlook-idle delay-newmail imap_client_workarounds(imap): outlook-idle delay-newmail imap_client_workarounds(pop3): imap_client_workarounds(managesieve): pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh pop3_client_workarounds(managesieve): sieve_storage(default): sieve_storage(imap): sieve_storage(pop3): sieve_storage(managesieve): ~/sieve sieve(default): sieve(imap): sieve(pop3): sieve(managesieve): ~/.dovecot.sieve auth default: mechanisms: plain login passdb: driver: sql args: /etc/dovecot/dovecot-sql.conf userdb: driver: sql args: /etc/dovecot/dovecot-sql.conf socket: type: listen client: path: /var/spool/postfix/private/dovecot-auth mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/auth-master mode: 384 user: vmail group: vmail
root@mail003:/etc/postfix# postconf | grep sasl broken_sasl_auth_clients = yes cyrus_sasl_config_path = lmtp_sasl_auth_cache_name = lmtp_sasl_auth_cache_time = 90d lmtp_sasl_auth_enable = no lmtp_sasl_auth_soft_bounce = yes lmtp_sasl_mechanism_filter = lmtp_sasl_password_maps = lmtp_sasl_path = lmtp_sasl_security_options = noplaintext, noanonymous lmtp_sasl_tls_security_options = $lmtp_sasl_security_options lmtp_sasl_tls_verified_security_options = $lmtp_sasl_tls_security_options lmtp_sasl_type = cyrus proxy_write_maps = $smtp_sasl_auth_cache_name $lmtp_sasl_auth_cache_name send_cyrus_sasl_authzid = no smtp_sasl_auth_cache_name = smtp_sasl_auth_cache_time = 90d smtp_sasl_auth_enable = no smtp_sasl_auth_soft_bounce = yes smtp_sasl_mechanism_filter = smtp_sasl_password_maps = smtp_sasl_path = smtp_sasl_security_options = noplaintext, noanonymous smtp_sasl_tls_security_options = $smtp_sasl_security_options smtp_sasl_tls_verified_security_options = $smtp_sasl_tls_security_options smtp_sasl_type = cyrus smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_exceptions_networks = smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/dovecot-auth smtpd_sasl_security_options = noanonymous smtpd_sasl_tls_security_options = $smtpd_sasl_security_options smtpd_sasl_type = dovecot
Any ideas? Thanks for the response.
- Rene
On Wed, 11 Nov 2009 15:45:33 +0100 Rene Bakkum rene.bakkum@gmail.com replied:
Hello all,
I am struggeling to get my Dovecot SASL to work within postfix. I have used the configuration example listed on the main-site of dovecot and it basically isn't giving me any success at all. I am probably missing something easy, but after spending a few days testing and walking through everything I could think about I thought figured it was better to ask :) Hope someone can point me to the right direction.
My setup is that I have installed Ubuntu 9.04 (64bit), postfix and dovecot linked to a MySQL database. The services are using maildirs which are stored locally (no NFS). Postfix is using the LDA from dovecot to deliver the mail and dovecot is used for IMAP and POP3. This is working and no problems at all so far. The problem starts when I just want to enable the SASL authentication from Dovecot. I used the 'guide' posted on http://wiki.dovecot.org/HowTo/PostfixAndDovecotSASL
When I try to telnet to port 25 (smtp) than I doesn't looks like the SASL is working... 220 mail003 ESMTP Postfix (Ubuntu) ehlo localhost 250-mail003 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN
Anything I missed in my configuration from either postfix/dovecot? root@mail003:/etc/postfix# dovecot --version 1.1.11 root@mail003:~# dpkg-query -l postfix +++-==============-==============-============================================ ii postfix 2.5.5-1.1 High-performance mail transport agent
Here are my configurations of both: root@mail003:/etc/postfix# dovecot -n # 1.1.11: /etc/dovecot/dovecot.conf # OS: Linux 2.6.28-16-server x86_64 Ubuntu 9.04 ext4 log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap pop3 imaps pop3s managesieve ssl_cert_file: /etc/ssl/certs/ssl-mail.pem ssl_key_file: /etc/ssl/private/ssl-mail.key ssl_cipher_list: ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(pop3): /usr/lib/dovecot/pop3-login login_executable(managesieve): /usr/lib/dovecot/managesieve-login login_greeting_capability(default): yes login_greeting_capability(imap): yes login_greeting_capability(pop3): no login_greeting_capability(managesieve): no mail_max_userip_connections(default): 10 mail_max_userip_connections(imap): 10 mail_max_userip_connections(pop3): 3 mail_max_userip_connections(managesieve): 10 mail_privileged_group: mail mail_uid: 5000 mail_gid: 5000 mail_location: maildir:/home/vmail/%d/%n/.Maildir mail_executable(default): /usr/lib/dovecot/imap mail_executable(imap): /usr/lib/dovecot/imap mail_executable(pop3): /usr/lib/dovecot/pop3 mail_executable(managesieve): /usr/lib/dovecot/managesieve mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 mail_plugin_dir(managesieve): /usr/lib/dovecot/modules/managesieve imap_client_workarounds(default): outlook-idle delay-newmail imap_client_workarounds(imap): outlook-idle delay-newmail imap_client_workarounds(pop3): imap_client_workarounds(managesieve): pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh pop3_client_workarounds(managesieve): sieve_storage(default): sieve_storage(imap): sieve_storage(pop3): sieve_storage(managesieve): ~/sieve sieve(default): sieve(imap): sieve(pop3): sieve(managesieve): ~/.dovecot.sieve auth default: mechanisms: plain login passdb: driver: sql args: /etc/dovecot/dovecot-sql.conf userdb: driver: sql args: /etc/dovecot/dovecot-sql.conf socket: type: listen client: path: /var/spool/postfix/private/dovecot-auth mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/auth-master mode: 384 user: vmail group: vmail
root@mail003:/etc/postfix# postconf | grep sasl broken_sasl_auth_clients = yes cyrus_sasl_config_path = lmtp_sasl_auth_cache_name = lmtp_sasl_auth_cache_time = 90d lmtp_sasl_auth_enable = no lmtp_sasl_auth_soft_bounce = yes lmtp_sasl_mechanism_filter = lmtp_sasl_password_maps = lmtp_sasl_path = lmtp_sasl_security_options = noplaintext, noanonymous lmtp_sasl_tls_security_options = $lmtp_sasl_security_options lmtp_sasl_tls_verified_security_options = $lmtp_sasl_tls_security_options lmtp_sasl_type = cyrus proxy_write_maps = $smtp_sasl_auth_cache_name $lmtp_sasl_auth_cache_name send_cyrus_sasl_authzid = no smtp_sasl_auth_cache_name = smtp_sasl_auth_cache_time = 90d smtp_sasl_auth_enable = no smtp_sasl_auth_soft_bounce = yes smtp_sasl_mechanism_filter = smtp_sasl_password_maps = smtp_sasl_path = smtp_sasl_security_options = noplaintext, noanonymous smtp_sasl_tls_security_options = $smtp_sasl_security_options smtp_sasl_tls_verified_security_options = $smtp_sasl_tls_security_options smtp_sasl_type = cyrus smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_exceptions_networks = smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/dovecot-auth smtpd_sasl_security_options = noanonymous smtpd_sasl_tls_security_options = $smtpd_sasl_security_options smtpd_sasl_type = dovecot
Any ideas? Thanks for the response.
- Rene
Use "postconf -n" to obtain what Postfix actually sees. All you are showing is what is entered in the Postfix main.cf file. You can easily enter garbage into that file that Postfix will ignore. Also, post the complete output. Snippets are useless.
-- Jerry gesbbb@yahoo.com
|::::======= |::::======= |=========== |=========== |
Why, every one as they like; as the good woman said when she kissed her cow.
RabelaisHi Jerry,
My bad, I thought I did postconf -n. I was already wondering why I had so many garbage in my output :)
Hereby the right postfix config: root@mail003:/etc/dovecot# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes config_directory = /etc/postfix home_mailbox = Maildir/ inet_interfaces = all mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/dovecot-postfix.conf -n -m "${EXTENSION}" mailbox_size_limit = 0 mydestination = mail003.mydomain.nl, localhost.mydomain.nl, , localhost myhostname = mail003.mydomain.nl mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 myorigin = /etc/mailname readme_directory = no recipient_delimiter = + relayhost = smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtp_use_tls = yes smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/dovecot-auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sender_restrictions = reject_unknown_sender_domain smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/ssl/certs/ssl-mail.pem smtpd_tls_key_file = /etc/ssl/private/ssl-mail.key smtpd_tls_mandatory_ciphers = medium, high smtpd_tls_mandatory_protocols = SSLv3, TLSv1 smtpd_tls_received_header = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes tls_random_source = dev:/dev/urandom virtual_alias_maps = mysql:/etc/postfix/mysql_alias.cf virtual_gid_maps = mysql:/etc/postfix/mysql_gid.cf virtual_mailbox_base = / virtual_mailbox_domains = mysql:/etc/postfix/mysql_domains.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql_mailbox.cf virtual_minimum_uid = 5000 virtual_transport = dovecot: virtual_uid_maps = mysql:/etc/postfix/mysql_uid.cf
It's pretty much a default ubuntu install, only added the virtual stuff myself. Thanks for the help.
- Rene
On Wed, Nov 11, 2009 at 4:41 PM, Jerry gesbbb@yahoo.com wrote:
On Wed, 11 Nov 2009 15:45:33 +0100 Rene Bakkum rene.bakkum@gmail.com replied:
Hello all,
I am struggeling to get my Dovecot SASL to work within postfix. I have used the configuration example listed on the main-site of dovecot and it basically isn't giving me any success at all. I am probably missing something easy, but after spending a few days testing and walking through everything I could think about I thought figured it was better to ask :) Hope someone can point me to the right direction.
My setup is that I have installed Ubuntu 9.04 (64bit), postfix and dovecot linked to a MySQL database. The services are using maildirs which are stored locally (no NFS). Postfix is using the LDA from dovecot to deliver the mail and dovecot is used for IMAP and POP3. This is working and no problems at all so far. The problem starts when I just want to enable the SASL authentication from Dovecot. I used the 'guide' posted on http://wiki.dovecot.org/HowTo/PostfixAndDovecotSASL
When I try to telnet to port 25 (smtp) than I doesn't looks like the SASL is working... 220 mail003 ESMTP Postfix (Ubuntu) ehlo localhost 250-mail003 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN
Anything I missed in my configuration from either postfix/dovecot? root@mail003:/etc/postfix# dovecot --version 1.1.11 root@mail003:~# dpkg-query -l postfix
+++-==============-==============-============================================
ii postfix 2.5.5-1.1 High-performance mail transport agent
Here are my configurations of both: root@mail003:/etc/postfix# dovecot -n # 1.1.11: /etc/dovecot/dovecot.conf # OS: Linux 2.6.28-16-server x86_64 Ubuntu 9.04 ext4 log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap pop3 imaps pop3s managesieve ssl_cert_file: /etc/ssl/certs/ssl-mail.pem ssl_key_file: /etc/ssl/private/ssl-mail.key ssl_cipher_list: ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(pop3): /usr/lib/dovecot/pop3-login login_executable(managesieve): /usr/lib/dovecot/managesieve-login login_greeting_capability(default): yes login_greeting_capability(imap): yes login_greeting_capability(pop3): no login_greeting_capability(managesieve): no mail_max_userip_connections(default): 10 mail_max_userip_connections(imap): 10 mail_max_userip_connections(pop3): 3 mail_max_userip_connections(managesieve): 10 mail_privileged_group: mail mail_uid: 5000 mail_gid: 5000 mail_location: maildir:/home/vmail/%d/%n/.Maildir mail_executable(default): /usr/lib/dovecot/imap mail_executable(imap): /usr/lib/dovecot/imap mail_executable(pop3): /usr/lib/dovecot/pop3 mail_executable(managesieve): /usr/lib/dovecot/managesieve mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 mail_plugin_dir(managesieve): /usr/lib/dovecot/modules/managesieve imap_client_workarounds(default): outlook-idle delay-newmail imap_client_workarounds(imap): outlook-idle delay-newmail imap_client_workarounds(pop3): imap_client_workarounds(managesieve): pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh pop3_client_workarounds(managesieve): sieve_storage(default): sieve_storage(imap): sieve_storage(pop3): sieve_storage(managesieve): ~/sieve sieve(default): sieve(imap): sieve(pop3): sieve(managesieve): ~/.dovecot.sieve auth default: mechanisms: plain login passdb: driver: sql args: /etc/dovecot/dovecot-sql.conf userdb: driver: sql args: /etc/dovecot/dovecot-sql.conf socket: type: listen client: path: /var/spool/postfix/private/dovecot-auth mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/auth-master mode: 384 user: vmail group: vmail
root@mail003:/etc/postfix# postconf | grep sasl broken_sasl_auth_clients = yes cyrus_sasl_config_path = lmtp_sasl_auth_cache_name = lmtp_sasl_auth_cache_time = 90d lmtp_sasl_auth_enable = no lmtp_sasl_auth_soft_bounce = yes lmtp_sasl_mechanism_filter = lmtp_sasl_password_maps = lmtp_sasl_path = lmtp_sasl_security_options = noplaintext, noanonymous lmtp_sasl_tls_security_options = $lmtp_sasl_security_options lmtp_sasl_tls_verified_security_options = $lmtp_sasl_tls_security_options lmtp_sasl_type = cyrus proxy_write_maps = $smtp_sasl_auth_cache_name $lmtp_sasl_auth_cache_name send_cyrus_sasl_authzid = no smtp_sasl_auth_cache_name = smtp_sasl_auth_cache_time = 90d smtp_sasl_auth_enable = no smtp_sasl_auth_soft_bounce = yes smtp_sasl_mechanism_filter = smtp_sasl_password_maps = smtp_sasl_path = smtp_sasl_security_options = noplaintext, noanonymous smtp_sasl_tls_security_options = $smtp_sasl_security_options smtp_sasl_tls_verified_security_options = $smtp_sasl_tls_security_options smtp_sasl_type = cyrus smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_exceptions_networks = smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/dovecot-auth smtpd_sasl_security_options = noanonymous smtpd_sasl_tls_security_options = $smtpd_sasl_security_options smtpd_sasl_type = dovecot
Any ideas? Thanks for the response.
- Rene
Use "postconf -n" to obtain what Postfix actually sees. All you are showing is what is entered in the Postfix main.cf file. You can easily enter garbage into that file that Postfix will ignore. Also, post the complete output. Snippets are useless.
-- Jerry gesbbb@yahoo.com
|::::======= |::::======= |=========== |=========== |
Why, every one as they like; as the good woman said when she kissed her cow.
Rabelais
On Wed, 11 Nov 2009 17:49:22 +0100 Rene Bakkum rene.bakkum@gmail.com replied:
root@mail003:/etc/dovecot# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes config_directory = /etc/postfix home_mailbox = Maildir/ inet_interfaces = all mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/dovecot-postfix.conf -n -m "${EXTENSION}" mailbox_size_limit = 0 mydestination = mail003.mydomain.nl, localhost.mydomain.nl, , localhost myhostname = mail003.mydomain.nl mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 myorigin = /etc/mailname readme_directory = no recipient_delimiter = + relayhost = smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtp_use_tls = yes smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/dovecot-auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sender_restrictions = reject_unknown_sender_domain smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/ssl/certs/ssl-mail.pem smtpd_tls_key_file = /etc/ssl/private/ssl-mail.key smtpd_tls_mandatory_ciphers = medium, high smtpd_tls_mandatory_protocols = SSLv3, TLSv1 smtpd_tls_received_header = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes tls_random_source = dev:/dev/urandom virtual_alias_maps = mysql:/etc/postfix/mysql_alias.cf virtual_gid_maps = mysql:/etc/postfix/mysql_gid.cf virtual_mailbox_base = / virtual_mailbox_domains = mysql:/etc/postfix/mysql_domains.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql_mailbox.cf virtual_minimum_uid = 5000 virtual_transport = dovecot: virtual_uid_maps = mysql:/etc/postfix/mysql_uid.cf
Please don't top post. It makes following this thread much harder than necessary.
Your configuration does not follow the recommendations on the Postfix site: http://www.postfix.org/SASL_README.html
Starting with this one:
/etc/postfix/main.cf: smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth
/some/where/dovecot.conf: auth default { mechanisms = plain login passdb pam { } userdb passwd { } socket listen { client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } }
Your user, group and mode settings are completely different. Your settings are no doubt different on your system. However, the mode, user and group settings might be the cause of the problem. If I am not mistaken, Postfix does not use the virtual user/group ID to access SASL. You might want to post this on the Postfix forum if you cannot get the problem resolved here.
I use FreeBSD-7.2 with Postfix (2.7-20091008), with Cyrus-SASL2 and SQL as the back end; therefore, I cannot personally test your configuration.
-- Jerry gesbbb@yahoo.com
|::::======= |::::======= |=========== |=========== |
Two is company, three is an orgy.
The problem is solved it was as something easy I missed. Because of the line:
smtpd_tls_auth_only = yes
the sasl isn't working on plain logins, so using a telnet session to port 25, doesn't allow you to use the smtp authenticate. Uncommenting this (or changing yes to no) will make the plain login work for sasl.
Thanks for the help!
- Rene
participants (2)
-
Jerry
-
Rene Bakkum