Re: libsaslc TLS postfix client woes

To: netbsd-users%netbsd.org@localhost
Subject: Re: libsaslc TLS postfix client woes
From: christos%astron.com@localhost (Christos Zoulas)
Date: Mon, 24 Aug 2015 05:41:17 +0000 (UTC)

In article <55da8d55.Vwp89GtYfOZ+zHh/%jgw%sdf.org@localhost>,  <jgw%sdf.org@localhost> wrote:
>Up until yesterday the following was providing Postfix SMTP client SASL
>TLS authentication with my email provider's outgoing email
>server (configs have been sanitized for public posting):
>
>  #/etc/postfix/main.cf
>  myhostname = beasty.sleepy.cat
>  mydomain = sleepy.cat
>  smtp_generic_maps = hash:/etc/postfix/generic
>  mynetworks_style = host
>  alias_maps = hash:/etc/mail/aliases
>  relayhost = [smtp.acme.com]:submission
>  smtp_sasl_auth_enable = yes
>  smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
>  smtp_sasl_security_options = noplaintext, noanonymous
>  smtp_sasl_tls_security_options = noanonymous
>  smtp_tls_security_level = may
>  smtp_sasl_type = saslc
>
>  #../generic
>  me%beasty.sleepy.cat@localhost     me%acme.com@localhost
>
>  #../sasl_passwd
>  [smtp.acme.com]:submission	me%acme.com@localhost:secret_passwd
>
>Did chmod 600 for the sasl_passwd file and ran postmap(8) run on generic
>and sasl_passwd for DB file generation, then checked with 'postfix check',
>then reload configs with '/etc/rc.d/postfix reload'.
>
>Anyway, something has changed sometime since my previous -current update
>dated ~May 2015; after upgrading to -current dated Aug 22, 2015 the above
>configuration no longer works.
>
>Below appears to be the pertinent bits from /var/log/maillog; date prefix
>removed for clarity:
>
>  ..
>   beasty postfix/qmgr[7099]: 1AFE11F1FA9: \
>    from=<me%beasty.sleepy.cat@localhost>, size=290, nrcpt=1 (queue active)
>   beasty postfix/qmgr[7099]: warning: \
>    private/smtp socket: malformed response
>   beasty postfix/master[5621]: warning: \
>    process /usr/libexec/postfix/smtp pid 7139 killed by signal 4
>   ..
>   beasty postfix/master[5621]: warning: \
>    /usr/libexec/postfix/smtp:bad command startup -- throttling
>   beasty postfix/error[5878]: 1AFE11F1FA9: \
>    to=<someone%somewhere.com@localhost>, relay=none, \
>    delay=1.4, delays=0.16/1.2/0/0.07, dsn=4.3.0, \
>    status=undeliverable (unknown mail transport error)
>
>I'm hoping someone can point me towards a solution or work-around
>so I can go back to using the native tools for mail relaying.

I don't see what could do it in the saslc code. Perhaps something changed
in openssl? Can you try to use the previous openssl libraries and see if
that fixes it?

christos

Follow-Ups:
- Re: libsaslc TLS postfix client woes
  - From: jgw
- Re: libsaslc TLS postfix client woes
  - From: jgw

References:
- libsaslc TLS postfix client woes
  - From: jgw

Prev by Date: Re: termcap issue
Next by Date: vioif0(4)
Previous by Thread: libsaslc TLS postfix client woes
Next by Thread: Re: libsaslc TLS postfix client woes
Indexes:

Home | Main Index | Thread Index | Old Index