On Tuesday 04 May 2004 01:33 pm, Derek Jennings wrote: > Can anyone offer advice on implementing Sasl authentication with Postfix on > Mdk 10.0
I have that working on mine. > > I have followed the Howto on the Postfix site > (http://postfix.state-of-mind.de/patrick.koetter/smtpauth/ ), and the one > at MandrakeSecure, but am unable to get sasl to authenticate users using > either pam or shadow authentication. I am using sasldb, dedicated SASL for postfix. That way, I don't have to worry about someone cracking a user account simply because they somehow got someone's mail password. > The problem seems to be the username is not being recognised as valid. > A sample error message is :- > May 4 15:57:22 jennings smtp(pam_unix)[6072]: check pass; user unknown > May 4 15:57:22 jennings smtp(pam_unix)[6072]: authentication failure; > logname= uid=0 euid=0 tty= ruser= rhost= > May 4 15:57:25 jennings saslauthd[6072]: DEBUG: auth_pam: pam_authenticate > failed: Authentication failure > May 4 15:57:25 jennings saslauthd[6072]: do_auth : auth failure: > [EMAIL PROTECTED] [service=smtp] > [realm=jennings.homelinux.net] [mech=pam] [reason=PAM auth error] If I recall correctly from my reading, there were some very specific permission issues related to using PAM or Shadow authentication due to Postfix running chrooted and thus not having correct permissions to access the files. My understanding is that you need to cp /etc/shadow into the /var/spool/postfix/etc directory so that it can get to it. PAM requires some other types of tricks, IIRC, although I deemed it a better and easier solution to use dedicated sasldb since not all mail users need to authenticate mail. -- Bryan Phinney Software Test Engineer
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
