postfix with SASL over PAM
I'm trying to get posfix authenticate (for relaying purposes) users
with SASL via PAM on woody.
I've installed posftix, posftix-tls, libsasl and it´s modules.
Following the READMEs, I can see that postfix does support SASL auth
LOGIN and PLAIN mechanisms:
220 mybox.over.here ESMTP Postfix (Debian/GNU)
EHLO localhost
250-mybox.over.here
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH GSSAPI CRAM-MD5 DIGEST-MD5 LOGIN PLAIN
250-XVERP
250 8BITMIME
But when I try to authenticate with plain (base64 encoded:
'user\0user\0password'), posfix complains with :
postfix/smtpd[2134]: connect from localhost[127.0.0.1]
postfix/smtpd[2134]: PAM _pam_init_handlers: could not open /etc/pam.conf
postfix/smtpd[2134]: PAM pam_start: failed to initialize handlers
postfix/smtpd[2134]: warning: localhost[127.0.0.1]: SASL PLAIN
authentication failed
I've added the following lines to my working postfix's main.cf:
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = check_relay_domains permit_mynetworks
permit_sasl_authenticated
And /etc/pam.d/smtp looks like:
#%PAM-1.0
auth required pam_nologin.so
auth required pam_unix.so
auth required pam_env.so
account required pam_unix.so
session required pam_unix.so
session required pam_limits.so
To be on the safe side, I also added the following lines to /etc/pam.conf
smtp auth required pam_nologin.so
smtp auth required pam_unix.so
smtp auth required pam_env.so
smtp account required pam_unix.so
smtp session required pam_unix.so
smtp session required pam_limits.so
Both pam files are world readable.
Also, the file /etc/postfix/sasl/smtpd.conf contains:
pwcheck_method: pam
and it's perms are: 0644
With sasl over shadow, it just warns: SASL PLAIN authentication failed.
Has anyone managed to get woody's postfix to authenticate with sasl
over pam?
Thanks in advance
José
Reply to: