Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

PostFix + Cyrus SASL Auth Problem
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
zenacus
n00b
n00b


Joined: 06 Aug 2004
Posts: 4
PostPosted: Mon Aug 09, 2004 4:20 pm    Post subject: PostFix + Cyrus SASL Auth Problem Reply with quote
Hi All,

Running through the setup guide, and cannot seem to get my telnet session to echo back that I have AUTH LOGIN-PLAIN, here is my telnet output:

Code:

EHLO domain.com
250-ns1.zenacus.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250 8BITMIME


Here is teh last portion of my /etc/postfix/main.cf file where you add the SASL stuff:

Code:

smtpd_sasl_auth_enable = yes
smtpd_sasl2_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_local_domain =
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, re$
smtpd_use_tls = yes
smtpd_tls_auth_only = yes
smtpd_tls_key_file = /etc/postfix/newreq.pem
smtpd_tls_cert_file = /etc/postfix/newcert.pem
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom


And I am not sure about the smptd.conf file because it appears that you have to create it from scratch? If so what directory should I create it in and what parameters should I set in that file?

Thanks in advance for your help!

[/b]
Back to top
View user's profile Send private message
devon
l33t
l33t


Joined: 23 Jun 2003
Posts: 943
PostPosted: Tue Aug 10, 2004 5:52 am    Post subject: Reply with quote
Did you resolve your problem? Here is my smtpd.conf file for reference.
Code:
$ cat /etc/sasl2/smtpd.conf
# $Header: /home/cvsroot/gentoo-x86/net-mail/postfix/files/smtp.sasl,v 1.1 2003/09/24 05:08:51 max Exp $
#pwcheck_method:pam
pwcheck_method:pwcheck
mech_list: PLAIN LOGIN

Here is Postfix's SASL HowTo with information about the different authentication methods.
Back to top
View user's profile Send private message
Martian21
n00b
n00b


Joined: 21 Aug 2003
Posts: 26
PostPosted: Tue Aug 17, 2004 1:33 pm    Post subject: Reply with quote
Postfix will NOT offer any login methods until after you have established a secure connection. You see that it offers STARTTLS.

If you comment out:

Code:
smtpd_tls_auth_only = yes


Postfix will then give you login options as well as STARTTLS. This is a security feature! If you allow users to login with PLAIN or LOGIN before starting TLS then they send their credentials in clear text!!!

Hope this helps,

Martian
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy