[Dovecot] Problem with Dovecot SASL in Postfix

Chris McMacken chris.mcmacken at gmail.com
Thu Jul 12 01:03:26 EEST 2007 

I'm trying to configure my postfix server to use Dovecot as an SASL
server and running into some problems. My server supports a couple of
domain, I have multiple user/password files for multiple domains to
make the files a little easier to manage. Not sure if this question
should belong in the dovecot mailing list or the postfix one, but here
goes anyway. I have everything configured to use CRAM-MD5
authentication, including my mail client.

Here the auth section of my dovecot conf.

auth default {
 mechanisms = plain cram-md5

 passdb passwd-file {
   # Path for passwd-file
   args = /usr/local/etc/dovecot/%d/passwd
 }

 userdb passwd-file {
   # Path for passwd-file
   args = /usr/local/etc/dovecot/%d/passwd
 }

 user = root

 # It's possible to export the authentication interface to other programs:
 socket listen {
   client {
     # The client socket is generally safe to export to everyone. Typical use
     # is to export it to your SMTP server so it can do SMTP AUTH lookups
     # using it.
     path = /var/spool/postfix/private/auth
     mode = 0660
     user = postfix
     group = postfix
   }
 }
}

heres a sample line from one of the passwd files:

chrism:{CRAM-MD5}a67a65704086a046b3f875d1eaac8cb5c6fd13406507fead30d9bcb1bf82b:1003:1003::/home/vmail/example.com

and to login through SASL I am trying to use the username
chrism at example.com when I use the full email address like this to
login like this I get this output into my postfix log:

Jul 10 18:46:59 mail postfix/smtpd[57343]: connect from unknown[12.244.148.123]
Jul 10 18:46:59 mail postfix/smtpd[57343]: NOQUEUE: reject: RCPT from
unknown[12.244.148.123]: 554 5.7.1 <chrism at gmail.com>: Relay access
denied; from=<chrism at example.com> to=<chrism at gmail.com> proto=ESMTP
helo=<[192.168.1.14]>
Jul 10 18:47:00 mail postfix/smtpd[57343]: disconnect from
unknown[12.244.148.123]

(not actually using example.com but I changed it here)
heres my smtpd_recipient_restricitons from postconf

smtpd_recipient_restrictions = permit_mynetworks,
reject_unauth_destination, permit_sasl_authenticated

so when I use the full user name (chrism at example.com) it doesn't
appear to even attempt logging into the sasl server. If I change it to
simply chrism, heres the output:

Jul 10 18:50:36 mail postfix/smtpd[57356]: connect from unknown[12.244.148.123]
Jul 10 18:50:38 mail postfix/smtpd[57356]: warning:
unknown[12.244.148.123]: SASL CRAM-MD5 authentication failed:
PDI3NjU4MTE4NDExMTQzN0BtYWlsPg==
Jul 10 18:50:39 mail postfix/smtpd[57356]: lost connection after AUTH
from unknown[12.244.148.123]
Jul 10 18:50:39 mail postfix/smtpd[57356]: disconnect from
unknown[12.244.148.123]

if I put my user name in as chrism and don't add the @example.com it
tried to login but it can't login.

anyone have any ideas?

More information about the dovecot mailing list