Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Gentoo: Security

Fwd: Re: postfix and SASL

 

 

Gentoo security RSS feed   Index | Next | Previous | View Threaded


jstrusz at oxpub

Oct 5, 2005, 6:23 AM

Post #1 of 4 (1051 views)
Permalink
Fwd: Re: postfix and SASL

OK, well i disabled the smtpd_tl_auth_only line.

And now whenever i try to connect via say outlook express on a client
machine...

I check the box that says, "my outgoing server requires
authentication", and i do get the password prompt, however whichever
login/password i try to use it gets rejected, over and over and over again...


any suggestions?

>X-Original-To: jstrusz [at] oxpub
>Delivered-To: jstrusz [at] oxpub
>Delivered-To: <gentoo-security [at] lists>
>Date: Wed, 5 Oct 2005 15:15:22 +0200 (CEST)
>Subject: Re: [gentoo-security] postfix and SASL
>From: "Joerg Mertin" <smurphy [at] solsys>
>To: gentoo-security [at] lists
>User-Agent: SquirrelMail/1.4.4
>List-Post: <mailto:gentoo-security [at] lists>
>List-Help: <mailto:gentoo-security+help [at] gentoo>
>List-Unsubscribe: <mailto:gentoo-security+unsubscribe [at] gentoo>
>List-Subscribe: <mailto:gentoo-security+subscribe [at] gentoo>
>List-Id: Gentoo Linux mail <gentoo-security.gentoo.org>
>X-BeenThere: gentoo-security [at] gentoo
>Reply-To: gentoo-security [at] lists
>X-Virus-Scanned: ClamAV scanned @ Stargate
>X-MIME-Autoconverted: from quoted-printable to 8bit by
>robin.gentoo.org id j95D76GO003964
>X-Virus-Scanned: This message was scanned for viruses by ClamAV.
>X-Spam-Status: No, hits=-2.599 tagged_above=-100 required=6.5 tests=BAYES_00
>X-Spam-Level:
>
>OK - as this seem to be quite difficutl for many - here my configuration
>of postfix - TLS and SASL parts only:
>
>## TLS
># Transport Layer Security
>#
>smtpd_use_tls = yes
>smtpd_tls_auth_only = yes
>smtpd_tls_key_file = /etc/ssl/postfix/stargate.solsys.org.key
>smtpd_tls_cert_file = /etc/ssl/postfix/stargate.solsys.org.crt
>smtpd_tls_CAfile = /etc/ssl/postfix/stargate.solsys.org.pem
>smtpd_tls_loglevel = 3
>smtpd_tls_received_header = yes
>smtpd_tls_session_cache_timeout = 3600s
>tls_random_source = dev:/dev/urandom
>
># SASL SUPPORT FOR CLIENTS
>#
># The following options set parameters needed by Postfix to enable
># Cyrus-SASL support for authentication of mail clients.
>#
>broken_sasl_auth_clients = yes
>smtpd_sasl_auth_enable = yes
>smtpd_sasl_security_options = noanonymous
>smtpd_data_restrictions = reject_unauth_pipelining
>smtpd_sasl_local_domain =
>
>
>This setup works here for 2 Years ...
>Cheers
>
>Joerg
>
>
><quote who="Joe Strusz">
> > Whenever i telnet to port 25, and issue the AUTH PLAIN command i receive
> > this:
> >
> > 538: Encryption required for requested authentication mechanism.
> >
> > What does this mean?
> >
> > I could really use some help on this... its been bugging me for weeks now.
> >
> > Also, I do have smtpd_tls_auth_only = yes line
> >
> >
> > Please help
> >
> > blargh.
> >
> > Your fellow befumbled gentoo user.
> >
> >
> >
> >>X-Original-To: jstrusz [at] oxpub
> >>Delivered-To: jstrusz [at] oxpub
> >>Delivered-To: <gentoo-security [at] lists>
> >>Date: Wed, 05 Oct 2005 12:36:01 +0100
> >>From: Jonathan Wright <mail [at] djnauk>
> >>User-Agent: Mozilla Thunderbird 1.0.6 (X11/20050822)
> >>X-Accept-Language: en-us, en
> >>List-Post: <mailto:gentoo-security [at] lists>
> >>List-Help: <mailto:gentoo-security+help [at] gentoo>
> >>List-Unsubscribe: <mailto:gentoo-security+unsubscribe [at] gentoo>
> >>List-Subscribe: <mailto:gentoo-security+subscribe [at] gentoo>
> >>List-Id: Gentoo Linux mail <gentoo-security.gentoo.org>
> >>X-BeenThere: gentoo-security [at] gentoo
> >>Reply-To: gentoo-security [at] lists
> >>To: gentoo-security [at] lists
> >>Subject: Re: [gentoo-security] postfix and SASL
> >>X-Virus-Scanned: This message was scanned for viruses by ClamAV.
> >>X-Spam-Status: No, hits=-2.599 tagged_above=-100 required=6.5
> >> tests=BAYES_00
> >>X-Spam-Level:
> >>
> >>Benjamin A'Lee wrote:
> >>>>Not sure but: why on port 25 and not on 465 ?
> >>>I don't think it actually matters which port; IIRC it just enables
> >>>STARTTLS by default on 465.
> >>
> >>Port 465 is for SSL (i.e. secure communication before any
> >>application data is transferred) and Port 25 accepts TLS (where the
> >>data is secured once both parties accept, however, application data
> >>transfer has occurred).
> >>
> >>Anyway, with telnet you can't talk on port 465 :)
> >>
> >> > I have confirmed postfix is indeed compiled with SASL support. And i
> >> > have TLS working great. However when i telnet to port 25 and issue
> >> the
> >> > ehlo command, i do receive the starttls etc... yet no AUTH PLAIN
> >> > lines...
> >>
> >>Depending on the configuration, AUTH PLAIN can either be disabled,
> >>or more likely, it's only send should STARTTLS be issued. I have the
> >>following lines in my main.cf:
> >>
> >>-- cut -----------------------------------------
> >># SMTPD SERVER CONTROLS
> >>smtpd_sasl_auth_enable = yes
> >>smtpd_sasl_security_options = noanonymous, noplaintext
> >>broken_sasl_auth_clients = yes
> >>smtpd_sasl_local_domain =
> >>smtpd_recipient_restrictions = permit_sasl_authenticated,
> >>permit_mynetworks, reject_unauth_destination
> >>
> >>smtpd_use_tls = yes
> >>smtpd_tls_auth_only = yes
> >>smtpd_tls_key_file = /etc/postfix/cacert/kenny.key
> >>smtpd_tls_cert_file = /etc/postfix/cacert/kenny.pem
> >>smtpd_tls_CAfile = /etc/postfix/cacert/cacert.pem
> >>smtpd_tls_loglevel = 1
> >>smtpd_tls_received_header = yes
> >>smtpd_tls_session_cache_timeout = 3600s
> >>tls_random_source = dev:/dev/urandom
> >>-- cut -----------------------------------------
> >>
> >>TLS is enabled, but smtpd_tls_auth_only will only permit
> >>authorization from clients who have issued (and successfully
> >>negotiated) the STARTTLS comment.
> >>
> >>Also, you can define what methods Postfix accepts by modifying the
> >>smtp_sasl_security_options directive.
> >>
> >>HTH,
> >>
> >>--
> >> Jonathan Wright ~ mail at djnauk.co.uk
> >> ~ www.djnauk.co.uk
> >>--
> >> 2.6.12-gentoo-r6-djnauk-b2 AMD Athlon(tm) XP 2100+
> >> up 5 days, 3:02, 4 users, load average: 0.72, 0.97, 0.71
> >>--
> >> "I don't mind straight people as long as they act gay in
> >> public."
> >>
> >> ~ T-shirt worn by Dennis Rodman of the Chicago Bulls
> >>--
> >>gentoo-security [at] gentoo mailing list
> >
> >
> > Joe Strusz
> >
> > IT Assistant
> > Oxford Publishing, Inc.
> > 307 West Jackson Avenue
> > Oxford, MS 38655-2154
> > 800-247-3881
> > 662-236-5510x40
> > jstrusz [at] oxpub
> > http://www.nightclub.com
> >
> >
> > --
> > gentoo-security [at] gentoo mailing list
> >
> >
>
>
>--
>------------------------------------------------------------------------
>| Joerg Mertin : smurphy [at] solsys (Home)|
>| in Forchheim/Germany : smurphy [at] linux (Alt1)|
>| Stardust's LiNUX System : |
>| Web: http://www.solsys.org |
>------------------------------------------------------------------------
>PGP Fingerprint: AF0F FB75 997B 025F 4538 5AD6 9888 5D97 170B 8B7A
>
>
>
>--
>gentoo-security [at] gentoo mailing list


