| View previous topic :: View next topic |
| Author |
Message |
Yuri Ferreira
n00b
Joined: 23 Oct 2017
Posts: 17
Location: 2121
|
 Posted: Mon Nov 20, 2017 1:17 am Post subject: Problem with Telnet and Cyrus-sasl |
 |
|
i'm tryning to test cyrus-sasl, but i have problems
| Code: | root # telnet localhost 25
Trying ::1.....
Espace character is '^]'.
220 postfix.dominio.com.br ESMTP MEU DOMINIO
ehlo postfix
250-postfix.dominio.com.br
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DNS
AUTH PLAIN
502 5.5.1 Error: command not implemented
AUTH LOGIN
502 5.5.1 Error: command not implemented
|
my /etc/sasl2/smtpd.conf
| Code: |
pwcheck_method: authdaemond
mech_list: LOGIN PLAIN
sql_select dummy
authdaemond_path: /var/lib/courier/authdaemon/socket
|
my mail.log say
| Code: |
warning smtpd_sasl_auth_enable is true but sasl support is not compiled in
|
i installed cyrus-sasl and postfix with use flag "SASL"
cyrus-sasl also has a use flag "authdaemond"
What can it be ?
_________________
2121212 |
|
| Back to top |
|
 |
eccerr0r
Watchman
Joined: 01 Jul 2004
Posts: 9932
Location: almost Mile High in the USA
|
| Posted: Mon Nov 20, 2017 1:24 am Post subject: |
|
|
Silly guess: did you restart postfix if you reinstalled it with USE=sasl?
(Note: I'm a sendmail + sasl user ... so only can give general suggestions...)
_________________
Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching? |
|
| Back to top |
|
|
Yuri Ferreira
n00b
Joined: 23 Oct 2017
Posts: 17
Location: 2121
|
| Posted: Mon Nov 20, 2017 1:33 am Post subject: |
|
|
| eccerr0r wrote: | Silly guess: did you restart postfix if you reinstalled it with USE=sasl?
(Note: I'm a sendmail + sasl user ... so only can give general suggestions...) |
Yes, I restarted postfix after installing with use "SASL"
_________________
2121212 |
|
| Back to top |
|
|
eccerr0r
Watchman
Joined: 01 Jul 2004
Posts: 9932
Location: almost Mile High in the USA
|
| Posted: Mon Nov 20, 2017 2:01 am Post subject: |
|
|
And "equery uses postfix" indeed indicates that you compiled with USE=sasl?
Does this
report SASL support?
The auth command necessarily needs to be part of postfix, so postfix is compiled wrong, somehow... Unless it can take plugins.
http://www.postfix.org/SASL_README.html
_________________
Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching? |
|
| Back to top |
|
|
Yuri Ferreira
n00b
Joined: 23 Oct 2017
Posts: 17
Location: 2121
|
| Posted: Mon Nov 20, 2017 4:01 pm Post subject: |
|
|
| eccerr0r wrote: | And "equery uses postfix" indeed indicates that you compiled with USE=sasl?
Does this
report SASL support?
The auth command necessarily needs to be part of postfix, so postfix is compiled wrong, somehow... Unless it can take plugins.
http://www.postfix.org/SASL_README.html |
command postconf -a
| Code: |
root # postconf -a
cyrus
dovecote
|
_________________
2121212 |
|
| Back to top |
|
|
Yuri Ferreira
n00b
Joined: 23 Oct 2017
Posts: 17
Location: 2121
|
| Posted: Mon Nov 20, 2017 4:45 pm Post subject: |
|
|
| eccerr0r wrote: | And "equery uses postfix" indeed indicates that you compiled with USE=sasl?
Does this
report SASL support?
The auth command necessarily needs to be part of postfix, so postfix is compiled wrong, somehow... Unless it can take plugins.
http://www.postfix.org/SASL_README.html |
When i execute this:
| Code: |
root # telnet localhost 25
Trying ::1.....
Espace character is '^]'.
220 postfix.dominio.com.br ESMTP MEU DOMINIO
ehlo postfix
250-postfix.dominio.com.br
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DNS
AUTH PLAIN
502 5.5.1 Error: command not implemented
mail.log say:
warning smtpd_sasl_auth_enable is true but sasl support is not compiled in
|
but, When I execute:
| Code: |
root # testsaslauthd -u tux@trcgento.com.br -p 123456
0: OK "SUCCESS.'
|
my method = POSTFIX ---> CYRUS-SASL -----> COURIER-AUTHLIB -------> DATABASE(MYSQL)
_________________
2121212 |
|
| Back to top |
|
|
Yuri Ferreira
n00b
Joined: 23 Oct 2017
Posts: 17
Location: 2121
|
| Posted: Mon Nov 20, 2017 4:48 pm Post subject: |
|
|
I do not understand ! why with the telnet this error !
_________________
2121212 |
|
| Back to top |
|
|
eccerr0r
Watchman
Joined: 01 Jul 2004
Posts: 9932
Location: almost Mile High in the USA
|
| Posted: Mon Nov 20, 2017 5:59 pm Post subject: |
|
|
Well, it's not telnet that's the issue, it's just faking a MUA/MTA for debug. Somehow postfix is not able to use sasl properly and I don't know why... This is starting to get into postfix-specific issues and I'd have to install postfix on one of my machines to play with...
_________________
Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching? |
|
| Back to top |
|
|
Yuri Ferreira
n00b
Joined: 23 Oct 2017
Posts: 17
Location: 2121
|
| Posted: Tue Nov 28, 2017 6:42 pm Post subject: Re: Problem with Telnet and Cyrus-sasl |
|
|
| Yuri Ferreira wrote: | i'm tryning to test cyrus-sasl, but i have problems
| Code: | root # telnet localhost 25
Trying ::1.....
Espace character is '^]'.
220 postfix.dominio.com.br ESMTP MEU DOMINIO
ehlo postfix
250-postfix.dominio.com.br
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DNS
AUTH PLAIN
502 5.5.1 Error: command not implemented
AUTH LOGIN
502 5.5.1 Error: command not implemented
|
my /etc/sasl2/smtpd.conf
| Code: |
pwcheck_method: authdaemond
mech_list: LOGIN PLAIN
sql_select dummy
authdaemond_path: /var/lib/courier/authdaemon/socket
|
my mail.log say
| Code: |
warning smtpd_sasl_auth_enable is true but sasl support is not compiled in
|
i installed cyrus-sasl and postfix with use flag "SASL"
cyrus-sasl also has a use flag "authdaemond"
What can it be ? |
I still can not solve !
Help-me ?
_________________
2121212 |
|
| Back to top |
|
|
eccerr0r
Watchman
Joined: 01 Jul 2004
Posts: 9932
Location: almost Mile High in the USA
|
| Posted: Tue Nov 28, 2017 8:26 pm Post subject: |
|
|
I installed postfix with USE=sasl on one of my VMs temporarily. Without configuring postfix/sasl I got this:
| Code: | $ telnet 10.0.0.111 25
Trying 10.0.0.111...
Connected to 10.0.0.111.
Escape character is '^]'.
220 vmhost.localdomain ESMTP Postfix
EHLO postfix
250-vmhost.localdomain
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 SMTPUTF8
AUTH PLAIN
503 5.5.1 Error: authentication not enabled
quit
221 2.0.0 Bye
|
Your postfix does not seem to be compiled properly, at least mine understands the AUTH command but cannot act upon it.
What does
| Code: | | # emerge -ptv postfix |
report?
| Code: | | [ebuild R ] mail-mta/postfix-3.1.6::gentoo USE="berkdb eai ldap pam sasl ssl -cdb -doc -dovecot-sasl -hardened -ldap-bind (-libressl) -lmdb -mbox -memcached -mysql -nis -postgres (-selinux) -sqlite" 0 KiB |
_________________
Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching? |
|
| Back to top |
|
|
szatox
Advocate
Joined: 27 Aug 2013
Posts: 3553
|
| Posted: Tue Nov 28, 2017 9:17 pm Post subject: |
|
|
| Quote: | | our postfix does not seem to be compiled properly, at least mine understands the AUTH command but cannot act upon it. |
When I was talking to postfix using telnet it required STARTTLS before AUTH.
It's actually a pretty sane thing to do, so I wouldn't be surprised if this was the default. |
|
| Back to top |
|
|
eccerr0r
Watchman
Joined: 01 Jul 2004
Posts: 9932
Location: almost Mile High in the USA
|
| Posted: Tue Nov 28, 2017 9:22 pm Post subject: |
|
|
Alas the behavior of the OP's postfix and my postfix are different despite not using a SSL connection...
It also is a bad error message to indicate a command is disabled. Here is my sendmail talk which is apparently disabling AUTH LOGIN when not under SSL, which I think is the right way to do things:
| Code: | AUTH plain
504 5.3.3 AUTH mechanism plain not available
AUTH login
504 5.3.3 AUTH mechanism login not available
badcommand
500 5.5.1 Command unrecognized: "badcommand" |
"5.5.1 Error: command not implemented" is hinting at compilation error IMHO.
_________________
Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching? |
|
| Back to top |
|
|
Yuri Ferreira
n00b
Joined: 23 Oct 2017
Posts: 17
Location: 2121
|
| Posted: Sat Dec 02, 2017 11:59 am Post subject: |
|
|
I tried to recompile the postfix use = "sasl ssl mbox mysql" but to no avail:
mail.log says: warning smtpd_sasl_auth_enable = yes, but sasl support was not compiled in
_________________
2121212 |
|
| Back to top |
|
|
|
Networking & Security
