[Postfixbuch-users] sasl problem

Carsten Henkel casi-franzi at gmx.net
So Feb 3 22:29:47 CET 2008 

Hallo ich habe ein Problem mit suse 10.3 und sasl. Der Client fagt nach 
den Passwort und kommt dann nicht weiter.
Anbei die Logs und Ausgaben der tools Postconf und Saslfinger.

maillog:
Feb  3 22:20:23 server postfix/smtpd[20023]: < 
p5492E808.dip.t-dialin.net[84.146.232.8]: AUTH CRAM-MD5
Feb  3 22:20:23 server postfix/smtpd[20023]: xsasl_cyrus_server_first: 
sasl_method CRAM-MD5
Feb  3 22:20:23 server postfix/smtpd[20023]: 
xsasl_cyrus_server_auth_response: uncoded server challenge: 
<3586957780.10891358 at server.wunschradio.de>
Feb  3 22:20:23 server postfix/smtpd[20023]: > 
p5492E808.dip.t-dialin.net[84.146.232.8]: 334 
PDM1ODY5NTc3ODAuMTA4OTEzNThAc2VydmVyLnd1bnNjaHJhZGlvLmRlPg==
Feb  3 22:20:24 server postfix/smtpd[20023]: < 
p5492E808.dip.t-dialin.net[84.146.232.8]: 
Y2FzaUBiaW9iaWVuY2hlbi5kZSAyM2FhNTA2YTc4MjRhNDFkOGI0YzczZDNjNjEyOTkwMQ==
Feb  3 22:20:24 server postfix/smtpd[20023]: xsasl_cyrus_server_next: 
decoded response: casi at biobienchen.de 23aa506a7824a41d8b4c73d3c6129901
Feb  3 22:20:24 server postfix/smtpd[20023]: warning: SASL 
authentication failure: incorrect digest response
Feb  3 22:20:24 server postfix/smtpd[20023]: warning: 
p5492E808.dip.t-dialin.net[84.146.232.8]: SASL CRAM-MD5 authentication 
failed: authentication failure
Feb  3 22:20:24 server postfix/smtpd[20023]: > 
p5492E808.dip.t-dialin.net[84.146.232.8]: 535 5.7.0 Error: 
authentication failed: authentication failure


saslfinger -c:
saslfinger - postfix Cyrus sasl configuration So 3. Feb 22:21:44 CET 2008
version: 1.0.2
mode: client-side SMTP AUTH

-- basics --
Postfix: 2.4.5
System:
Welcome to openSUSE 10.3 (i586) - Kernel \r (\l).

-- smtp is linked to --
         libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7ee1000)

-- active SMTP AUTH and TLS parameters for smtp --
relayhost =
smtp_sasl_auth_enable = no
smtp_use_tls = no


-- listing of /usr/lib/sasl2 --
insgesamt 464
drwxr-xr-x  2 root root  4096  3. Feb 21:48 .
drwxr-xr-x 63 root root 24576  3. Feb 21:48 ..
-rwxr-xr-x  1 root root 14088 22. Sep 02:03 libanonymous.so
-rwxr-xr-x  1 root root 14088 22. Sep 02:03 libanonymous.so.2
-rwxr-xr-x  1 root root 14088 22. Sep 02:03 libanonymous.so.2.0.22
-rwxr-xr-x  1 root root 18180 22. Sep 02:03 libcrammd5.so
-rwxr-xr-x  1 root root 18180 22. Sep 02:03 libcrammd5.so.2
-rwxr-xr-x  1 root root 18180 22. Sep 02:03 libcrammd5.so.2.0.22
-rwxr-xr-x  1 root root 47200 22. Sep 02:03 libdigestmd5.so
-rwxr-xr-x  1 root root 47200 22. Sep 02:03 libdigestmd5.so.2
-rwxr-xr-x  1 root root 47200 22. Sep 02:03 libdigestmd5.so.2.0.22
-rwxr-xr-x  1 root root 14084 22. Sep 02:03 liblogin.so
-rwxr-xr-x  1 root root 14084 22. Sep 02:03 liblogin.so.2
-rwxr-xr-x  1 root root 14084 22. Sep 02:03 liblogin.so.2.0.22
-rwxr-xr-x  1 root root 18180 22. Sep 02:03 libplain.so
-rwxr-xr-x  1 root root 18180 22. Sep 02:03 libplain.so.2
-rwxr-xr-x  1 root root 18180 22. Sep 02:03 libplain.so.2.0.22
-rwxr-xr-x  1 root root 22228 22. Sep 02:03 libsasldb.so
-rwxr-xr-x  1 root root 22228 22. Sep 02:03 libsasldb.so.2
-rwxr-xr-x  1 root root 22228 22. Sep 02:03 libsasldb.so.2.0.22
-rw-r--r--  1 root root   129  3. Feb 21:36 smtpd.conf

