From owner-freebsd-questions@FreeBSD.ORG Mon Feb 27 06:09:02 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0FC3D16A420 for ; Mon, 27 Feb 2006 06:09:02 +0000 (GMT) (envelope-from ggroth99@hotmail.com) Received: from hotmail.com (bay14-f3.bay14.hotmail.com [64.4.49.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id C6DCE43D49 for ; Mon, 27 Feb 2006 06:09:01 +0000 (GMT) (envelope-from ggroth99@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Sun, 26 Feb 2006 22:09:01 -0800 Message-ID: Received: from 64.36.27.226 by by14fd.bay14.hotmail.msn.com with HTTP; Mon, 27 Feb 2006 06:08:57 GMT X-Originating-IP: [64.36.27.226] X-Originating-Email: [ggroth99@hotmail.com] X-Sender: ggroth99@hotmail.com From: "Greg Groth" To: freebsd-questions@freebsd.org Date: Mon, 27 Feb 2006 00:08:57 -0600 Mime-Version: 1.0 Content-Type: text/plain; format=flowed X-OriginalArrivalTime: 27 Feb 2006 06:09:01.0423 (UTC) FILETIME=[4DC607F0:01C63B64] Subject: saslauthd problems X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Feb 2006 06:09:02 -0000 I am having great difficulty in getting SMTP-AUTH working on a mail server. I went through this not too long ago on another box, and was able to get it working (SSL is another story). On this box, when I try to send an email, I get the following in maillog: Feb 26 23:42:16 ns1 sm-mta[1783]: NOQUEUE: connect from node-40241be2.mdw.onnet.us.uu.net [64.36.27.226] Feb 26 23:42:16 ns1 sm-mta[1783]: AUTH: available mech=NTLM LOGIN ANONYMOUS PLAIN GSSAPI OTP DIGEST-MD5 CRAM-MD5, allowed mech=PLAIN LOGIN Feb 26 23:42:16 ns1 sm-mta[1783]: k1R5gGCB001783: Milter: no active filter Feb 26 23:42:17 ns1 sm-mta[1783]: k1R5gGCB001783: ruleset=check_rcpt, arg1=, relay=node-40241be2.mdw.onnet.us.uu.net [64.36.27.226], reject=550 5.7.1 ... Relaying denied. Proper authentication required. I checked to see if saslauthd was running: ns1# ps -aux | grep saslauthd root 532 0.0 0.4 2824 1884 ?? Is 8:41PM 0:00.02 /usr/local/sbin/saslauthd -a pam root 533 0.0 0.3 2776 1604 ?? I 8:41PM 0:00.00 /usr/local/sbin/saslauthd -a pam root 534 0.0 0.3 2776 1604 ?? I 8:41PM 0:00.00 /usr/local/sbin/saslauthd -a pam root 535 0.0 0.3 2776 1604 ?? I 8:41PM 0:00.00 /usr/local/sbin/saslauthd -a pam root 536 0.0 0.3 2776 1604 ?? I 8:41PM 0:00.00 /usr/local/sbin/saslauthd -a pam The only other mention in any of the logs regarding sasl I could find was this: Feb 26 20:41:53 ns1 saslauthd[532]: detach_tty : master pid is: 532 Feb 26 20:41:53 ns1 saslauthd[532]: ipc_init : listening on socket: /var/state/saslauthd/mux System is FreeBSD 6.0 using a fresh install. System has latest ports of Sendmail, IMAP-UW, Cyrus-SASL2, Cyrus-SASL2-Auth I can relay without a problem if I add my IP to the Sendmail Access db, but it won't work with SMTP-AUTH. Sendmail was installed as part of the base install. I added the following commands to /etc/make.conf: SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2 SENDMAIL_LDFLAGS=-L/usr/local/lib SENDMAIL_LDADD=-lsasl2 I then ran the whole make buildworld, make kernel, etc. deal, then recompiled Sendmail as follows: cd /usr/src/usr.sbin/sendmail make clean make depend make make install Added the following to my mc file: define(`confAUTH_MECHANISMS',`PLAIN LOGIN')dnl TRUST_AUTH_MECH(`PLAIN LOGIN')dnl ran make cf make install make restart I added saslauthd_enable="YES" to /etc/rc.conf, and it appears to be starting at boot. I checked /usr/local/lib/sasl2/Sendmail.conf, and have the following: pwcheck_method: saslauthd I then went back through and checked all of the Makefiles and startup scripts as I saw a bug mentioned in the docs that said to check the library paths (if compiling from scratch), and everything seems to be pointing to where it should be. I've gone through both systems and cannot find a difference in either the way they were compiled or configured, yet I'm at a standstill. The only difference is that on the system that is giving me fits is I rebuilt the /etc/pwd.db and /etc/spwd.db from a backup of master.passwd using pwd_mkdb. I checked the password dbs on both systems thinking I might have some kind of db compatability problem, both files on both systems came back as follows: ns1# file /etc/pwd.db /etc/pwd.db: Berkeley DB 1.85 (Hash, version 2, native byte-order) ns1# file /etc/spwd.db /etc/pwd.db: Berkeley DB 1.85 (Hash, version 2, native byte-order) As far as I can figure out, saslauthd is configured to fall back to it's own database authentication scheme if other methods fail, and the "Milter: no active filter" error is probably it complaining that it can't find the database. Why isn't it checking the password file? Anyone have any ideas? I'm at my wit's end. TIA Greg Groth _________________________________________________________________ Is your PC infected? Get a FREE online computer virus scan from McAfeeŽ Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963