On 06/29/2014 02:36 PM, Alex JOST wrote:
> Am 29.06.2014 20:43, schrieb Jerry:
>> Okay, I know I am an idiot, but bear with me. I had a perfectly good
>> Postfix/Dovecot setup working for several years. I never touched it.
>> Then the
>> HD died and I cannot find any of the backups. They would be quite old
>> anyway.
>> So, after fixing the sytem, I installed FreeBSD-10 and the latest
>> versions of
>> Postfix and Dovecot. Now, I cannot get them working together again.
>>
>> Neither SASL or Sender Dependent Relaying is working.
>>
>> When I attempt, as shown below, to send to a "yahoo" address, it does
>> not use
>> the sender dependent relaying or invoke SASL. The message is rejected by
>> "yahoo". It is the same no matter what domain I attempt to send to.
>>
>> Jun 29 14:17:32 scorpio sm-mta[35398]: STARTTLS=server, relay=localhost
>> [127.0.0.1], version=TLSv1/SSLv3, verify=NO, cipher=DHE-RSA-AES128-SHA,
>> bits=128/128 Jun 29 14:17:33 scorpio sm-mta[35398]: s5TIHWZf035398:
>> from=<gerard.seib...@stemnc.org>, size=367, class=0, nrcpts=1,
>> msgid=<20140629141732.58cc7659@scorpio>, proto=ESMTP, daemon=Daemon0,
>> relay=localhost [127.0.0.1] Jun 29 14:17:33 scorpio sm-mta[35400]:
>> STARTTLS=client, relay=mta7.am0.yahoodns.net., version=TLSv1/SSLv3,
>> verify=FAIL, cipher=DHE-RSA-CAMELLIA256-SHA, bits=256/256 Jun 29
>> 14:17:36
>> scorpio sm-mta[35400]: s5TIHWZf035398: to=<ges...@yahoo.com>,
>> delay=00:00:03,
>> xdelay=00:00:03, mailer=esmtp, pri=30367, relay=mta7.am0.yahoodns.net.
>> [98.138.112.37], dsn=2.0.0, stat=Sent (ok dirdel)
>>
>> Now, if I attempt to use port 587, the entire process breaks down.
>>
>> Jun 29 14:15:27 scorpio postfix/submission/smtpd[35390]: connect from
>> localhost[127.0.0.1]
>> Jun 29 14:15:27 scorpio postfix/submission/smtpd[35390]: Anonymous
>> TLS connection established from localhost[127.0.0.1]: TLSv1.2 with
>> cipher DHE-RSA-AES128-SHA (128/128 bits)
>> Jun 29 14:15:27 scorpio postfix/submission/smtpd[35390]: warning:
>> SASL: Connect to smtpd failed: No such file or directory
>> Jun 29 14:15:27 scorpio postfix/submission/smtpd[35390]: fatal: no
>> SASL authentication mechanisms
>> Jun 29 14:15:28 scorpio postfix/master[35382]: warning: process
>> /usr/local/libexec/postfix/smtpd pid 35390 exit status 1
>> Jun 29 14:15:28 scorpio postfix/master[35382]: warning:
>> /usr/local/libexec/postfix/smtpd: bad command startup -- throttling
>> Jun 29 14:17:32 scorpio sm-mta[35398]: STARTTLS=server,
>> relay=localhost [127.0.0.1], version=TLSv1/SSLv3, verify=NO,
>> cipher=DHE-RSA-AES128-SHA, bits=128/128
>> Jun 29 14:17:33 scorpio sm-mta[35398]: s5TIHWZf035398:
>> from=<gerard.seib...@stemnc.org>, size=367, class=0, nrcpts=1,
>> msgid=<20140629141732.58cc7659@scorpio>, proto=ESMTP, daemon=Daemon0,
>> relay=localhost [127.0.0.1]
>> Jun 29 14:17:33 scorpio sm-mta[35400]: STARTTLS=client,
>> relay=mta7.am0.yahoodns.net., version=TLSv1/SSLv3, verify=FAIL,
>> cipher=DHE-RSA-CAMELLIA256-SHA, bits=256/256
>> Jun 29 14:17:36 scorpio sm-mta[35400]: s5TIHWZf035398:
>> to=<ges...@yahoo.com>, delay=00:00:03, xdelay=00:00:03, mailer=esmtp,
>> pri=30367, relay=mta7.am0.yahoodns.net. [98.138.112.37], dsn=2.0.0,
>> stat=Sent (ok dirdel)
>> Jun 29 14:24:48 scorpio postfix/submission/smtpd[35420]: connect from
>> localhost[127.0.0.1]
>> Jun 29 14:24:48 scorpio postfix/submission/smtpd[35420]: warning:
>> SASL: Connect to smtpd failed: No such file or directory
>> Jun 29 14:24:48 scorpio postfix/submission/smtpd[35420]: fatal: no
>> SASL authentication mechanisms
>> Jun 29 14:24:49 scorpio postfix/master[35382]: warning: process
>> /usr/local/libexec/postfix/smtpd pid 35420 exit status 1
>> Jun 29 14:24:49 scorpio postfix/master[35382]: warning:
>> /usr/local/libexec/postfix/smtpd: bad command startup -- throttling
>>
>> -- postconf -fn --
>> authorized_submit_users = !www, static:all
>> broken_sasl_auth_clients = yes
>> canonical_maps = hash:/usr/local/etc/postfix/canonical
>> command_directory = /usr/local/sbin
>> config_directory = /usr/local/etc/postfix
>> daemon_directory = /usr/local/libexec/postfix
>> data_directory = /var/db/postfix
>> debug_peer_level = 2
>> debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd
>> $daemon_directory/$process_name $process_id & sleep 5
>> delay_warning_time = 12h
>> disable_vrfy_command = yes
>> dovecot_destination_recipient_limit = 1
>> enable_long_queue_ids = yes
>> html_directory = /usr/local/share/doc/postfix
>> inet_protocols = ipv4
>> mail_owner = postfix
>> mailq_path = /usr/local/bin/mailq
>> manpage_directory = /usr/local/man
>> message_size_limit = 26214400
>> milter_default_action = accept
>> mydestination =
>> mydomain = seibercom.net
>> myhostname = scorpio.seibercom.net
>> mynetworks_style = subnet
>> myorigin = $mydomain
>> newaliases_path = /usr/local/bin/newaliases
>> queue_directory = /var/spool/postfix
>> readme_directory = /usr/local/share/doc/postfix
>> sample_directory = /usr/local/etc/postfix
>> sender_dependent_relayhost_maps =
>> hash:/usr/local/etc/postfix/sender_relay
>> sendmail_path = /usr/local/sbin/sendmail
>> setgid_group = maildrop
>> smtp_sasl_auth_enable = yes
>> smtp_sasl_password_maps = hash:/usr/local/etc/postfix/sasl_passwd
>> smtp_sasl_security_options = noanonymous
>> smtp_sasl_type = cyrus
>> smtp_sender_dependent_authentication = yes
>> smtp_tls_CAfile = /usr/local/etc/postfix/certs/cacert.pem
>> smtp_tls_CApath = /usr/local/etc/postfix/certs/
>> smtp_tls_note_starttls_offer = yes
>> smtp_tls_policy_maps = hash:/usr/local/etc/postfix/tls_policy
>> smtp_tls_security_level = may
>> smtp_tls_session_cache_database =
>> btree:/var/db/postfix/smtp_tls_session_cache
>> smtpd_authorized_verp_clients = $mynetworks
>> smtpd_client_restrictions = reject_unauth_pipelining
>> permit_sasl_authenticated
>> reject_unknown_client_hostname
>> smtpd_milters = unix:/var/run/clamav/clmilter.sock
>> smtpd_recipient_restrictions = reject_unauth_pipelining
>> permit_sasl_authenticated permit_mynetworks
>> reject_unknown_recipient_domain
>> reject_unauth_destination
>> smtpd_reject_footer = For assistance, please provide the following
>> information
>> in your problem report: time ($localtime), client
>> ($client_address) and
>> server ($server_name).
>> smtpd_sasl_auth_enable = yes
>> smtpd_sasl_authenticated_header = yes
>> smtpd_sasl_local_domain = $myhostname
>> smtpd_sasl_security_options = noanonymous, noplaintext
>> smtpd_sasl_tls_security_options = noanonymous
>> smtpd_sasl_type = dovecot
>> smtpd_tls_CAfile = /usr/local/etc/postfix/certs/cacert.pem
>> smtpd_tls_cert_file = /usr/local/etc/postfix/certs/Postfix-cert.pem
>> smtpd_tls_key_file = /usr/local/etc/postfix/certs/Postfix-key.pem
>> smtpd_tls_received_header = yes
>> smtpd_tls_security_level = may
>> smtpd_tls_session_cache_database =
>> btree:/var/db/postfix/smtpd_tls_session_cache
>> tls_random_source = dev:/dev/urandom
>> transport_maps = hash:/usr/local/etc/postfix/transport
>> unknown_local_recipient_reject_code = 550
>> virtual_gid_maps = static:1002
>> virtual_mailbox_base = /var/mail/vhost
>> virtual_mailbox_domains = seibercom.net
>> virtual_mailbox_maps = hash:/usr/local/etc/postfix/vmailbox
>> virtual_minimum_uid = 100
>> virtual_transport = dovecot
>> virtual_uid_maps = static:1002
>>
>
> Your configuration misses smtpd_sasl_path.
> http://www.postfix.org/SASL_README.html#server_sasl_enable
>
not sure if it matters but you have smtp_sasl_type defined twice once
with cyrus and once with dovecot
