Questions tagged [sasl]
Simple Authentication and Security Layer (SASL) is a framework for authentication and data security in Internet protocols.
265
questions
47
votes
5
answers
51k
views
"No worthy mechs found" when trying to relay email to Gmail using Postfix
I've been trying to configure email to forward to Gmail, using Postfix to relay email to smtp.gmail.com. However, I'm failing to get it to authenticate with smtp.gmail.com, which is a rather vital ...
- 1,271
36
votes
4
answers
111k
views
SASL LOGIN authentication failed: UGFzc3dvcmQ6 - Find the username
First let me state that the mail server is working fine and users can connect and send email.
Basically there is a local web script connecting into the mail server trying to send mail every few ...
- 3,107
35
votes
3
answers
96k
views
POSTFIX fatal: no SASL authentication mechanisms
I am struggling with the error above for more than 5 hours.
I had tried to remove Postfix completely and I had followed the instructions of the next manual and the SASL manual in order to reinstall it....
- 521
31
votes
2
answers
26k
views
What is SASL/GSSAPI?
Numerous times i have met the expression SASL/GSSAPI. I have searched Google many times, but i simply do no understand what it is and how it relate to Kerberos.
Anybody that have a simple explanation ...
NT332
18
votes
2
answers
33k
views
postfix sasl "cannot connect to saslauthd server: No such file or directory"
I try to setup postfix with smtp authentication.
I want to use /etc/shadow as my realm
Unfortunately I get a "generic error" when i try to authenticate
# nc localhost 25
220 mail.foo ESMTP Postfix
...
user97262
16
votes
4
answers
25k
views
Postfix: how to use simple file for SASL authentication?
I'd like to run Postfix on a Debian VPS to send e-mails from my application. The application (running on other VPSes) would connect to Postfix via SMTP. Postfix does not have to handle incoming email; ...
- 411
11
votes
2
answers
31k
views
Postfix error, SASL authentication failed; cannot authenticate to server, no mechanism available
I would like to set up postfix relay to my website hosting SMTP server, from my home server. It's Centos 7, set up using dynamic IP and dynamic DNS. Because of limited space in my hosting site, I ...
- 113
10
votes
2
answers
32k
views
Dovecot SMTPD Sasl auth error: fatal: no SASL authentication mechanisms
I've googled this error and nothing I've read/tried works - anyone know what it is
Error log:
Feb 23 22:35:36 localhost postfix/smtpd[5278]: connect from localhost.localdomain[127.0.0.1]
Feb 23 22:...
- 531
10
votes
3
answers
17k
views
How to get SASL authentication to work with DIGEST-MD5 for OpenLDAP?
I'm setting up OpenLDAP slapd on Ubuntu 14.04 Trusty Tahr. I want certain instances (replication etc.) that aren't users to be able to login via SASL using DIGEST-MD5 mechanism.
Unlike users, they ...
- 595
9
votes
3
answers
8k
views
Can't get SASL auxprop/sasldb working with postfix/Ubuntu 12.04
I have an Ubuntu 8.04LTS system running Postfix 2.5.1. On that system SMTP AUTH runs fine. The contents of
/etc/postfix/sasl/smtpd.conf are:
pwcheck_method: auxprop
auxprop_plugin: sasldb
mech_list: ...
- 655
9
votes
5
answers
14k
views
Postfix "SASL authentication failure: No worthy mechs found" [closed]
Trying to use postfix with smtp to connect to google's smtp. When trying to send mail, I get this error:
Sep 15 14:04:41 zedsaid postfix/smtp[20271]: certificate verification failed for smtp.gmail....
- 727
9
votes
1
answer
4k
views
Postfix + sasl method rimap strips domain name from user
I'm setting up a mail server with Postfix and Courier-IMAP. I'd like to do SMTP authentication with rimap, so that I don't have to maintain two user DB's. The problem I'm having, is that the username ...
- 8,234
9
votes
3
answers
10k
views
Add GSSAPI to OpenLdap in supportedSASLMechanisms
I'm looking how to add the GSSAPI support into my OpenLDAP ?
Current setup
MIT Kerberos V + OpenLDAP
Kerberos bind to openldap
Able to issue kerberos tickets to my users (with kinit exampluser)
Able ...
- 1,193
7
votes
4
answers
24k
views
saslauthd authentication error
My server has developed an expected problem where I am unable to connect from a mail client.
I've looked at the server logs and the only thing that looks to identify a problem are events like the ...
- 643
7
votes
3
answers
16k
views
Postfix: SASL authentication failure: cannot connect to saslauthd server: Permission denied
I had a Postfix/Dovecot server up and running for about a week until I had to reboot it. When I did, things stopped working. I've been up searching for hours to no avail.
IMAP successfully ...
- 155
7
votes
2
answers
2k
views
Postfix deny relay for some virtual users
I'm using Postfix as MTA and relay. Users that wish to send e-mail from a remote system authenticates and Postfix hands that to Dovecot, and this works well. But how can I limit which users can use ...
7
votes
1
answer
3k
views
Postfix warning: SASL: Connect to /var/spool/postfix/private/auth failed: No such file or directory
I have searched, and failed to find an answer and I am out of ideas. I just do not know enough about postfix and dovecot to parse the configs or understand what may be causing this error.
warning: ...
- 71
7
votes
2
answers
6k
views
Svnserve authentication with SASL and normal user accounts
Is it possible to set up svnserve so that it authenticates using the system's users and passwords (e.g. using the /etc/shadow file)? I assume this would be with SASL, but I couldn't find an SASL ...
- 119
7
votes
2
answers
8k
views
Saslauth with ldapdb on debian
I'm trying to get saslauthd working with openldap.
ldapsearch and every service connected to openldap works fine. sasldblistusers2 doesn't work - and ldapwhoami does not work either.
getent passwd ...
- 851
6
votes
4
answers
49k
views
"503 5.5.1 Error: authentication not enabled" when trying to connect to my postfix server remotley
I have the following:
postfix-2.10.1-6.el7.x86_64
cyrus-sasl-lib-2.1.26-17.el7.x86_64
cyrus-sasl-plain-2.1.26-17.el7.x86_64
cyrus-sasl-2.1.26-17.el7.x86_64
my postconf -n is:
alias_database = ...
- 1,968
6
votes
2
answers
20k
views
How to debug SASL authentication via LDAP towards active directory
I am trying to configure SASL running on Centos 6.5 to allow authentication towards the corporate active directory server. The end goal is to authenticate access to some subversion repos which are ...
- 268
6
votes
0
answers
605
views
Low Entropy on Container
I am thinking my entropy level may be low?
$ cat /proc/sys/kernel/random/entropy_avail
I am around 132-178 on average. Pool size is default 4096 (this is a container on a virtualizer by the way).
...
5
votes
1
answer
11k
views
Postfix + SASL = "Relay Access Denied" when sending from outside the network
I have in /etc/postfix/main.cf:
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
and SASL seems to be working:
$ ...
- 1,665
5
votes
3
answers
3k
views
Svn authorizing over sasl+ldap failing after Ubuntu update 10.04 -> 12.04
I have working svnserve solution on Ubuntu 10.04 for authorizing svn users over SASL to Active directory (LDAP, not LDAPDB). Config files are at the bottom.
After upgrading server to 12.04 release, ...
- 151
5
votes
2
answers
33k
views
SASL PLAIN authentication failed: another step is needed in authentication
I have one host (rhea) where I have installed a postfix to relay the emails from my home server (tronics24), which is on a DSL connection.
I have generated self-signed certificates: (on rhea)
touch ...
- 4,470
5
votes
4
answers
12k
views
Can't use EXTERNAL authentication after enabling TLS in ldap-2.4
I used the following LDIF file to activate the TLS support for the LDAP server:
dn: cn=config
changetype: modify
add: olcTLSCipherSuite
olcTLSCipherSuite: NORMAL
-
add: olcTLSCRLCheck
olcTLSCRLCheck:...
- 53
5
votes
2
answers
6k
views
Exim authentication using Dovecot driver
Been following the instructions at the Dovecot Wiki for setting up Exim to share authentication credentials with Dovecot. I have setup Dovecot to deliver mails for virtual users and setup a router ...
- 233
5
votes
4
answers
46k
views
postfix SASL authentication failed - Internal authentication error
I've recently had to change SMTP relays from Cablevision to Verizon. Verizon blocks port 25 but they will accept SSL via port 465 (per this). I've used this and this to have stunnnel forward postfix'...
- 201
5
votes
1
answer
3k
views
Dovecot says: "Requested CRAM-MD5 scheme, but we have only CRYPT" yet CRAM-MD5 is available
Following upgrade of Fedora Core 16 to Fedora Core 21, the new Dovecot installation isn't authenticating correctly and it's not at all clear why.
We have 50+ email accounts served by this server, so ...
- 1,298
5
votes
1
answer
3k
views
SASL auth to LDAP behind HAPROXY with name mismatches
My kerberos domain in MYEXAMPLE.ORG, but servers are located in the dmz-int.example.org dns zone.
LDAP server is b1.dmz-int.example.org; its keytab include:
udo ktutil -k /etc/krb5.keytab list
/etc/...
- 1,380
5
votes
1
answer
562
views
How to check if Postfix was compiled with support for Dovecot SASL?
The Dovecot instructions state:
Since version 2.3, Postfix supports SMTP AUTH through Dovecot SASL as
introduced in the Dovecot 1.0 series. If using Postfix obtained from a
binary (such as a ....
- 201
5
votes
5
answers
15k
views
Postfix rejecting mail from authenticated clients
I am trying to configure Postfix so that it would accept mail from authenticated clients outside $mynetworks.
When I try to send a test email from my iPhone, which is configured to use port 25, SSL ...
