From owner-freebsd-questions@FreeBSD.ORG Sat Oct 19 05:36:49 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 72E81AB9 for ; Sat, 19 Oct 2013 05:36:49 +0000 (UTC) (envelope-from nehe@telus.net) Received: from cmta16.telus.net (cmta16.telus.net [209.171.16.89]) by mx1.freebsd.org (Postfix) with ESMTP id 1563026BE for ; Sat, 19 Oct 2013 05:36:48 +0000 (UTC) Received: from [192.168.2.41] ([75.159.225.232]) by cmta16.telus.net with TELUS id etbg1m00251URhX01tbgc5; Fri, 18 Oct 2013 23:35:40 -0600 X-Authority-Analysis: v=2.0 cv=TJabvSZa c=1 sm=2 a=0DCTPqL9JVKyx/LzsUzWHQ==:17 a=UzUnFGI9yZYA:10 a=LGgl8L9ij00A:10 a=8nJEP1OIZ-IA:10 a=aatUQebYAAAA:8 a=lpfyz5VD1akA:10 a=_iSszlQzAAAA:8 a=X8A_bwf_qjrE6AGp8xMA:9 a=wPNLvfGTeEIA:10 a=-KjbzaIdK78A:10 a=0DCTPqL9JVKyx/LzsUzWHQ==:117 X-Telus-Outbound-IP: 75.159.225.232 Message-ID: <52621A2B.1080706@telus.net> Date: Fri, 18 Oct 2013 23:35:39 -0600 From: Jeff Molofee User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.0 MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: Postfix & SASL ... Help References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Oct 2013 05:36:49 -0000 Will try to keep this short because this is a list... I posted the following on the BSD forums and have received no responses. I was hoping some bright minds on this list could help me out, or at least point me in the right direction. I'm trying to get postfix to authenticate users using auxprop/sasldb. I see the following error in maillog: "warning: SASL authentication failure: no user in db" I am using: FreeBSD 9.x (64 bit), Postfix 2.10.1,1 (PCRE, SASL2, TLS), cyrus-imapd-2.4.17_4, cyrus-sasl-2.1.26_2 (authdaemond, obsolete_cram_attr, {all mechs}) Cyrus is authenticating against SASL. Test results below: > smtptest -a {username} localhost S: 220 mail.{company}.com ESMTP Postfix C: EHLO smtptest S: 250-mail.{company}.com S: 250-PIPELINING S: 250-SIZE 20480000 S: 250-ETRN S: 250-AUTH PLAIN LOGIN CRAM-MD5 DIGEST-MD5 NTLM S: 250-AUTH=PLAIN LOGIN CRAM-MD5 DIGEST-MD5 NTLM S: 250-ENHANCEDSTATUSCODES S: 250-8BITMIME S: 250 DSN Please enter your password: C: AUTH PLAIN AGrlZmZtBGhvbnRhY4J2 S: 235 2.7.0 Authentication successful Authenticated. Security strength factor: 0 In /usr/local/etc/postfix/main.cf I have: smtpd_sasl_auth_enable = yes broken_sasl_auth_clients = yes smtpd_sasl_local_domain = proxy.domain.local smtpd_sasl_security_options = noanonymous smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination In /usr/local/lib/sasl2/smtpd.conf I have: pwcheck_method: auxprop auxprop_plugin: sasldb mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5 NTLM Because the error is saying "no user in db", I'm guessing that postfix is not seeing the sasldb2.db at all. postfix is in the mail group and mail group has permission for files like sasldb2.db (I don't believe it's a permission issue). i thought maybe it was because I didn't have bdb support in cyrus-sasl or postfix, but it made no difference if I did or not. Right now I'm thinking because sasldblistusers2 shows users as follows: {user}@proxy.domain.local (machine domain) instead of: {user}@maildomain.com(web) that this could be my issue. But then wouldn't it say "user not found" rather than "no user in db"? why does smtptest work? would LOVE any help you guys are willing to offer... been at this for a few days now, and I'm starting to pull hair out :(