Hi, For several days I try to set up an authenticated postfix smtp server, but didn't succeed. Hope you can help me out with this. I've seen former discussions about this, but still failed to get a valid configuration.
Only users with a local UNIX account should be able to send mail to foreign domains. The type of authentication should by supported by most common e-mail client (like MS Outlook en Outlook Express :-(). Also I don't want experimental or unstable Debian packages. I use a Debian 3.0r2 (Woody) installation, According to several documentenation about this, I should look at SASL and installed the following packages and versions: * postfix 1.1.11-0.woody * postfix-tls 1.1.11+tls0.7.15-0.woody1 * libsasl-digestmd5-plain 1.5.27-3 * libsasl-modules-plain 1.5.27-3 * libsasl7 1.5.27-3 * sasl-bin 1.5.27-3 Then I configured /etc/postfix/main.cf with the following options: smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = $myhostname smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_relay_domains smtpd_sasl_application_name = smtpd broken_sasl_auth_clients = yes and /etc/postfix/master.cf with the following options (line was added, but commented out, by one of the installed packages): smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes I created /etc/postfix/sasl/smtpd.conf, with one sigle line: pwcheck_method: pwcheck (also tried pam and shadow as value). File access 644 (Server is not running chrooted) My user passwords are in the shadow file. To be sure I added postfix to the shadow group (hope this isn't really needed). Some documentation advise to create /etc/pam.d/smtp: #%PAM-1.0 auth required pam_unix.so account required pam_unix.so session required pam_unix.so The pwcheck is installed as system deamon, when starting it says: Starting Cyrus PAM pwcheck daemon: pwcheck, so it tells PAM is being used Now when I telnet to the local host, I got the following Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 mail.mydomain.nl ESMTP Postfix (Debian/GNU) EHLO mail.mydomain.nl 250-mail.mydomain.nl 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN 250-XVERP 250 8BITMIME AUTH PLAIN dXNlcm5hbWUAdXNlcm5hbWUAcGFzc3dvcmQ= 535 Error: authentication failed (I used a valid user and password) I get in mail.log: May 9 12:38:35 esd425 postfix/smtpd[16989]: connect from localhost[127.0.0.1] May 9 12:39:57 esd425 postfix/smtpd[16989]: warning: localhost[127.0.0.1]: SASL PLAIN authentication failed In auth.log May 9 12:41:14 esd425 postfix/smtpd[17055]: unable to open Berkeley db /etc/sasldb: No such file or directory May 9 12:41:14 esd425 postfix/smtpd[17055]: unable to open Berkeley db /etc/sasldb: No such file or directory Lines in auth.log looks like it isn't using PAM at all (also couldn't find a PAM log line anywhere). Answer in telnet isn't telling it is using DIGEST-MD5, which I should prefer (but this is only an other problem for now). What am I doing wrong? Please can someone give me some helpfull directions? Regards, Erwin van der Horst