chrooting Postfix+SASL+TLS
From: Alex Melkomukov (amelkomukov_at_flexpop.net)
Date: 07/26/04
- Previous message: Andrew Riabtsev: "Re: Apache - reverse proxy with freebsd"
- Next in thread: Eric W. Bates: "Re: chrooting Postfix+SASL+TLS"
- Reply: Eric W. Bates: "Re: chrooting Postfix+SASL+TLS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Mon, 26 Jul 2004 11:17:42 -0700 (PDT) To: freebsd-isp@freebsd.org
Hello all,
I tried posting to the FreeBSD Questions list with no luck. I figured I
would try this list to see if anyone has an answer/pointers for me to work
with.
posted message:
Hi all,
Has anyone successfully set up Postfix to run chrooted with saslauthd?
I've been trying to get this to work for several days now and have run
out of ideas.
Everything works fine non-chrooted, but as soon as I run
postfix/smtpd chrooted, I get the following messages in maillog:
Jul 23 09:46:30 xxx postfix/smtpd[2472]: connect from yyy[999.999.999.999]
Jul 23 09:46:30 xxx postfix/smtpd[2472]: setting up TLS connection from
yyy[999.999.999.999]
Jul 23 09:46:30 xxx postfix/smtpd[2472]: TLS connection established from
yyy[999.999.999.99]: TLSv1 with cipher RC4-MD5 (128/128 bits)
Jul 23 09:46:30 xxx postfix/smtpd[2472]: warning: SASL authentication
failure: cannot connect to saslauthd server: No such file or directory
Jul 23 09:46:30 xxx postfix/smtpd[2472]: warning: yyy[999.999.999.999]:
SASL LOGIN authentication failed
Jul 23 09:46:30 xxx postfix/smtpd[2472]: warning: Read failed in
network_biopair_interop with errno=0: num_read=0, want_read=5
Jul 23 09:46:30 xxx postfix/smtpd[2472]: lost connection after AUTH from
yyy[999.999.999.999]
Jul 23 09:46:30 xxx postfix/smtpd[2472]: disconnect from
yyy[999.999.999.999]
Here is what I have installed:
OS:
FreeBSD 4.9-RELEASE
ports installed:
openssl-0.9.7d
cyrus-sasl-2.1.18
cyrus-sasl-saslauthd-2.1.18_1
postfix installed from source with TLS patch applied:
postfix-2.1.3
pfixtls-0.8.18-2.1.3-0.9.7d
postfix chroot directory:
/var/spool/postfix
saslauthd startup options:
/usr/local/sbin/saslauthd -a getpwent -m
/var/spool/postfix/var/state/saslauthd
tls/sasl options in /etc/postfix/main.cf:
# sasl config
#
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks
smtpd_recipient_restrictions = permit_sasl_authenticated,
permit_mynetworks, reject_unauth_destination
# tls config
#
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.pem
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.pem
smtpd_tls_CAfile = /etc/postfix/ssl/smtpd.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
I have tried all kinds of tips from my archive searches and still no luck.
Can anyone give me any pointers/instructions on how to run postfix
chrooted with saslauthd using FreeBSD 4.9?
any advice will be appreciated.
thanks in advance,
Alex M.
_______________________________________________
freebsd-isp@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
- Previous message: Andrew Riabtsev: "Re: Apache - reverse proxy with freebsd"
- Next in thread: Eric W. Bates: "Re: chrooting Postfix+SASL+TLS"
- Reply: Eric W. Bates: "Re: chrooting Postfix+SASL+TLS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
