Hi, Figured out that the problem was I did not completely fill out the /etc/postfix/sasl/smtpd.conf file. I only had:
saslauthd_path: /var/run/saslauthd/mux I needed to have: saslauthd_path: /var/run/saslauthd/mux pwcheck_method: saslauthd mech_list: LOGIN PLAIN works like a charm now. cheers, ski On 2/21/19 11:57 AM, Ski Kacoroski wrote: > Thanks for all the replies. This for an internal relay only with access > from a limited set of IPs so I am not concerned about security. And > yes, I blew on on the encrypted password - should have just **** out the > entire thing. I am using port 465 just as an alternate port to 25 for > only the problem HVAC systems so I am not using it in the default manner > with encryption which is why I do not have o smtpd_tls_wrappermode=yes set. > > I still have the problem though, that sasl is working fine via > testsaslauthd, but I cannot get it to work with postfix. > > Does anyone have ideas on how to debug the postfix - sasl interface (I > am using cyrus sasl). > > cheers, > > ski > > On 2/21/19 1:26 AM, Matus UHLAR - fantomas wrote: >> On 20.02.19 15:34, Ski Kacoroski wrote: >>> I have installed the sasl packages and configured sasl so testsaslauthd >>> works perfectly with the ldap backend. I then set up postfix to have >>> this on port 465 in master.cf: >>> >>> smtps inet n - n - - smtpd -v >>> -o syslog_name=postfix/smtps >>> -o smtpd_sasl_auth_enable=yes >> >> port 465 should be implicitly encrypted. The defailt master.cf contains >> "-o smtpd_tls_wrappermode=yes" option to >> achieve this. >> testing should be done by calling >> >> openssl s_client -connect localhost:465 -crlf >> >> instead of telnet. >> >> note that port 465 default options contain also another options: >> "-o smtpd_client_restrictions=permit_sasl_authenticated,reject" >> >> that should be used there. >> >> > -- "When we try to pick out anything by itself, we find it connected to the entire universe" John Muir Chris "Ski" Kacoroski, kacoro...@gmail.com, 206-501-9803