- 689
5
votes
1
answer
34k
views
warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
today i set up a mailserver with a german tutorial from here:
Now i'm done and need help with my issues. Sry for bad english - i hope my informations help u to help me ^^
mail.log:
Nov 18 16:30:00 ...
user386409
5
votes
1
answer
3k
views
Subversion 1.6 + SASL : Only works with plaintext 'userPassword'?
I'm attempting to setup svnserve with SASL support on my Slackware 13.1 server and after some trial and error I'm able to get it to work with the configuration listed below:
svnserve.conf
[general]
...
- 587
5
votes
2
answers
743
views
PAM vs /etc/shadow in Dovecot SASL configuration - Security differences?
I set up a server with Postfix SMTP auth through Dovecot SASL. However, it was not possible to get the PAM authentification working as standard out of the box.
So more by chance, I changed it to ...
- 151
4
votes
1
answer
7k
views
Fail2Ban SASL Filter Misses Failed Logins
I am using fail2ban on my mail server. I discovered this morning that there were some 5000 failed login attempts (in the course of 1 hour) via SMTP that didn't get picked up by my sasl filter. Here ...
- 342
4
votes
1
answer
19k
views
OpenLDAP Setup help: SASL/GSSAPI authentication started
I am trying to setup & configure OpenLDAP on Fedora Core 13. I've gotten as far as compiling and installing OpenLDAP v2.4.23.
Whenever I try to run one of the LDAP commands (like ldapsearch), I ...
4
votes
1
answer
13k
views
postfix TLS disconnect from unknown
I install centos 6.4 posttfix with sasl and TLS
my postconf -e
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
...
- 241
4
votes
2
answers
7k
views
postfwd not rate limiting sasl users
I would like to use postfwd version 2 to limit the amount of daily mail sent by my sasl authenticated users.
I installed latest tarball: postfwd-1.35 with latest postfix from Centos 6.4
In my I have ...
- 744
4
votes
2
answers
10k
views
Dovecot doesn't create /var/spool/postfix/private/auth
I'm moving an Ubuntu 14.04 postfix mail installation from one machine to another. The current setup works fine pretty much with Ubuntu's default postfix and dovecot setup so that users can use SMTP ...
- 507
4
votes
1
answer
5k
views
Postfix - sender dependent relaying for multiple domains
I have spent the last couple of days going through SO questions and the Postfix documentation but have not succeeded in figuring out what I'm doing wrong. My situation is as follows:
I have a server ...
- 461
4
votes
1
answer
10k
views
unable to open Berkeley db /etc/sasldb2: No such file or directory
In /var/log/mail.log I get such error message:
Jul 25 01:33:11 ubuntu8 postfix/smtpd[10863]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
...
- 175
3
votes
1
answer
4k
views
Getting SENDMAIL (as a client) to use AUTH LOGIN
I am trying to use SENDMAIL (v8.15) on a Pi in my network to just forward mails to my SendGrid account. This is needed because my legacy webcams on my network cannot use the very long password ...
- 407
3
votes
3
answers
21k
views
Postfix sasl login failing no mechanism found
following the link here: http://flurdy.com/docs/postfix/ with posfix, courier, MySql, and sasl gave me a web server that has imap functionality working fine but when i go to log into the server to ...
- 121
3
votes
1
answer
8k
views
Postfix allow SASL-authenticated users to send from any IP address
I understand that I need SMTP on port 25 to receive email, but I do not want this to be a relay port.
Instead I would port 587 to be used for registered (SASL-authenticated) users to relay email from ...
- 281
3
votes
1
answer
3k
views
configure saslauthd with PAM
I'm trying to configure saslauthd with PAM. I created a user test with password test using useradd and passwd and I checked that I can login with su - test.
[arch@vps-5220ce87 ~]$ systemctl status ...
- 151
3
votes
1
answer
3k
views
How to generate entries for different mechanisms with saslpasswd2?
I'm struggling to create the satisfactory set of records in sasldb2.db. If I use the regular
saslpasswd2 -c user
I get exactly one record, according to sasldblistusers2:
[email protected]: ...
- 2,411
3
votes
2
answers
4k
views
Dovecot SASL auth not working
Like said, Dovecot auth fails when i try to connect with Thunderbird. Incoming and outgoing mail works fine.
I used e.g. this tutorial (and many more) as a reference: https://serverfault.com/...
- 31
3
votes
1
answer
2k
views
SASL: How to delete all mech entries from a user?
I have a problem with my SASL database.
sasldblistusers2 shows following entries:
[email protected]: cmusaslsecretCRAM-MD5
[email protected]: cmusaslsecretPLAIN
[email protected]: userPassword
I ...
- 843
3
votes
1
answer
7k
views
Postfix/Dovecot: SASL LOGIN authentication aborted
I use Postfix together with Dovecot (auth/LMTP) on my mailserver.
Everything is working fine, but I notice several warnings in the log-files each day:
postfix/smtpd[4169]: warning: unknown[MY.HOME.IP]...
- 298