postfix-users October 2010 archive
Main Archive Page > Month Archives  > postfix-users archives
postfix-users: Re: SMTPD AUTH broke ... ?

Re: SMTPD AUTH broke ... ?

From: Matt Hayes <dominian_at_nospam>
Date: Mon Oct 04 2010 - 01:39:23 GMT
To: postfix-users@postfix.org

On 10/03/2010 09:32 PM, Nicholas Sideris wrote:
> Hello,
>
> I have the following trouble with enabling the smtpd auth for postfix ...
>
> First of all I am using Dovecot 1.2.x and I have enabled everything
> according to the available on-line HOW TOs. Everything seems fine to me
> and the appropriate socket is created under private/auth so there's no
> problem there.
>
> Now I had modified main.cf to enable SMTP AUTH as follows (I do also
> include a few lines of other config, because I think it may be useful
> for you):
>
> html_directory = /server/html/postfix
> manpage_directory = /server/man
> sample_directory = /server/etc/postfix
> readme_directory = /server/readme/postfix
> data_directory = /var/lib/postfix
>
>
> virtual_mailbox_maps = mysql:/server/etc/postfix/virtual.sql
> virtual_mailbox_base = /
> virtual_minimum_uid = 1500
> virtual_uid_maps = mysql:/server/etc/postfix/uids.sql
> virtual_gid_maps = mysql:/server/etc/postfix/gids.sql
> virtual_mailbox_limit_maps = mysql:/server/etc/postfix/quota.sql
> content_filter = avscan:[127.0.0.1]:10025
>
> smtpd_sasl_type = dovecot
> smtpd_sasl_path = private/auth
> smtpd_sasl_auth_enable = yes
> #broken_sasl_auth_clients = yes
> smtpd_sasl_security_options = noanonymous
>
>
> smtpd_recipient_restrictions =
> permit_mynetworks
> permit_sasl_authenticated
> reject_unauth_destination
>
>
> Now when I am trying to test if it works, I get this
>
> telnet> open xxxxx.xxxxxx.xxx 25
> Trying 127.0.0.1...
> Connected to localbase.
> Escape character is '^]'.
> 220 eurovision.oikotimes.net <http://eurovision.oikotimes.net> ESMTP Postfix
> EHLO client.test.gr <http://client.test.gr>
> 250-xxxxx.xxxxxx.xxx
> 250-PIPELINING
> 250-SIZE 10240000
> 250-VRFY
> 250-ETRN
> 250-ENHANCEDSTATUSCODES
> 250-8BITMIME
> 250 DSN
> AUTH PLAIN ncjdskl=
> 502 5.5.2 Error: command not recognized
> AUTH PLAIN bchjdbckjdsc=
> 502 5.5.2 Error: command not recognized
>
> So actually there's no SMTP authentication available.
> Any ideas of what I need to check?
>
> PS: My server is custom compiled using this command ...
>
> make AUXLIBS='-L/server/lib/mysql -lmysqlclient -lz -lm -lpcre'
> CCARGS='-DDEF_CONFIG_DIR=\"/server/etc/postfix\"
> -DDEF_COMMAND_DIR=\"/server/sbin\"
> -DDEF_DAEMON_DIR=\"/server/libexec/postfix\"
> -DDEF_MAILQ_PATH=\"/usr/bin/mailq\"
> -DDEF_HTML_DIR=\"/server/html/postfix\"
> -DDEF_MANPAGE_DIR=\"/server/man\"
> -DDEF_NEWALIAS_PATH=\"/usr/bin/newaliases\"
> -DDEF_README_DIR=\"/server/readme/postfix\"
> -DDEF_SENDMAIL_PATH=\"/usr/sbin/sendmail\" -DHAS_MYSQL
> -I/server/include/mysql -DHAS_PCRE -DUSE_SASL_AUTH
> -DDEF_SERVER_SASL_TYPE=\"dovecot\"' OPT='-O' DEBUG='-g'
>
> PS2: Obtaining mail works as it should ... everything is ok.
>

You might want to look at using smtpd_sasl_auth_enable for your smtpd
listener.

I'd suggest using submisstion port 587 as well for your authenticated
clients.

-Matt