Joe Strusz

IT Assistant
Oxford Publishing, Inc.
307 West Jackson Avenue
Oxford, MS 38655-2154
800-247-3881
662-236-5510x40
jstrusz [at] oxpub
http://www.nightclub.com


--
gentoo-security [at] gentoo mailing list


smurphy at solsys

Oct 5, 2005, 6:37 AM

Post #2 of 4 (998 views)
Permalink
Re: Fwd: Re: postfix and SASL [In reply to]

I bet it has something to do with your sasl configuration.
Had that back in time too... Check it is working.
I have linked the saslauth to pam/ldap - so I can have local and remote
users going in... Took me some time to figure this out.
It's too long ago for me to remember details - but that's where I would
look if I were you...
Check your logs mail/sytem and auth for hints.

Cheers

Joerg

<quote who="Joe Strusz">
> OK, well i disabled the smtpd_tl_auth_only line.
>
> And now whenever i try to connect via say outlook express on a client
> machine...
>
> I check the box that says, "my outgoing server requires
> authentication", and i do get the password prompt, however whichever
> login/password i try to use it gets rejected, over and over and over
> again...
>
>
> any suggestions?
>
>>X-Original-To: jstrusz [at] oxpub
>>Delivered-To: jstrusz [at] oxpub
>>Delivered-To: <gentoo-security [at] lists>
>>Date: Wed, 5 Oct 2005 15:15:22 +0200 (CEST)
>>Subject: Re: [gentoo-security] postfix and SASL
>>From: "Joerg Mertin" <smurphy [at] solsys>
>>To: gentoo-security [at] lists
>>User-Agent: SquirrelMail/1.4.4
>>List-Post: <mailto:gentoo-security [at] lists>
>>List-Help: <mailto:gentoo-security+help [at] gentoo>
>>List-Unsubscribe: <mailto:gentoo-security+unsubscribe [at] gentoo>
>>List-Subscribe: <mailto:gentoo-security+subscribe [at] gentoo>
>>List-Id: Gentoo Linux mail <gentoo-security.gentoo.org>
>>X-BeenThere: gentoo-security [at] gentoo
>>Reply-To: gentoo-security [at] lists
>>X-Virus-Scanned: ClamAV scanned @ Stargate
>>X-MIME-Autoconverted: from quoted-printable to 8bit by
>>robin.gentoo.org id j95D76GO003964
>>X-Virus-Scanned: This message was scanned for viruses by ClamAV.
>>X-Spam-Status: No, hits=-2.599 tagged_above=-100 required=6.5
>> tests=BAYES_00
>>X-Spam-Level:
>>
>>OK - as this seem to be quite difficutl for many - here my configuration
>>of postfix - TLS and SASL parts only:
>>
>>## TLS
>># Transport Layer Security
>>#
>>smtpd_use_tls = yes
>>smtpd_tls_auth_only = yes
>>smtpd_tls_key_file = /etc/ssl/postfix/stargate.solsys.org.key
>>smtpd_tls_cert_file = /etc/ssl/postfix/stargate.solsys.org.crt
>>smtpd_tls_CAfile = /etc/ssl/postfix/stargate.solsys.org.pem
>>smtpd_tls_loglevel = 3
>>smtpd_tls_received_header = yes
>>smtpd_tls_session_cache_timeout = 3600s
>>tls_random_source = dev:/dev/urandom
>>
>># SASL SUPPORT FOR CLIENTS
>>#
>># The following options set parameters needed by Postfix to enable
>># Cyrus-SASL support for authentication of mail clients.
>>#
>>broken_sasl_auth_clients = yes
>>smtpd_sasl_auth_enable = yes
>>smtpd_sasl_security_options = noanonymous
>>smtpd_data_restrictions = reject_unauth_pipelining
>>smtpd_sasl_local_domain =
>>
>>
>>This setup works here for 2 Years ...
>>Cheers
>>
>>Joerg
>>
>>
>><quote who="Joe Strusz">
>> > Whenever i telnet to port 25, and issue the AUTH PLAIN command i
>> receive
>> > this:
>> >
>> > 538: Encryption required for requested authentication mechanism.
>> >
>> > What does this mean?
>> >
>> > I could really use some help on this... its been bugging me for weeks
>> now.
>> >
>> > Also, I do have smtpd_tls_auth_only = yes line
>> >
>> >
>> > Please help
>> >
>> > blargh.
>> >
>> > Your fellow befumbled gentoo user.
>> >
>> >
>> >
>> >>X-Original-To: jstrusz [at] oxpub
>> >>Delivered-To: jstrusz [at] oxpub
>> >>Delivered-To: <gentoo-security [at] lists>
>> >>Date: Wed, 05 Oct 2005 12:36:01 +0100
>> >>From: Jonathan Wright <mail [at] djnauk>
>> >>User-Agent: Mozilla Thunderbird 1.0.6 (X11/20050822)
>> >>X-Accept-Language: en-us, en
>> >>List-Post: <mailto:gentoo-security [at] lists>
>> >>List-Help: <mailto:gentoo-security+help [at] gentoo>
>> >>List-Unsubscribe: <mailto:gentoo-security+unsubscribe [at] gentoo>
>> >>List-Subscribe: <mailto:gentoo-security+subscribe [at] gentoo>
>> >>List-Id: Gentoo Linux mail <gentoo-security.gentoo.org>
>> >>X-BeenThere: gentoo-security [at] gentoo
>> >>Reply-To: gentoo-security [at] lists
>> >>To: gentoo-security [at] lists
>> >>Subject: Re: [gentoo-security] postfix and SASL
>> >>X-Virus-Scanned: This message was scanned for viruses by ClamAV.
>> >>X-Spam-Status: No, hits=-2.599 tagged_above=-100 required=6.5
>> >> tests=BAYES_00
>> >>X-Spam-Level:
>> >>
>> >>Benjamin A'Lee wrote:
>> >>>>Not sure but: why on port 25 and not on 465 ?
>> >>>I don't think it actually matters which port; IIRC it just enables
>> >>>STARTTLS by default on 465.
>> >>
>> >>Port 465 is for SSL (i.e. secure communication before any
>> >>application data is transferred) and Port 25 accepts TLS (where the
>> >>data is secured once both parties accept, however, application data
>> >>transfer has occurred).
>> >>
>> >>Anyway, with telnet you can't talk on port 465 :)
>> >>
>> >> > I have confirmed postfix is indeed compiled with SASL support. And
>> i
>> >> > have TLS working great. However when i telnet to port 25 and issue
>> >> the
>> >> > ehlo command, i do receive the starttls etc... yet no AUTH PLAIN
>> >> > lines...
>> >>
>> >>Depending on the configuration, AUTH PLAIN can either be disabled,
>> >>or more likely, it's only send should STARTTLS be issued. I have the
>> >>following lines in my main.cf:
>> >>
>> >>-- cut -----------------------------------------
>> >># SMTPD SERVER CONTROLS
>> >>smtpd_sasl_auth_enable = yes
>> >>smtpd_sasl_security_options = noanonymous, noplaintext
>> >>broken_sasl_auth_clients = yes
>> >>smtpd_sasl_local_domain =
>> >>smtpd_recipient_restrictions = permit_sasl_authenticated,
>> >>permit_mynetworks, reject_unauth_destination
>> >>
>> >>smtpd_use_tls = yes
>> >>smtpd_tls_auth_only = yes
>> >>smtpd_tls_key_file = /etc/postfix/cacert/kenny.key
>> >>smtpd_tls_cert_file = /etc/postfix/cacert/kenny.pem
>> >>smtpd_tls_CAfile = /etc/postfix/cacert/cacert.pem
>> >>smtpd_tls_loglevel = 1
>> >>smtpd_tls_received_header = yes
>> >>smtpd_tls_session_cache_timeout = 3600s
>> >>tls_random_source = dev:/dev/urandom
>> >>-- cut -----------------------------------------
>> >>
>> >>TLS is enabled, but smtpd_tls_auth_only will only permit
>> >>authorization from clients who have issued (and successfully
>> >>negotiated) the STARTTLS comment.
>> >>
>> >>Also, you can define what methods Postfix accepts by modifying the
>> >>smtp_sasl_security_options directive.
>> >>
>> >>HTH,
>> >>
>> >>--
>> >> Jonathan Wright ~ mail at djnauk.co.uk
>> >> ~ www.djnauk.co.uk
>> >>--
>> >> 2.6.12-gentoo-r6-djnauk-b2 AMD Athlon(tm) XP 2100+
>> >> up 5 days, 3:02, 4 users, load average: 0.72, 0.97, 0.71
>> >>--
>> >> "I don't mind straight people as long as they act gay in
>> >> public."
>> >>
>> >> ~ T-shirt worn by Dennis Rodman of the Chicago Bulls
>> >>--
>> >>gentoo-security [at] gentoo mailing list
>> >
>> >
>> > Joe Strusz
>> >
>> > IT Assistant
>> > Oxford Publishing, Inc.
>> > 307 West Jackson Avenue
>> > Oxford, MS 38655-2154
>> > 800-247-3881
>> > 662-236-5510x40
>> > jstrusz [at] oxpub
>> > http://www.nightclub.com
>> >
>> >
>> > --
>> > gentoo-security [at] gentoo mailing list
>> >
>> >
>>
>>
>>--
>>------------------------------------------------------------------------
>>| Joerg Mertin : smurphy [at] solsys (Home)|
>>| in Forchheim/Germany : smurphy [at] linux (Alt1)|
>>| Stardust's LiNUX System : |
>>| Web: http://www.solsys.org |
>>------------------------------------------------------------------------
>>PGP Fingerprint: AF0F FB75 997B 025F 4538 5AD6 9888 5D97 170B 8B7A
>>
>>
>>
>>--
>>gentoo-security [at] gentoo mailing list
>
>
> Joe Strusz
>
> IT Assistant
> Oxford Publishing, Inc.
> 307 West Jackson Avenue
> Oxford, MS 38655-2154
> 800-247-3881
> 662-236-5510x40
> jstrusz [at] oxpub
> http://www.nightclub.com
>
>
> --
> gentoo-security [at] gentoo mailing list
>
>


--
------------------------------------------------------------------------
| Joerg Mertin : smurphy [at] solsys (Home)|
| in Forchheim/Germany : smurphy [at] linux (Alt1)|
| Stardust's LiNUX System : |
| Web: http://www.solsys.org |
------------------------------------------------------------------------
PGP Fingerprint: AF0F FB75 997B 025F 4538 5AD6 9888 5D97 170B 8B7A



--
gentoo-security [at] gentoo mailing list


mail at djnauk

Oct 5, 2005, 6:41 AM

Post #3 of 4 (999 views)
Permalink
Re: Fwd: Re: postfix and SASL [In reply to]

Joe Strusz wrote:
> OK, well i disabled the smtpd_tl_auth_only line.
>
> And now whenever i try to connect via say outlook express on a client
> machine...
>
> I check the box that says, "my outgoing server requires authentication",
> and i do get the password prompt, however whichever login/password i try
> to use it gets rejected, over and over and over again...
>
> any suggestions?

SASL doesn't use system authentication (such as PAM/LDAP) by default. It
uses it's own password database (similar to the way samba works).

Make sure that you run:

saslpasswd2 -c <username>

to add the user (and their password) to the SASL authentication database.

--
Jonathan Wright ~ mail at djnauk.co.uk
~ www.djnauk.co.uk
--
2.6.12-gentoo-r6-djnauk-b2 AMD Athlon(tm) XP 2100+
up 5 days, 5:17, 4 users, load average: 0.47, 0.32, 0.29
--
"The world is not divided into sheeps and goats. Not all things
are black nor all things white. It is a fundamental of taxonomy
that nature rarely deals with discrete categories. Only the
human mind invents categories and tries to force facts into
separated pigeon-holes."

"The living world is a continuum in each and every one of its
aspects. The sooner we learn this concerning sexual behavior the
sooner we shall reach a sound understanding of the realities of
sex."

~ Alfred Kinsey, Sexual Behavior in the Human Male, 1948
--
gentoo-security [at] gentoo mailing list


jstrusz at oxpub

Oct 5, 2005, 7:38 AM

Post #4 of 4 (997 views)
Permalink
Fwd: Re: postfix and SASL [In reply to]

What the hell? >> /etc/sysconfig ???


Anyways.. i have those option set in /etc/conf.d/saslauthd and
/etc/sasl2/smtpd.conf


still no go

keeps popping up the damn box

ill keep pulling my hair out until this is working... youd think this
problem would be documented... somewhere

again, i've scavenged the forums, over and over again, and even
googled... im about to say the hell with it, and just make it a damn
open relay.


>X-Original-To: jstrusz [at] oxpub
>Delivered-To: jstrusz [at] oxpub
>Delivered-To: <gentoo-security [at] lists>
>Date: Wed, 5 Oct 2005 16:32:03 +0200 (CEST)
>Subject: Re: [gentoo-security] postfix and SASL
>From: "Joerg Mertin" <smurphy [at] solsys>
>To: gentoo-security [at] lists
>User-Agent: SquirrelMail/1.4.4
>List-Post: <mailto:gentoo-security [at] lists>
>List-Help: <mailto:gentoo-security+help [at] gentoo>
>List-Unsubscribe: <mailto:gentoo-security+unsubscribe [at] gentoo>
>List-Subscribe: <mailto:gentoo-security+subscribe [at] gentoo>
>List-Id: Gentoo Linux mail <gentoo-security.gentoo.org>
>X-BeenThere: gentoo-security [at] gentoo
>Reply-To: gentoo-security [at] lists
>X-Virus-Scanned: ClamAV scanned @ Stargate
>X-MIME-Autoconverted: from quoted-printable to 8bit by
>robin.gentoo.org id j95ENo1G014303
>X-Virus-Scanned: This message was scanned for viruses by ClamAV.
>X-Spam-Status: No, hits=-2.599 tagged_above=-100 required=6.5 tests=AWL,
> BAYES_00
>X-Spam-Level:
>
>Hmmm, mine loos like this:
>$ cat cat /etc/postfix/sasl/smtpd.conf
>pwcheck_method: saslauthd
>mech_list: plain login
>
>also -
>$ cat /etc/sysconfig/saslauthd
># $Id: saslauthd.sysconfig,v 1.1 2001/05/02 10:55:48 wiget Exp $
># Authentications mechanism (for list see saslauthd -v)
>SASL_AUTHMECH=pam
>
># Hostname for remote IMAP server (if rimap auth mech is used)
># Ldap configuration file (if ldap auth mech is used)
>SASL_MECH_OPTIONS=
>
># Extra options (for list see saslauthd -h)
>SASLAUTHD_OPTS=
>
>I remember having had a glithc with some named-pipe files - e.g.
>communication between postfix and saslauthd using different paths for
>communication.
>
>
><quote who="Joe Strusz">
> > How would i go about clearing out all the SASL config files, and
> > reemerging it?
> >
> > I tried deleted the /etc/sasl2/smtpd.conf
> >
> > then i ran emerge -C cyrus-sasl; emerge cyrus-sasl
> >
> > yet it didn't replace any config files...
> >
> >
> >
> >>X-Original-To: jstrusz [at] oxpub
> >>Delivered-To: jstrusz [at] oxpub
> >>Delivered-To: <gentoo-security [at] lists>
> >>X-Mailer: QUALCOMM Windows Eudora Version 6.2.3.4
> >>Date: Wed, 05 Oct 2005 09:05:33 -0500
> >>To: gentoo-security [at] lists
> >>From: Joe Strusz <jstrusz [at] oxpub>
> >>Subject: Fwd: Re: Fwd: Re: [gentoo-security] postfix and SASL
> >>List-Post: <mailto:gentoo-security [at] lists>
> >>List-Help: <mailto:gentoo-security+help [at] gentoo>
> >>List-Unsubscribe: <mailto:gentoo-security+unsubscribe [at] gentoo>
> >>List-Subscribe: <mailto:gentoo-security+subscribe [at] gentoo>
> >>List-Id: Gentoo Linux mail <gentoo-security.gentoo.org>
> >>X-BeenThere: gentoo-security [at] gentoo
> >>Reply-To: gentoo-security [at] lists
> >>X-Virus-Scanned: This message was scanned for viruses by ClamAV.
> >>X-Virus-Scanned: This message was scanned for viruses by ClamAV.
> >>X-Spam-Status: No, hits=-1.973 tagged_above=-100 required=6.5 tests=AWL,
> >> BAYES_00, RCVD_IN_NJABL_RELAY
> >>X-Spam-Level:
> >>
> >>I ran the saslpasswd2 -c <username> command to no avail... im still
> >>receiving the blasted password prompt.
> >>
> >>I know that sasl uses sasldb2 by default, but i swear i changed that to
> >> pam.
> >>
> >>
> >>>X-Original-To: jstrusz [at] oxpub
> >>>Delivered-To: jstrusz [at] oxpub
> >>>Delivered-To: <gentoo-security [at] lists>
> >>>Date: Wed, 05 Oct 2005 14:41:51 +0100
> >>>From: Jonathan Wright <mail [at] djnauk>
> >>>User-Agent: Mozilla Thunderbird 1.0.6 (X11/20050822)
> >>>X-Accept-Language: en-us, en
> >>>List-Post: <mailto:gentoo-security [at] lists>
> >>>List-Help: <mailto:gentoo-security+help [at] gentoo>
> >>>List-Unsubscribe: <mailto:gentoo-security+unsubscribe [at] gentoo>
> >>>List-Subscribe: <mailto:gentoo-security+subscribe [at] gentoo>
> >>>List-Id: Gentoo Linux mail <gentoo-security.gentoo.org>
> >>>X-BeenThere: gentoo-security [at] gentoo
> >>>Reply-To: gentoo-security [at] lists
> >>>To: gentoo-security [at] lists
> >>>Subject: Re: Fwd: Re: [gentoo-security] postfix and SASL
> >>>X-Virus-Scanned: This message was scanned for viruses by ClamAV.
> >>>X-Spam-Status: No, hits=-2.599 tagged_above=-100 required=6.5
> >>> tests=BAYES_00
> >>>X-Spam-Level:
> >>>
> >>>Joe Strusz wrote:
> >>>>OK, well i disabled the smtpd_tl_auth_only line.
> >>>>And now whenever i try to connect via say outlook express on a
> >>>>client machine...
> >>>>I check the box that says, "my outgoing server requires
> >>>>authentication", and i do get the password prompt, however
> >>>>whichever login/password i try to use it gets rejected, over and
> >>>>over and over again...
> >>>>any suggestions?
> >>>
> >>>SASL doesn't use system authentication (such as PAM/LDAP) by
> >>>default. It uses it's own password database (similar to the way samba
> >>> works).
> >>>
> >>>Make sure that you run:
> >>>
> >>>saslpasswd2 -c <username>
> >>>
> >>>to add the user (and their password) to the SASL authentication
> >>> database.
> >>>
> >>>--
> >>> Jonathan Wright ~ mail at djnauk.co.uk
> >>> ~ www.djnauk.co.uk
> >>>--
> >>> 2.6.12-gentoo-r6-djnauk-b2 AMD Athlon(tm) XP 2100+
> >>> up 5 days, 5:17, 4 users, load average: 0.47, 0.32, 0.29
> >>>--
> >>> "The world is not divided into sheeps and goats. Not all things
> >>> are black nor all things white. It is a fundamental of taxonomy
> >>> that nature rarely deals with discrete categories. Only the
> >>> human mind invents categories and tries to force facts into
> >>> separated pigeon-holes."
> >>>
> >>> "The living world is a continuum in each and every one of its
> >>> aspects. The sooner we learn this concerning sexual behavior the
> >>> sooner we shall reach a sound understanding of the realities of
> >>> sex."
> >>>
> >>> ~ Alfred Kinsey, Sexual Behavior in the Human Male, 1948
> >>>--
> >>>gentoo-security [at] gentoo mailing list
> >>
> >>
> >>Joe Strusz
> >>
> >>IT Assistant
> >>Oxford Publishing, Inc.
> >>307 West Jackson Avenue
> >>Oxford, MS 38655-2154
> >>800-247-3881
> >>662-236-5510x40
> >>jstrusz [at] oxpub
> >>http://www.nightclub.com
> >>
> >>
> >>--
> >>gentoo-security [at] gentoo mailing list
> >
> >
> > Joe Strusz
> >
> > IT Assistant
> > Oxford Publishing, Inc.
> > 307 West Jackson Avenue
> > Oxford, MS 38655-2154
> > 800-247-3881
> > 662-236-5510x40
> > jstrusz [at] oxpub
> > http://www.nightclub.com
> >
> >
> > --
> > gentoo-security [at] gentoo mailing list
> >
> >
>
>
>--
>------------------------------------------------------------------------
>| Joerg Mertin : smurphy [at] solsys (Home)|
>| in Forchheim/Germany : smurphy [at] linux (Alt1)|
>| Stardust's LiNUX System : |
>| Web: http://www.solsys.org |
>------------------------------------------------------------------------
>PGP Fingerprint: AF0F FB75 997B 025F 4538 5AD6 9888 5D97 170B 8B7A
>
>
>
>--
>gentoo-security [at] gentoo mailing list


Joe Strusz

IT Assistant
Oxford Publishing, Inc.
307 West Jackson Avenue
Oxford, MS 38655-2154
800-247-3881
662-236-5510x40
jstrusz [at] oxpub
http://www.nightclub.com


--
gentoo-security [at] gentoo mailing list

Gentoo security RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.