Subject: configuring postfix from pkgsrc with smtp auth
To: None <netbsd-users@netbsd.org>
From: Stefan Dengscherz <stefan.dengscherz@gmx.net>
List: netbsd-users
Date: 10/22/2003 18:44:46
hello all,

i have the following problem: i successfully installed postfix from
pkgsrc (compiled with sasl support) and cyrus-sasl on netbsd 1.6.1 with
all security patches applied. i have replaced the mail system with the
pkgsrc postfix by changing mailer.conf and adding the suggested lines to
/etc/rc.conf.d/postfix. mail delivery works fine now through my new
postfix (local and from/to the web).

however i also need smtp auth to send mail from remote clients like
outlook. authentication should be based on local user data (local
accounts = mail account), because sending mail is only possible when
you're logged in on the box atm - thus i decided to use the saslauthd
password check method in sasl.

here's my configuration:

--
root@netbox:~> cat /usr/lib/sasl/smtpd.conf
pwcheck_method: saslauthd
--

--
root@netbox:~> tail -n 4 /usr/pkg/etc/postfix/main.cf
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions =
permit_sasl_authenticated,check_relay_domains
--

a quick check if postfix really supports smtp auth:
telnet & ehlo to port 25 results in:

--
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN
250-AUTH=PLAIN
250-XVERP
250 8BITMIME
--

so everything should be fine.

if i try to send mail from a mail client, i simply get authentication
failed error and the following entries in maillog:

--
Oct 22 18:22:27 netbox postfix/smtpd[3805]: connect from
unknown[192.168.1.10]
Oct 22 18:22:29 netbox postfix/smtpd[3805]: warning:
unknown[192.168.1.10]: SASL PLAIN authentication failed
Oct 22 18:22:33 netbox postfix/smtpd[3805]: disconnect from
unknown[192.168.1.10]
--

authlog doesn't mention any incorrect logins - just the successful
saslauthd start message:

--
Oct 22 18:38:17 netbox saslauthd[3832]: START: saslauthd 1.5.27
Oct 22 18:38:17 netbox saslauthd[3838]: daemon started, listening on
/var/run/sasl/mux
--

the box is connected to the internet and has a fqdn assigned.

any hints/suggestions - i don't see any error?
thanks in advance.

regards,
-sd