On Mon, Jan 27, 2003 at 09:56:25AM +0100, martin f krafft wrote: | also sprach Derrick 'dman' Hudson <dman@dman.ddts.net> [2003.01.24.2244 +0100]: | > /etc/postfix/sasl/smtpd.conf | > pwcheck_method: PAM | > | > /etc/pam.d/smtp | > # (take your pick and remove the rest) | > # (how do you want it to find the user/pass matches?) | > auth required pam_permit.so | > auth required pam_pwdfile.so pwdfile /etc/postfix/dman/passwd | > auth required pam_unix.so | > auth required pam_ldap.so | | Okay, I tried this (without pam_ldap), creating a passwd file in | /etc/postfix that I referenced in the pwdfile.so line similar to | yours. I then restarted postfix. I now get the following errors: | | postfix/smtpd[18838]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory | postfix/smtpd[18838]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory I remember seeing mention of this somewhere. I think it is the sasl library that is requiring write access to that file so it can store secrets and stuff there. It is only needed under some setups, though. | postfix/smtpd[18838]: warning: SASL authentication failure: no secret in database | postfix/smtpd[18838]: warning: dclient217-162-113-106.hispeed.ch[217.162.113.106]: SASL CRAM-MD5 authentication failed I haven't tried using CRAM-MD5 [reordered quoting] | is there anyone out there using postfix + saslauthd ? I think this is why. I think the saslauthd is what wants to write to /etc/sasldb2. Do you have a line in /etc/postfix/sasl/smtpd.conf that references saslauthd? If so, I'd try removing it and using only PAM. It's what I have and it works for me. If you get that working and you still want to use saslauthd then go from there. | this has got to be chroot related, since postfix's smtpd runs in | a chroot in /var/spool/postfix on Debian. That could be. | dman, what's your master.cf file look like in terms of the chroot | column? # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp2 inet n - - - - smtpd (smtp2 is defined as port 2525 in /etc/services since exim still owns port 25, see below for that explanation) | wait, why are you using postfix anyway? aren't you the exim guru? :-). Yes, I am the exim guru, but I'm also playing with postfix. I wanted to better understand how it was designed and see how it's configuration/configurability compared. I still have exim as the SMTP server on my machine so that I can reject spam during the SMTP session (using sa-exim), and currently postfix can't do that. However, I also hvae the postfix package installed and postfix is /usr/sbin/sendmail and performing local (and remove) delivery only through that interface. (by "local" here I mean /var/mail/$USER, not using maildrop or any other fancy MDA; exim is doing that) HTH, -D -- Contrary to popular belief, Unix is user friendly. It just happens to be selective about who it makes friends with. -- Dave Parnas http://dman.ddts.net/~dman/
Attachment:
pgpbJ6BTTGZaw.pgp
Description: PGP signature