up at 3
Apr 2, 2012, 7:30 AM
Post #4 of 5
(1105 views)
Permalink
|
|
Re: HELP! Server migration broke SMTP auth (FreeBSD)
[In reply to]
|
|
> On 02/04/2012 7:23, up [at] 3 wrote:
>>
>> To update this...I just found my old patch and the new one...they are the same:
>>
>> qmail-smtpd-auth-0.31
>>
>> In was in the ports source for qmail and also in my home directory on the old
>> server. The problem is not likely this patch, I assume.
>>
>> So is this likely a problem with tcpserver, vpopmail? They both seem to work
>> fine
>> for IMAP/POP...
>>
>>> This is embarrassing...I apologize in advance for this, but I am so fried, I
>>> need
>>> help, despite having been a qmail user since '97 or so.
>>>
>>> I just tried to migrate from a few years-old FreeBSD 7.2 to a new 8.2 server
>>> and I
>>> have all the following working just like on the old one:
>>>
>>> qmail, tcpserver, vpopmail, qmailadmin, dovecot (IMAP only) qmail-pop3d,
>>> squirrelmail.
>>>
>>> POP3 and IMAP auth fine against system passwords as well as vpopmail accounts.
>>> However, SMTP auth does not. Here's the embarrassing part-I cannot remember
>>> which
>>> patch(s) I used to get smtp auth working in the first place.
>>>
>>> In an effort to get things up to date, I leaned heavily on FreeBSD ports this
>>> time, which is supposed to have an SMTP-auth patch with qmail. I simply
>>> selected
>>> "SMTP_AUTH_PATCH" and did a make install. However, vhckpw is failing to
>>> authenticate SMTP. System users fail as follows:
>>>
>>> vchkpw-submission: system password fail user:ip
>>>
>>> vpopmail servers fail as follows:
>>>
>>> vchkpw-submission: system user not found user:ip
>>>
>>> I invoke tcpserver as follows (no SSL in this case):
>>>
>>> /usr/local/bin/tcpserver -c 45 -l 0 -R -H -x/etc/tcp.smtp-auth.cdb -u 82 -g 81
>>> 0
>>> 587 \
>>> /var/qmail/bin/qmail-smtpd server.name /home/vpopmail/bin/vchkpw true&
>>> --------
>>>
>>> # strings /etc/tcp.smtp-auth.cdb
>>> +RBLSMTPD=
>>> +QMAILQUEUE=/var/qmail/bin/qmail-queue
>>>
>>> If somebody familiar with the FreeBSD patches for qmail smtp auth set me in the
>>> right direction, I'd appreciate it!
>>>
>
> Hello,
>
> Did you try to do: telnet localhost 25?
> Do you get the next message "250-AUTH LOGIN CRAM_MD5 PLAIN" or
> "250-AUTH=LOGIN CRAM_MD5 PLAIN"?
>
> In this case, the patch is not applied. I had this problem and I solved
> it with qmail-tls port.
>
I get the same thing on both servers (one works):
EHLO domain.com
250-mail.domain.com
250-AUTH LOGIN CRAM-MD5 PLAIN
250-AUTH=LOGIN CRAM-MD5 PLAIN
250-PIPELINING
250 8BITMIME
Note that I cannot require TLS or SSL on port 587; I have too many users doing
plain auth on it.
Again, this worked with what seems like the same config using slightly older
versions of most of this software. I cannot recall if I had to patch tcpserver
to do SMTP auth as well...
Thanks...
|
