SMTP AUTH with Postfix and SASL

To: debian-user@lists.debian.org
Subject: SMTP AUTH with Postfix and SASL
From: Jan Tammen <jan@tammen.net>
Date: Mon, 21 Jul 2003 17:19:21 +0200
Message-id: <[🔎] 20030721151920.GA12697@tammen.net>

Bonjour.

I am trying to setup SMTP AUTH with Postfix and SASL on Debian
unstable. 

So far I got these packages installed:

postfix          2.0.13-1
postfix-tls      2.0.13-1
libsasl2         2.1.12-1
libsasl2-dev     2.1.12-1
libsasl2-modules 2.1.12-1 
sasl2-bin        2.1.12-1

I want to authenticate users against the system's password-database.

/etc/postfix/main.cf:
[...]
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, 
                               permit_mynetworks, 
                               check_relay_domains
[...]

/etc/postfix/sasl/smtpd.conf:
pwcheck_method: pwcheck

Connecting to the server via telnet shows up that authentication is enabled:

250-AUTH NTLM LOGIN PLAIN DIGEST-MD5 CRAM-MD5
250-AUTH=NTLM LOGIN PLAIN DIGEST-MD5 CRAM-MD5

I got a user 'test' with passwd 'test'; trying to authenticate via telnet:

AUTH PLAIN dGVzdAB0ZXN0AHRlc3Q=
535 Error: authentication failed

In mail.log:
postfix/smtpd[15000]: warning: SASL authentication problem: unknown password verifier 
postfix/smtpd[15000]: warning: SASL authentication failure: Password verification failed
postfix/smtpd[15000]: warning: localhost[127.0.0.1]: SASL PLAIN authentication failed

Seems as SASL does not know shadow-method. When I use 'pwcheck_method:
saslauthd' in /etc/postfix/sasl/smtpd.conf and start saslauthd, I get this error:

postfix/smtpd[15135]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
postfix/smtpd[15135]: warning: SASL authentication failure: Password verification failed
postfix/smtpd[15135]: warning: localhost[127.0.0.1]: SASL PLAIN authentication failed

This error seems to be related to the fact, that smtpd runs chrooted.
But even when I let smtpd run 'normally', I get an error:

postfix/smtpd[15269]: warning: SASL authentication failure: Password verification failed
postfix/smtpd[15269]: warning: localhost[127.0.0.1]: SASL PLAIN authentication failed

And in auth.log:

saslauthd[14098]: AUTHFAIL: user=test@domain.de service=smtp realm=domain.de

But saslausthd seems to be able to authenticate that user; from localhost:

$ testsaslauthd -u test -p test -r domain.de -s smtp
$ 0: OK "Success."

Sorry for that long post ... any hints for me?

Thanks.

Reply to:

Follow-Ups:
- Re: SMTP AUTH with Postfix and SASL
  - From: "Jeff Wiegley, Ph.D." <jeffw@cyte.com>
- Re: SMTP AUTH with Postfix and SASL
  - From: Harley Peters <harley@hpeters.net>

Prev by Date: Re: kernel-source-2.4.20-bf2.4 ?
Next by Date: Bochs
Previous by thread: G++ problems in Woody
Next by thread: Re: SMTP AUTH with Postfix and SASL
Index(es):
- Date
- Thread