Re: [Dovecot] Problem with Dovecot SASL in Postfix
dovecot: Jul 16 15:36:51 Info: auth(default): client in: AUTH 1 CRAM-MD5service=smtp dovecot: Jul 16 15:36:51 Info: auth(default): client out: CONT 1 PDgyMTc0MTAxNjMzNDQ5MTEuMTE4NDYxODIxMUBtYWlsPg== dovecot: Jul 16 15:36:51 Info: auth(default): client in: CONT 1 Y2hyaXNtQHJ1cmFsdGVjaGluYy5jb20gYzQ0M2QyZTNkZjkxY2I1MGUxOGY5NDU3ZGI2MmUyNWE= dovecot: Jul 16 15:36:51 Info: auth(default): passwd-file([EMAIL PROTECTED]): lookup: user=chrism file=/usr/local/etc/dovecot/ruraltechinc.com/passwd dovecot: Jul 16 15:36:51 Info: auth(default): password([EMAIL PROTECTED]): Credentials: a67a65704086a046b3f2875d1e8daac8cb5c6fd13406507fead30d9bcb1bf82b dovecot: Jul 16 15:36:51 Info: auth(default): client out: OK1 [EMAIL PROTECTED] heres the dovecot logs with auth_debug_passwords = yes it looks like the auth is ok, so its a postfix configuration issue On 7/12/07, Timo Sirainen <[EMAIL PROTECTED]> wrote: On Thu, 2007-07-12 at 10:52 -0500, Chris McMacken wrote: > and to login through SASL I am trying to use the username > [EMAIL PROTECTED] when I use the full email address like this to > login like this I get this output into my postfix log: Postfix's logs aren't very useful. Set auth_debug_passwords=yes in dovecot.conf and look at Dovecot's logs. > Jul 10 18:46:59 mail postfix/smtpd[57343]: connect from unknown[12.244.148.123] > Jul 10 18:46:59 mail postfix/smtpd[57343]: NOQUEUE: reject: RCPT from > unknown[12.244.148.123]: 554 5.7.1 <[EMAIL PROTECTED]>: Relay access > denied; from=<[EMAIL PROTECTED]> to=<[EMAIL PROTECTED]> proto=ESMTP > helo=<[192.168.1.14]> > Jul 10 18:47:00 mail postfix/smtpd[57343]: disconnect from > unknown[12.244.148.123] .. > Jul 10 18:50:36 mail postfix/smtpd[57356]: connect from unknown[12.244.148.123] > Jul 10 18:50:38 mail postfix/smtpd[57356]: warning: > unknown[12.244.148.123]: SASL CRAM-MD5 authentication failed: > PDI3NjU4MTE4NDExMTQzN0BtYWlsPg== If the first session really got authenticated successfully (auth_debug shows that too), then it's a Postfix configuration problem.
Re: [Dovecot] Problem with Dovecot SASL in Postfix
On Thu, 2007-07-12 at 10:52 -0500, Chris McMacken wrote: > and to login through SASL I am trying to use the username > [EMAIL PROTECTED] when I use the full email address like this to > login like this I get this output into my postfix log: Postfix's logs aren't very useful. Set auth_debug_passwords=yes in dovecot.conf and look at Dovecot's logs. > Jul 10 18:46:59 mail postfix/smtpd[57343]: connect from > unknown[12.244.148.123] > Jul 10 18:46:59 mail postfix/smtpd[57343]: NOQUEUE: reject: RCPT from > unknown[12.244.148.123]: 554 5.7.1 <[EMAIL PROTECTED]>: Relay access > denied; from=<[EMAIL PROTECTED]> to=<[EMAIL PROTECTED]> proto=ESMTP > helo=<[192.168.1.14]> > Jul 10 18:47:00 mail postfix/smtpd[57343]: disconnect from > unknown[12.244.148.123] .. > Jul 10 18:50:36 mail postfix/smtpd[57356]: connect from > unknown[12.244.148.123] > Jul 10 18:50:38 mail postfix/smtpd[57356]: warning: > unknown[12.244.148.123]: SASL CRAM-MD5 authentication failed: > PDI3NjU4MTE4NDExMTQzN0BtYWlsPg== If the first session really got authenticated successfully (auth_debug shows that too), then it's a Postfix configuration problem. signature.asc Description: This is a digitally signed message part
[Dovecot] Problem with Dovecot SASL in Postfix
Ok lets try this again...
