Postfix smtp auth problem

Top Page
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Bryan O'Neal
Date:  
To: Main PLUG discussion list
Subject: Postfix smtp auth problem
Ok, I have a smart phone that can not auth for SMTP on this postfix box

The error I get is
May 6 09:53:39 GNUbox postfix/smtpd[16233]: TLS connection
established from 2.sub-75-244-219.myvzw.com[75.244.219.2]: SSLv3 with
cipher RC4-MD5 (128/128 bits)
May 6 09:53:41 GNUbox postfix/smtpd[16233]: warning: SASL
authentication problem: unable to open Berkeley db /etc/sasldb2: No
such file or directory
May 6 09:53:41 GNUbox postfix/smtpd[16233]: warning: SASL
authentication problem: unable to open Berkeley db /etc/sasldb2: No
such file or directory
May 6 09:53:41 GNUbox postfix/smtpd[16233]: warning: SASL
authentication failure: no secret in database
May 6 09:53:41 GNUbox postfix/smtpd[16233]: warning:
2.sub-75-244-219.myvzw.com[75.244.219.2]: SASL CRAM-MD5 authentication
failed: authentication failure
May 6 09:53:42 GNUbox postfix/smtpd[16233]: lost connection after
AUTH from 2.sub-75-244-219.myvzw.com[75.244.219.2]
May 6 09:53:42 GNUbox postfix/smtpd[16233]: disconnect from
2.sub-75-244-219.myvzw.com[75.244.219.2]

So after trying to fix SASL (And failing - I would have to set it up
again from scratch which I am not prepared to do rite now) I said - Ok
- I'll just turn it off and see what happens but I still get and SASL
error - see above - And this is what I find odd. If the server is not
advertising SASL why is the client trying to negotiate it and why is
the server looking to comply? Desktop clients work fine using TSL and
password auth against the LDAP server. Which is what I would like to
do for the phones at this point.

Could I please get some help from some one smarter then I.

Here is the appropriate segment of my main.cf file

content_filter = smtp-amavis:[127.0.0.1]:10024

smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtp_tls_enforce_peername = no
smtpd_use_tls = yes
smtpd_enforce_tls = no
smtp_tls_CApath = /usr/share/ssl/certs
smtpd_tls_cert_file = /etc/postfix/ssl/mail.cmaz.com.crt
smtpd_tls_key_file = /etc/postfix/ssl/mail.cmaz.com.key
smtpd_tls_wrappermode = no
smtpd_tls_auth_only = yes
smtpd_tls_loglevel = 2
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
tls_daemon_random_source = dev:/dev/urandom

smtpd_sasl_auth_enable = no
smtpd_sasl2_auth_enable = no
#smtpd_sasl_local_domain = $myhostname
#smtpd_sasl_security_options = noanonymous
#smtpd_sasl_path = smtpd

smtpd_client_restrictions = permit_mynetworks
                          # permit_sasl_authenticated


#smtpd_sasl_tls_security_options = $smtpd_sasl_security_options

mime_header_checks = regexp:/etc/postfix/mime_header_checks

smtpd_recipient_restrictions =
       permit_sasl_authenticated,
       permit_mynetworks,
       check_sender_access hash:/etc/postfix/whitelist,
       # check_sender_access ldap:whitelist,
       check_sender_access hash:/etc/postfix/spoofed-domains,
       reject_non_fqdn_sender,
       reject_non_fqdn_recipient,
       reject_unknown_sender_domain,
       reject_unknown_recipient_domain,
       reject_unauth_destination,
       # reject_unauth_pipelining,
       #reject_rbl_client cbl.abuseat.org,
       #reject_rbl_client combined.njabl.org,
       #reject_rbl_client sbl-xbl.spamhaus.org,
       #reject_rbl_client relays.ordb.org,
       #reject_rbl_client list.dsbl.org,
       #reject_rhsbl_client blackhole.securitysage.com,
       #reject_rhsbl_sender blackhole.securitysage.com,


       # reject_non_fqdn_helo_hostname
       # reject_invalid_helo_hostname
       check_policy_service unix:/var/spool/postfix/postgrey/socket


smtpd_data_restrictions =
       reject_multi_recipient_bounce
       # sleep 1
       reject_unauth_pipelining
---------------------------------------------------
PLUG-discuss mailing list - 
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss