Please note the new address for this forum : forum.excito.org. The old address redirects here but I don't know for how long. Thanks !
New user's registration have been closed due to high spamming and low trafic on this forum. Please contact forum admins directly if you need an account. Thanks !

sasl problems

Got problems with your B2 or B3? Share and get helped!
Post Reply
supermagnum
Posts: 57
Joined: 19 Oct 2010, 05:27

Re: sasl problems

Post by supermagnum »

Eek wrote:that is strange.
could you do a

Code: Select all

postconf -n
and a

Code: Select all

cat /etc/postfix/master.cf|grep smtp
Yes:

postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
biff = no
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
disable_vrfy_command = yes
home_mailbox = Mail/
mailbox_size_limit = 0
mydestination = b3.localdomain, localhost.localdomain, localhost, /etc/postfix/bubbadomains, $myhostname
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
recipient_delimiter = +
relayhost = [mail.privatdemail.net]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noplaintext, noanonymous
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_tls_loglevel = 1
smtp_tls_per_site = hash:/etc/postfix/tls_per_site
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination reject_unauth_pipelining reject_invalid_hostname reject_non_fqdn_sender reject_unknown_sender_domain reject_non_fqdn_recipient reject_unknown_recipient_domain reject_rbl_client dnsbl.njabl.org reject_rbl_client dnsbl.sorbs.net reject_rbl_client bl.spamcop.net permit
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_cert_file = /etc/postfix/FOO-cert.pem
smtpd_tls_key_file = /etc/postfix/FOO-key.pem
smtpd_tls_received_header = yes
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550



cat /etc/postfix/master.cf|grep smtp
smtp inet n - - - - smtpd
#submission inet n - - - - smtpd
# -o smtpd_tls_security_level=encrypt
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps inet n - - - - smtpd
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
smtp unix - - - - - smtp
relay unix - - - - - smtp
-o smtp_fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
Top
Eek
Posts: 372
Joined: 23 Dec 2007, 03:03
Location: the Netherlands

Re: sasl problems

Post by Eek »

Could you change these lines in the master.cf file
smtp unix - - - - - smtp
relay unix - - - - - smtp
-o smtp_fallback_relay=
into:

Code: Select all

smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       n       -       -       smtp
     -o smtp_generic_maps=
Could you also backup your main.cf and create a empty main.cf with this contents?

Code: Select all

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
biff = no
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
disable_dns_lookups = yes
disable_vrfy_command = yes
home_mailbox = Mail/
inet_interfaces = all
mailbox_size_limit = 0
mydestination = b3.localdomain, localhost.localdomain, localhost, /etc/postfix/bubbadomains
myhostname = b3.localdomain
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
recipient_delimiter = +
relayhost = [mail.privatdemail.net]:587
smtp_generic_maps = hash:/etc/postfix/generic
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_tls_loglevel = 1
smtp_tls_per_site = hash:/etc/postfix/tls_per_site
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination reject_unauth_pipelining reject_invalid_hostname reject_non_fqdn_sender reject_unknown_sender_domain reject_non_fqdn_recipient reject_unknown_recipient_domain reject_rbl_client dnsbl.njabl.org reject_rbl_client dnsbl.sorbs.net reject_rbl_client bl.spamcop.net permit
smtpd_sasl_auth_enable = no
smtpd_sasl_local_domain = $myhostname
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_cert_file = /etc/postfix/FOO-cert.pem
smtpd_tls_key_file = /etc/postfix/FOO-key.pem
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
And restart postfix.
cheers
Eek
Top
supermagnum
Posts: 57
Joined: 19 Oct 2010, 05:27

Re: sasl problems

Post by supermagnum »

Still the same problem.
Nothing in the logs, and when i send a mail to another email adress i have, it does not arrive.
Top
Ubi
Posts: 1549
Joined: 17 Jul 2007, 09:01

Re: sasl problems

Post by Ubi »

postfix can log *everything*. If you see nothing in the logs, increase logging verbosity. Read http://www.postfix.org/DEBUG_README.html.
SASL debugging is a pain though. Your problem can be as simple as a permissions setting or as difficult as a decryption algorithm mismatch. I'd suggest trying to use a different remote server (to rule out the possibility the issue is on their site). Gmail has free SSL smtp service, why not use them as a test bed?
Top
Eek
Posts: 372
Joined: 23 Dec 2007, 03:03
Location: the Netherlands

Re: sasl problems

Post by Eek »

Yes, I also recommend trying gmail as a test case,
As this works perfect for me.
I don't understand why you do not get logging.
Could you do a

