I see nothing in /etc/courier-imap/ that would levee me to believe this is true. There must be a way to not use SASL - since the desktop clients are not using SASL. I do not see the point in setting up a base 64 SASL authentication just for one set of phones. What I can not figure out is! My configuration is postfix + courier w/ ssl/tsl + maildir + spam assasin On Thu, May 6, 2010 at 3:15 PM, Eric Shubert wrote: > Looks that way to me (although I haven't used it personally). The howto says > that postfix uses parts of cyrus for sasl implementation. Perhaps there's a > courier equivalent? Note, it's using only the sasl component, which is used > for authentication. Yes, it's used for smtp (submission), although it has > nothing to do with the imap component. > > -- > -Eric 'shubes' > > Bryan O'Neal wrote: >> >> Even though I am only having the issue with SMTP? IMAP works perfectly >> with stranded password auth? >> BTW I am using courier not cyrus >> >> On Thu, May 6, 2010 at 1:29 PM, Eric Shubert wrote: >>> >>> Bryan O'Neal wrote: >>>> >>>> Ok, I have a smart phone that can not auth for SMTP on this postfix box >>>> >>>> The error I get is >>>> May  6 09:53:39 GNUbox postfix/smtpd[16233]: TLS connection >>>> established from 2.sub-75-244-219.myvzw.com[75.244.219.2]: SSLv3 with >>>> cipher RC4-MD5 (128/128 bits) >>>> May  6 09:53:41 GNUbox postfix/smtpd[16233]: warning: SASL >>>> authentication problem: unable to open Berkeley db /etc/sasldb2: No >>>> such file or directory >>>> May  6 09:53:41 GNUbox postfix/smtpd[16233]: warning: SASL >>>> authentication problem: unable to open Berkeley db /etc/sasldb2: No >>>> such file or directory >>>> May  6 09:53:41 GNUbox postfix/smtpd[16233]: warning: SASL >>>> authentication failure: no secret in database >>>> May  6 09:53:41 GNUbox postfix/smtpd[16233]: warning: >>>> 2.sub-75-244-219.myvzw.com[75.244.219.2]: SASL CRAM-MD5 authentication >>>> failed: authentication failure >>>> May  6 09:53:42 GNUbox postfix/smtpd[16233]: lost connection after >>>> AUTH from 2.sub-75-244-219.myvzw.com[75.244.219.2] >>>> May  6 09:53:42 GNUbox postfix/smtpd[16233]: disconnect from >>>> 2.sub-75-244-219.myvzw.com[75.244.219.2] >>>> >>>> So after trying to fix SASL (And failing - I would have to set it up >>>> again from scratch which I am not prepared to do rite now) I said - Ok >>>> - I'll just turn it off and see what happens but I still get and SASL >>>> error - see above - And this is what I find odd. If the server is not >>>> advertising SASL why is the client trying to negotiate it and why is >>>> the server looking to comply?  Desktop clients work fine using TSL and >>>> password auth against the LDAP server. Which is what I would like to >>>> do for the phones at this point. >>>> >>>> Could I please get some help from some one smarter then I. >>>> >>>> Here is the appropriate segment of my main.cf file >>>> >>>> content_filter = smtp-amavis:[127.0.0.1]:10024 >>>> >>>> smtp_use_tls = yes >>>> smtp_tls_note_starttls_offer = yes >>>> smtp_tls_enforce_peername = no >>>> smtpd_use_tls = yes >>>> smtpd_enforce_tls = no >>>> smtp_tls_CApath = /usr/share/ssl/certs >>>> smtpd_tls_cert_file = /etc/postfix/ssl/mail.cmaz.com.crt >>>> smtpd_tls_key_file = /etc/postfix/ssl/mail.cmaz.com.key >>>> smtpd_tls_wrappermode = no >>>> smtpd_tls_auth_only = yes >>>> smtpd_tls_loglevel = 2 >>>> smtpd_tls_received_header = yes >>>> smtpd_tls_session_cache_timeout = 3600s >>>> tls_random_source = dev:/dev/urandom >>>> tls_daemon_random_source = dev:/dev/urandom >>>> >>>> smtpd_sasl_auth_enable = no >>>> smtpd_sasl2_auth_enable = no >>>> #smtpd_sasl_local_domain = $myhostname >>>> #smtpd_sasl_security_options = noanonymous >>>> #smtpd_sasl_path = smtpd >>>> >>>> smtpd_client_restrictions = permit_mynetworks >>>>                         # permit_sasl_authenticated >>>> >>>> #smtpd_sasl_tls_security_options = $smtpd_sasl_security_options >>>> >>>> mime_header_checks = regexp:/etc/postfix/mime_header_checks >>>> >>>> smtpd_recipient_restrictions = >>>>      permit_sasl_authenticated, >>>>      permit_mynetworks, >>>>      check_sender_access hash:/etc/postfix/whitelist, >>>>      # check_sender_access ldap:whitelist, >>>>      check_sender_access hash:/etc/postfix/spoofed-domains, >>>>      reject_non_fqdn_sender, >>>>      reject_non_fqdn_recipient, >>>>      reject_unknown_sender_domain, >>>>      reject_unknown_recipient_domain, >>>>      reject_unauth_destination, >>>>      # reject_unauth_pipelining, >>>>      #reject_rbl_client cbl.abuseat.org, >>>>      #reject_rbl_client combined.njabl.org, >>>>      #reject_rbl_client sbl-xbl.spamhaus.org, >>>>      #reject_rbl_client relays.ordb.org, >>>>      #reject_rbl_client list.dsbl.org, >>>>      #reject_rhsbl_client blackhole.securitysage.com, >>>>      #reject_rhsbl_sender blackhole.securitysage.com, >>>> >>>>      # reject_non_fqdn_helo_hostname >>>>      # reject_invalid_helo_hostname >>>>      check_policy_service unix:/var/spool/postfix/postgrey/socket >>>> >>>> smtpd_data_restrictions = >>>>      reject_multi_recipient_bounce >>>>      # sleep 1 >>>>      reject_unauth_pipelining >>> >>> Looks to me like perhaps you need to configure Cyrus SASL. >>> See http://www.postfix.org/SASL_README.html#server_cyrus >>> >>> -- >>> -Eric 'shubes' >>> >>> --------------------------------------------------- >>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >>> To subscribe, unsubscribe, or to change your mail settings: >>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >>> > > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss