Alexander Skwar grabbed a keyboard and wrote:
>
> Another thing that I find strange, was his /usr/lib/sasl/smtpd.conf
> file. It contained lines which should be in /etc/pam.d/smtpd. When I
> had postfix+SMTP AUTH somewhat working, I had nothing but pwcheck_method
> in there - and this file seemed to be totally ignored, by the way.
THAT'S IT!!!!!!!!!!!!
Thanks, Alexander, for pointing that out.
Vincent, assuming you're still reading this thread... :-) One of the .rpm
files for sasl puts in a not-so-good /usr/lib/sasl/smtpd.conf. As I
believe I mentioned to you earlier, found that I already had a
/usr/lib/sasl/smtpd.conf file, which contained:
# more /etc/pam.d/smtp
#%PAM-1.0
auth required /lib/security/pam_stack.so service=system-auth
account required /lib/security/pam_stack.so service=system-auth
#
I added "pwcheck_method: pam" to the bottom of that as a quick test, but
the sasl stuff kept aborting with an error in the syslog (the one I've
listed). Once I took those lines out and left just the newly-added
pwcheck_method line, it no longer dies. /etc/pam.d/smtp already exists,
with the above lines present in it.
$ telnet {my host} 25
Trying {my IP}...
Connected to {my host}.
Escape character is '^]'.
220 {my host} No UCE No UBE No Spam ESMTP Postfix (Postfix-20010228-pl03)
(Mandrake Linux)
ehlo localhost
250-{my host}
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-AUTH CRAM-MD5 DIGEST-MD5 LOGIN PLAIN
250 8BITMIME
auth login
334 VXNlcm5hbWU6
mrobin
334 UGFzc3dvcmQ6
{my friend's password}
535 Error: authentication failed
quit
221 Bye
Connection closed by foreign host.
$
I don't know why the login failed (feel free to give me pointers as to what
I'm doing wrong...), but at least the thing is giving me the opportunity to
try, which is better than what I've *been* getting. :-) So far, I've
tried "pwcheck_method: pam" and "pwcheck_method: shadow" with /etc/shadow
set to mode 644 for testing purposes, but authentication has failed so far.
Vincent, you might want to talk with the people who wrap up that package
about not wrapping it up with a /usr/lib/sasl/smtpd.conf file that contains
lines which are going to cause the sasl stuff to abort when someone tries
to turn it on from within postfix. Just a thought... :-)
--Dave
--
David Guntner GEnie: Just say NO!
http://www.akaMail.com/pgpkey/davidg or key server
for PGP Public key
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
