Notes on my postfix + sasldb + tls settings

There’s a great “how to” here.

Some of the key things that I always forget about my setup that haunt me later:

  • I’m using sasldb2 (in /etc/sasldb2 )
  • When using sasldb — saslauthd daemon DOES NOT RUN. The simple DB file replaces the need for it.
  • The realm I’m using in sasldb2 passwords is ‘mail.foobert.com’
  • Thus, add a password is to the db:

saslpasswd2 -c -u `mail.foobert.com` username

Create /etc/sasl2/smtpd.conf

pwcheck_method: auxprop
auxprop_plugin: sasldb
mech_list: PLAIN LOGIN

Also, when setting up a new Centos or Redhat box, smtpd.conf is looked for in /usr/lib/sasl2/ and not in /etc/sasl2/smptd.conf where some of the “how-to’s” like to mention. Thus, on my machines, I made a soft-linked to the etc version. Before realizing this, I was seriously befuddled by the following error.

Nov 27 16:02:42 pluto postfix/smtpd[20307]: TLS connection established from unknown[166.205.134.32]: TLSv1 with cipher AES128-SHA (128/128 bits)
Nov 27 16:02:43 pluto postfix/smtpd[20307]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Nov 27 16:02:43 pluto postfix/smtpd[20307]: warning: SASL authentication failure: Password verification failed
Nov 27 16:02:43 pluto postfix/smtpd[20307]: warning: unknown[166.205.134.32]: SASL PLAIN authentication failed: generic failure
Nov 27 16:02:43 pluto postfix/smtpd[20307]: lost connection after AUTH from unknown[166.205.134.32]
Nov 27 16:02:43 pluto postfix/smtpd[20307]: disconnect from unknown[166.205.134.32]

1 comment to Notes on my postfix + sasldb + tls settings

  • Leo Butler

    I have found all of the miscellaneous authentication methods (pam, sasl, ldap, etc.) to be confusing. It would be great if there was a book written that went into the historical aspects of the various methods, their strengths, weaknesses and limitations. I have certainly never ended up with any reasonable “grand unification” method implemented.

Leave a Reply

 

 

 

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>