-- listing of /etc/sasl2 --
insgesamt 20
drwxr-xr-x  2 root root 4096  3. Feb 22:19 .
drwxr-xr-x 69 root root 4096  3. Feb 22:02 ..
-rw-------  1 root root  128  3. Feb 22:19 smtpd.conf
-rw-------  1 root root   49  3. Feb 00:49 smtpd.conf.old
-rw-------  1 root root  104  3. Feb 17:33 smtpd.conf.rpmsave


Cannot find the smtp_sasl_password_maps parameter in main.cf.
Client-side SMTP AUTH cannot work without this parameter!

/etc/sals2/smtpd.conf:
log_level: 7
pwcheck_method: auxprop
mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
auxprop_plugin: sasldb
sasldb_path: /etc/sasldb2

postconf -n:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
biff = no
broken_sasl_auth_clients = yes
canonical_maps = hash:/etc/postfix/canonical
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = amavisd-new:[127.0.0.1]:10024
daemon_directory = /usr/lib/postfix
debug_peer_level = 7
defer_transports =
disable_dns_lookups = no
disable_mime_output_conversion = no
header_checks = regexp:/etc/postfix/header_checks
html_directory = /usr/share/doc/packages/postfix/html
inet_interfaces = localhost
inet_protocols = all
mail_owner = postfix
mail_spool_directory = /var/mail
mailbox_command =
mailbox_size_limit = 0
mailbox_transport =
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
masquerade_classes = envelope_sender, header_sender, header_recipient
masquerade_domains =
masquerade_exceptions = root
message_size_limit = 10240000
mydestination = $myhostname, localhost.$mydomain
mydomain = server.wunschradio.de
myhostname = server.wunschradio.de
mynetworks = 85.214.63.178, 127.0.0.0/8
mynetworks_style = subnet
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/packages/postfix/README_FILES
relayhost =
relocated_maps = hash:/etc/postfix/relocated
sample_directory = /usr/share/doc/packages/postfix/samples
sender_canonical_maps = hash:/etc/postfix/sender_canonical
sendmail_path = /usr/sbin/sendmail
setgid_group = maildrop
smtp_sasl_auth_enable = no
smtp_use_tls = no
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_restrictions =
smtpd_helo_required = no
smtpd_helo_restrictions =
smtpd_recipient_restrictions = reject_non_fqdn_recipient 
reject_non_fqdn_sender    permit_sasl_authenticated    permit_mynetworks 
    reject_unauth_destination    check_client_access 
hash:/etc/postfix/client_access    reject_non_fqdn_hostname 
reject_invalid_hostname    reject_rbl_client sbl-xbl.spamhaus.org, 
reject_rbl_client dul.dnsbl.sorbs.net,    reject_rhsbl_client 
blackhole.securitysage.com,    reject_rhsbl_sender 
blackhole.securitysage.com,    reject_rhsbl_sender rhsbl.sorbs.n    permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous, noplaintext
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_use_tls = no
strict_8bitmime = no
strict_rfc821_envelopes = no
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
virtual_alias_domains = hash:/etc/postfix/virtual
virtual_alias_maps = hash:/etc/postfix/virtual_users

Kann mir bitte jemand auf die Sprünge helfen ?

Gruß und Danke

Mehr Informationen über die Mailingliste Postfixbuch-users