Date: Fri, 1 Jun 2007 14:55:23 +0530 From: "Amarendra Godbole" <amarendra.godbole@gmail.com> To: "Paul Schmehl" <pauls@utdallas.edu> Cc: freebsd-questions@freebsd.org Subject: Re: Wierd postfix/cyrus SASL error... Message-ID: <294439d20706010225p2bfff3ebp41019dcb7b311ad2@mail.gmail.com> In-Reply-To: <4215074055BD1BFDD24D2509@utd59514.utdallas.edu> References: <294439d20705310218q5a8f65c0jb6b30c6dfc9a51a7@mail.gmail.com> <4215074055BD1BFDD24D2509@utd59514.utdallas.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On 5/31/07, Paul Schmehl <pauls@utdallas.edu> wrote: > I have a similar setup: > smtpd_sasl_auth_enable = yes > smtpd_sasl_security_options = noanonymous > smtpd_sasl_local_domain = $myhostname > smtpd_sasl_application_name = smtpd > broken_sasl_auth_clients = yes > permit_sasl_authenticated > > But I don't use a db password file. Have you tried re-running the postfix > hash utility (postmap) on the db? That's the first thing that I would try. [...] Okay, after a lot of digging around, I got the error. Somehow something messed up during the portupgrade, and postfix started negotiating GSSAPI authentication with the smtp server. Since GSSAPI needs krb (kerberos) support, which was not configured, the auth failed. Adding the following lines to main.cf solved the problem, and postfix now happily chugs along: smtp_sasl_security_options = noanonymous, noplaintext smtp_sasl_mechanism_filter = login, ntlm Now it negotiates login or ntlm with the server, and the auth works fine. Thanks for all the help. My next stop is to figure out *what* changed during portupgrade (as my postfix config files were the same as before) that created this issue. -Amarendra
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?294439d20706010225p2bfff3ebp41019dcb7b311ad2>