On Wed, Sep 10, 2014 at 10:46:43PM +0200, giacomo wrote:
> > So you're using Cyrus SASL, but not showing any details of the SASL
> > configuration, available plugins, ...
> >
>
> The configuration of SASL is in /usr/local/lib/sasl2/smtpd.conf
>
> pwcheck_method: saslauthd
> mech_list: PLAIN LOGIN
> #authdaemond_path: /var/sasl2/socket
> authdaemond_path: /var/run/courier-auth/socket
> log_level: 7
The documentation for "authdaemond_path" says:
Path to Courier-IMAP authdaemond's unix socket.
Only applicable when pwcheck_method is set to authdaemond.
So your smtpd.conf can't work as configured.
Is the authdaemond_path correctly specified?
Does the "postfix" user have permission to access the socket?
Is smtpd(8) chrooted?
> > > > AUTH PLAIN AGQubGlzYWlhQGdydXBwb2lzaWwuY29tAGxpc2FpYQ==
> > > > 535 5.7.8 Error: authentication failed: generic failure
> >
> > Avoid posting "AUTH PLAIN" and "AUTH LOGIN" command arguments, they
> > contain reversibly (base64) encoded passwords.
>
> I don't understand this. Please specificy what it mean.
It means that you should not send the data after "AUTH PLAIN " to
a public mailing list. It can be easily decoded to recover your
no longer secret password. For example:
$ echo "AGQubGlzYWlhQGdydXBwb2lzaWwuY29tAGxpc2FpYQ==" |
openssl base64 -A -d |
cat -etv
^@[email protected]^@lisaia
--
Viktor.
