DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 5th May 2009
roundkat roundkat is offline
Shell Scout
 
Join Date: May 2008
Posts: 107
Thanked 1 Time in 1 Post
Default Smtp Auth Help needed

Greeetings all..

Overview
- To add smtp auth to my working OpenBSD 4.5 smtp gateway to
relay email (use my server for outbound email) for a friend that has a dynamic ip.
- the smtp gateway currently filters and delivers email to
my internal email /samba server which has been in place for several years.

What I have tried /done
- installed via packages
Code:
* cyrus-sasl-2.1.22p5 RFC 2222 SASL (Simple Authentication and Security Layer)
* postfix-2.5.6p1-sasl2 fast, secure sendmail replacement
- Added to /etc/postfix/main.cf
Code:
#SASL support
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_path = smtpd
smtpd_sasl_security_options = noanonymous
Using the following as guides for configuration
1) http://www.postfix.org/SASL_README.html#server_sasl
2) http://www.posluns.com/guides/postfix_sasltls.html
#2 being OpenBSD specific, based on OpenBSD 3.2

based on #1
/usr/local/lib/sasl2/smtpd.conf
Code:
pwcheck_method: auxprop
auxprop_plugin: saslauthd
mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
Tested with example user
Code:
saslpasswd2 -c -u `postconf -h myhostname` exampleuser
- which created /etc/sasldb2.db
- postfix is chrooted so I copied sasldb2.db to /var/spool/postfix/etc/sasldb2.db
-
- postfix check
- postfix reload

Checked sasl authentication
Code:
root@/etc/postfix#saslauthd -v 
saslauthd 2.1.22
authentication mechanisms: sasldb getpwent kerberos5 rimap
Trials
Manually entered
- ehlo sooner.com
- AUTH PLAIN AGNocmlzAGVuZ2xhbmQ=

used following command to get the correct hash
% perl -MMIME::Base64 -e \
'print encode_base64("\0username\0password");'
Code:
root@/etc/postfix#telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mydomain.com ESMTP Postfix
ehlo sooner.com
250-mydomain.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN DIGEST-MD5 CRAM-MD5
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH PLAIN AGNocmlzAGVuZ2xhbmQ=
535 5.7.8 Error: authentication failed: authentication failure

tail /var/log/maillog

postfix/smtpd[21526]: connect from localhost[127.0.0.1]
postfix/smtpd[21526]: warning: SASL authentication failure: Password verification failed
postfix/smtpd[21526]: warning: localhost[127.0.0.1]: SASL PLAIN authentication failed: authentication failure
postfix/smtpd[21526]: lost connection after AUTH from localhost[127.0.0.1]
After much googling I have not found any recent installations for OpenBSD.

I feel that I am missing something fundamental and ask for some pointers to get this working..

Additionally, will write a guide and post for posterity..
My Solaris guide for Nagios has 3,232 hits to date..

thx
rk
__________________
All posts sent on ReCycled Electrons...

Last edited by roundkat; 5th May 2009 at 04:26 PM.
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Courier IMAP/POP3 can't auth to mysql db revzalot OpenBSD Packages and Ports 5 6th September 2009 05:44 AM
SMTP on non-standard port guitarscn OpenBSD General 7 19th July 2009 12:54 AM
Problem with Postfix and Sasl auth unixbsd OpenBSD General 1 27th April 2009 03:26 AM
Kde4 & other help needed.. Mr-Biscuit FreeBSD General 4 21st September 2008 05:40 PM
Desperate help needed for KDE disappearedng FreeBSD General 12 17th July 2008 05:21 PM


All times are GMT. The time now is 06:00 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick