| View previous topic :: View next topic |
| Author |
Message |
kutte128
Apprentice
Joined: 18 May 2004
Posts: 173
|
 Posted: Thu Dec 22, 2005 10:32 am Post subject: Postfix 2.2.5 + smtpd_sasl_local_domain. [solved] |
 |
|
hi there,
after upgrading to postfix 2.2.5 (fom 2.0.x) my [b]smtpd_sasl_local_domain = $myhostname isn't working anymore.
it doesn't put the $myhostname behind the username anymore.
| Code: |
myhostname = host.domain.tld
[...]
smtpd_sasl_auth_enable = yes
smtpd_sasl2_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
|
login with name@host.domain.tld as username works just fine.
can anybody help ?
best regards,
kutte128
Last edited by kutte128 on Fri Dec 23, 2005 9:09 am; edited 1 time in total |
|
| Back to top |
|
 |
kadeux
Tux's lil' helper
Joined: 21 Nov 2005
Posts: 103
|
| Posted: Thu Dec 22, 2005 1:19 pm Post subject: |
|
|
Have you checked the settings for "SASLAUTHD_OPTS" in /etc/conf.d/saslauthd ?
| Code: |
# Config file for /etc/init.d/saslauthd
<snip>
# From 2.1.19, add "-r" to options for old behavior
# ie. reassemble user and realm to user@realm form.
# SASLAUTHD_OPTS="${SASLAUTH_MECH} -a pam -r"
SASLAUTHD_OPTS="${SASLAUTH_MECH} -a pam"
|
Enable the appropriate line according to your version of saslauthd. |
|
| Back to top |
|
|
kutte128
Apprentice
Joined: 18 May 2004
Posts: 173
|
| Posted: Thu Dec 22, 2005 1:39 pm Post subject: |
|
|
hi,
yes i've added the -r option |
|
| Back to top |
|
|
magic919
Advocate
Joined: 17 Jun 2005
Posts: 2182
Location: Berkshire, UK
|
|
| Back to top |
|
|
kutte128
Apprentice
Joined: 18 May 2004
Posts: 173
|
| Posted: Thu Dec 22, 2005 2:54 pm Post subject: |
|
|
i'm not using the sasldb but a mysql-table - so my pwcheck_method should be saslauth.
my understandins of the sasl_local_domain = $myhostname is that if i don't send a realm, the realm should be automatically
named $myhostname. or did i get it wrong ? thats exactly what i need |
|
| Back to top |
|
|
magic919
Advocate
Joined: 17 Jun 2005
Posts: 2182
Location: Berkshire, UK
|
| Posted: Thu Dec 22, 2005 4:19 pm Post subject: |
|
|
This is the bit I think applies here:
| Quote: | Important
Cyrus-SASL-2.x users!
If you set smtpd_sasl_local_domain = $myhostname, then you will always have to submit the REALM that equals $myhostname when you pass the username to SASL.
If you don't want to pass a REALM, then you must leave this parameter empty, but still you need to set it:
smtpd_sasl_local_domain =
|
|
|
| Back to top |
|
|
kutte128
Apprentice
Joined: 18 May 2004
Posts: 173
|
| Posted: Thu Dec 22, 2005 6:22 pm Post subject: |
|
|
hi,
hmm it doesn't work either.
it makes no difference if smtpd_sasl_local_domain is empty or not. |
|
| Back to top |
|
|
kadeux
Tux's lil' helper
Joined: 21 Nov 2005
Posts: 103
|
| Posted: Thu Dec 22, 2005 9:29 pm Post subject: |
|
|
| kutte128 wrote: | | yes i've added the -r option |
Have you test it without the -r option, too ?
I ask because the comment in the config file may be too generalizing. I think it's really depending on the SASL versions and if you have defined a realm during creation of the SASL database.
If I remember it right only the part after the rightmost @ is interpreted as a realm. Old versions of saslauthd have ignored the realm submitted by a client. So maybe the parts of the username/realm in the submitted string are now interpreted by saslauthd in a different way and therefore didn't match the database entries. 
But that's only guesswork as I could not check it at the moment. 
If it not works as expected with or without the "-r" option with different settings for "smtpd_sasl_local_domain", you should consider to submit the exact versions of all packages which are concerned before/after you have updated (eg. cyrus-sasl, pam, mysql,..) and maybe the database entries of a test user. Thus someone else with a similar setup could help you better.  |
|
| Back to top |
|
|
kutte128
Apprentice
Joined: 18 May 2004
Posts: 173
|
| Posted: Fri Dec 23, 2005 8:50 am Post subject: |
|
|
i tried it without the -r option and it didin't worked.
i also tried it with postfix 2.1.5 but it didn't worked also - so it's not a postfix-bug.
i have another mailserver running exactly like it should - with the same cyrus-sasl and mysql versions an the same use-flags and i cannot find any differences in the conf-files. |
|
| Back to top |
|
|
kutte128
Apprentice
Joined: 18 May 2004
Posts: 173
|
| Posted: Fri Dec 23, 2005 9:09 am Post subject: |
|
|
i found the error.
it wasn't sasl or postfix, it was a missing default_domain in authmysqlrc.
thanks for the help !
best regards,
kutte128 |
|
| Back to top |
|
|
|
Networking & Security