I'm trying to configure my postfix server to use Dovecot as an SASL
server and running into some problems. My server supports a couple of
domain, I have multiple user/password files for multiple domains to
make the files a little easier to manage. Not sure if this question
should belong in the dovecot mailing list or the postfix one, but here
goes anyway. I have everything configured to use CRAM-MD5
authentication, including my mail client.
Here is the Dovecot -n output:
mail# dovecot -n
# /usr/local/etc/dovecot.conf
log_path: /var/log/dovecot
info_log_path: /var/log/dovecot.info
protocols: imap pop3
ssl_disable: yes
disable_plaintext_auth: no
login_dir: /var/run/dovecot/login
login_executable(default): /usr/local/libexec/dovecot/imap-login
login_executable(imap): /usr/local/libexec/dovecot/imap-login
login_executable(pop3): /usr/local/libexec/dovecot/pop3-login
verbose_proctitle: yes
first_valid_gid: 0
mail_extra_groups: mail
mail_location: maildir:/home/vmail/%d/%n
mail_executable(default): /usr/local/libexec/dovecot/imap
mail_executable(imap): /usr/local/libexec/dovecot/imap
mail_executable(pop3): /usr/local/libexec/dovecot/pop3
mail_plugin_dir(default): /usr/local/lib/dovecot/imap
mail_plugin_dir(imap): /usr/local/lib/dovecot/imap
mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3
imap_client_workarounds(default): delay-newmail outlook-idle
netscape-eoh tb-extra-mailbox-sep
imap_client_workarounds(imap): delay-newmail outlook-idle netscape-eoh
tb-extra-mailbox-sep
imap_client_workarounds(pop3): outlook-idle
pop3_uidl_format(default):
pop3_uidl_format(imap):
pop3_uidl_format(pop3): %08Xu%08Xv
pop3_client_workarounds(default):
pop3_client_workarounds(imap):
pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh
auth default:
mechanisms: plain cram-md5
passdb:
driver: passwd-file
args: /usr/local/etc/dovecot/%d/passwd
userdb:
driver: passwd-file
args: /usr/local/etc/dovecot/%d/passwd
socket:
type: listen
client:
path: /var/spool/postfix/private/auth
mode: 432
user: postfix
group: postfix
master:
heres a sample line from one of the passwd files:
chrism:{CRAM-MD5}a67a65704086a046b3f875d1eaac8cb5c6fd13406507fead30d9bcb1bf82b:1003:1003::/home/vmail/example.com
and to login through SASL I am trying to use the username
[EMAIL PROTECTED] when I use the full email address like this to
login like this I get this output into my postfix log:
Jul 10 18:46:59 mail postfix/smtpd[57343]: connect from unknown[12.244.148.123]
Jul 10 18:46:59 mail postfix/smtpd[57343]: NOQUEUE: reject: RCPT from
unknown[12.244.148.123]: 554 5.7.1 <[EMAIL PROTECTED]>: Relay access
denied; from=<[EMAIL PROTECTED]> to=<[EMAIL PROTECTED]> proto=ESMTP
helo=<[192.168.1.14]>
Jul 10 18:47:00 mail postfix/smtpd[57343]: disconnect from
unknown[12.244.148.123]
(not actually using example.com but I changed it here)
heres my smtpd_recipient_restricitons from postconf
smtpd_recipient_restrictions = permit_mynetworks,
reject_unauth_destination, permit_sasl_authenticated
so when I use the full user name ([EMAIL PROTECTED]) it doesn't
appear to even attempt logging into the sasl server. If I change it to
simply chrism, heres the output:
Jul 10 18:50:36 mail postfix/smtpd[57356]: connect from unknown[12.244.148.123]
Jul 10 18:50:38 mail postfix/smtpd[57356]: warning:
unknown[12.244.148.123]: SASL CRAM-MD5 authentication failed:
PDI3NjU4MTE4NDExMTQzN0BtYWlsPg==
Jul 10 18:50:39 mail postfix/smtpd[57356]: lost connection after AUTH
from unknown[12.244.148.123]
Jul 10 18:50:39 mail postfix/smtpd[57356]: disconnect from
unknown[12.244.148.123]
if I put my user name in as chrism and don't add the @example.com it
tried to login but it can't login.
anyone have any ideas?
Re: [Dovecot] Problem with Dovecot SASL in Postfix
On 7/11/2007, Chris McMacken ([EMAIL PROTECTED]) wrote: Here the auth section of my dovecot conf. Please always only provide dovecot -n output - it eliminates confusion and mistakes (maybe you are editing a config file that dovecot is not using?)... -- Best regards, Charles
[Dovecot] Problem with Dovecot SASL in Postfix
I'm trying to configure my postfix server to use Dovecot as an SASL
server and running into some problems. My server supports a couple of
domain, I have multiple user/password files for multiple domains to
make the files a little easier to manage. Not sure if this question
should belong in the dovecot mailing list or the postfix one, but here
goes anyway. I have everything configured to use CRAM-MD5
authentication, including my mail client.
Here the auth section of my dovecot conf.
auth default {
mechanisms = plain cram-md5
passdb passwd-file {
# Path for passwd-file
args = /usr/local/etc/dovecot/%d/passwd
}
userdb passwd-file {
# Path for passwd-file
args = /usr/local/etc/dovecot/%d/passwd
}
user = root
# It's possible to export the authentication interface to other programs:
socket listen {
client {
# The client socket is generally safe to export to everyone. Typical use
# is to export it to your SMTP server so it can do SMTP AUTH lookups
# using it.
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
group = postfix
}
}
}
heres a sample line from one of the passwd files:
chrism:{CRAM-MD5}a67a65704086a046b3f875d1eaac8cb5c6fd13406507fead30d9bcb1bf82b:1003:1003::/home/vmail/example.com
and to login through SASL I am trying to use the username
[EMAIL PROTECTED] when I use the full email address like this to
login like this I get this output into my postfix log:
Jul 10 18:46:59 mail postfix/smtpd[57343]: connect from unknown[12.244.148.123]
Jul 10 18:46:59 mail postfix/smtpd[57343]: NOQUEUE: reject: RCPT from
unknown[12.244.148.123]: 554 5.7.1 <[EMAIL PROTECTED]>: Relay access
denied; from=<[EMAIL PROTECTED]> to=<[EMAIL PROTECTED]> proto=ESMTP
helo=<[192.168.1.14]>
Jul 10 18:47:00 mail postfix/smtpd[57343]: disconnect from
unknown[12.244.148.123]
(not actually using example.com but I changed it here)
heres my smtpd_recipient_restricitons from postconf
smtpd_recipient_restrictions = permit_mynetworks,
reject_unauth_destination, permit_sasl_authenticated
so when I use the full user name ([EMAIL PROTECTED]) it doesn't
appear to even attempt logging into the sasl server. If I change it to
simply chrism, heres the output:
Jul 10 18:50:36 mail postfix/smtpd[57356]: connect from unknown[12.244.148.123]
Jul 10 18:50:38 mail postfix/smtpd[57356]: warning:
unknown[12.244.148.123]: SASL CRAM-MD5 authentication failed:
PDI3NjU4MTE4NDExMTQzN0BtYWlsPg==
Jul 10 18:50:39 mail postfix/smtpd[57356]: lost connection after AUTH
from unknown[12.244.148.123]
Jul 10 18:50:39 mail postfix/smtpd[57356]: disconnect from
unknown[12.244.148.123]
if I put my user name in as chrism and don't add the @example.com it
tried to login but it can't login.
anyone have any ideas?
