View Single Post
  #5   (View Single Post)  
Old 1st July 2013
Torxed Torxed is offline
Port Guard
 
Join Date: Jul 2013
Location: Sweden
Posts: 10
Default

Ok, so i've managed to get IMAP(courier) and SMTP(postfix) support working with SASL2 but, IMAP reports invalid credentials...

I'm not sure that this parameter is correct `/usr/local/lib/sasl2/smtpd.conf`:
Code:
authdaemond_path: /var/run/courier-auth/
It appears that this is the parameter needed for Courier to work, postfix doesn't rely to heavily on this, it uses `saslauthd_path` for whatever reason (?).

Here's the entire `/usr/local/lib/sasl2/smtpd.conf`:
Code:
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
authdaemond_path: /var/run/courier-auth/
saslauthd_path: /var/run/courier-auth/mux
autotransition:true
log_level: 3
Here's the entire `/etc/courier/authdaemonrc`:
Code:
authmodulelist="authpwd"
authmodulelistorig="authpwd"
daemons=5
authdaemonvar=/var/run/courier-auth
DEBUG_LOGIN=1
DEFAULTOPTIONS=""
LOGGEROPTS=""
And the `/etc/courier/imapd-ssl`:
Code:
SSLPORT=993
SSLADDRESS=0
SSLPIDFILE=/var/run/courier/imapd-ssl.pid
SSLLOGGEROPTS="-name=imapd-ssl"
IMAPDSSLSTART=YES
IMAPDSTARTTLS=NO
IMAP_TLS_REQUIRED=0
COURIERTLS=/usr/local/bin/couriertls
TLS_CERTFILE=/etc/ssl/imapd.pem
TLS_TRUSTCERTS=/etc/ssl/cert.pem
TLS_VERIFYPEER=NONE
MAILDIRPATH=/storage/mail

And this is how i start the whole shebang:
(note: saslauthd is normally started via /etc/rc.d but i unfolded that script for viewers convencience)
Code:
/usr/local/sbin/saslauthd -a getpwent -m /var/run/courier-auth/
/usr/local/sbin/authdaemond start
/usr/local/libexec/imapd.rc start
/usr/local/libexec/imapd-ssl.rc start
/etc/rc.d/postfix start

And this is what the `/var/run/` directory looks like:
Code:
drwxr-x---  2 _courier  _courier    512 Jul  1 14:49 courier
lrwxr-xr-x  1 root      wheel        43 Jul  1 14:47 courier-auth -> /storage/spool/postfix/var/run/courier-auth
and just to be clear, the `/storage/spool/.../courier-auth/`:
Code:
srwxrwxrwx  1 root  _postfix  0 Jul  1 14:49 mux
-rw-------  1 root  _postfix  0 Jul  1 14:49 mux.accept
-rw-r--r--  1 root  _postfix  5 Jul  1 14:49 pid
-rw-------  1 root  _postfix  0 Jul  1 14:49 pid.lock
-rw-------  1 root  _postfix  6 Jul  1 14:49 saslauthd.pid
srwxrwxrwx  1 root  _postfix  0 Jul  1 14:49 socket
And this is what the `/var/log/maillog` says about a authentication with proper credentials:

Code:
Jul  1 15:04:50 HOST imapd-ssl: LOGIN FAILED, method=PLAIN, ip=[::ffff:<ipv4>]
Jul  1 15:04:55 HOST imapd-ssl: LOGIN FAILED, user=anton, ip=[::ffff:<ipv4>]

postfix SMTP works in the sense that the server accepted the authentication and reports back to the client that the mail is in queue.

courier IMAP however does not authenticate as it should (either via SSL or plain IMAP).
Reply With Quote