Code: Select all

ls -l /etc/postfix/
df -h
/etc/init.d/postfix restart
tail -100 /var/log/syslog
cheers
Eek
Top
supermagnum
Posts: 57
Joined: 19 Oct 2010, 05:27

Re: sasl problems

Post by supermagnum »

Eek wrote:Yes, I also recommend trying gmail as a test case,
As this works perfect for me.
I don't understand why you do not get logging.
Could you do a

Code: Select all

ls -l /etc/postfix/
df -h
/etc/init.d/postfix restart
tail -100 /var/log/syslog
ls -l /etc/postfix/
totalt 152
-rw-r--r-- 1 root root 0 2010-10-28 15:56 bubbadomains
-rw-r--r-- 1 root root 318 2010-10-28 15:47 dynamicmaps.cf
-rw-rw-rw- 1 root root 56 2011-07-14 12:53 generic
-rw-r--r-- 1 root root 12288 2011-07-14 13:08 generic.db
-rw-r--r-- 1 root www-data 1860 2011-07-14 16:57 main.cf
-rw-rw-rw- 1 root root 1813 2011-07-14 12:13 main.cf-backup
-rw-rw-rw- 1 root root 2246 2011-07-14 16:49 main.cf-backup2
-rw-r--r-- 1 root root 1255 2010-10-28 15:47 main.cf.bubba-distrib
-rw-r--r-- 1 root root 5299 2011-07-14 16:48 master.cf
-rw-r--r-- 1 root root 18992 2010-06-27 06:38 postfix-files
-rwxr-xr-x 1 root root 8729 2010-06-27 06:38 postfix-script
-rwxr-xr-x 1 root root 24256 2010-06-27 06:38 post-install
drwxr-xr-x 2 root root 4096 2010-06-27 06:38 sasl
-rw-r----- 1 root postfix 57 2011-07-13 17:58 sasl_passwd
-rw-r----- 1 root postfix 12288 2011-07-13 17:58 sasl_passwd.db
-rw-rw-rw- 1 root root 124 2011-07-14 13:07 tls_per_site
-rw-r--r-- 1 root root 12288 2011-07-14 13:07 tls_per_site.db
-rw-rw-rw- 1 root root 121 2011-07-14 13:05 transport
-rw-r--r-- 1 root root 12288 2011-07-14 13:06 transport.db

df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda1 9,9G 1,8G 7,6G 19% /
tmpfs 252M 0 252M 0% /lib/init/rw
udev 10M 136K 9,9M 2% /dev
tmpfs 252M 4,0K 252M 1% /dev/shm
/dev/mapper/bubba-storage
907G 174G 687G 21% /home

/etc/init.d/postfix restart
Stopping Postfix Mail Transport Agent: postfix.
Starting Postfix Mail Transport Agent: postfix.


tail -100 /var/log/syslog
Jul 15 10:09:45 b3 mt-daapd[1185]: Error reading: Unknown error
Jul 15 10:09:45 b3 mt-daapd[1185]: Error reading: Unknown error
Jul 15 10:09:45 b3 mt-daapd[1185]: Error reading: Unknown error
Jul 15 10:09:45 b3 mt-daapd[1185]: Error reading: Unknown error
Jul 15 10:09:45 b3 mt-daapd[1185]: Starting playlist scan
Jul 15 10:09:45 b3 mt-daapd[1185]: Attempt to add duplicate playlist: '00-charta_77-sagan_om_varldens_mest_hypade_band-2000-evighet' type: 2, path: /home/storage/music/mp3/Dia Psalma/Charta 77/Charta_77-Sagan_Om_Varldens_Mest_Hypade_Band-2000-EVIGHET/00-charta_77-sagan_om_varldens_mest_hypade_band-2000-evighet.m3u, idx: 0
Jul 15 10:09:45 b3 mt-daapd[1185]: Error adding m3u /home/storage/music/mp3/Charta 77/Charta_77-Sagan_Om_Varldens_Mest_Hypade_Band-2000-EVIGHET/00-charta_77-sagan_om_varldens_mest_hypade_band-2000-evighet.m3u: Duplicate Playlist: 00-charta_77-sagan_om_varldens_mest_hypade_band-2000-evighet
Jul 15 10:09:46 b3 mt-daapd[1185]: Updating playlists
Jul 15 10:09:46 b3 mt-daapd[1185]: Scanned 6708 songs (was 6708) in 11 seconds
Jul 15 10:10:01 b3 /USR/SBIN/CRON[4673]: (root) CMD (test -x /usr/bin/php && /usr/bin/php /usr/share/horde3/scripts/alarms.php)
Jul 15 10:10:01 b3 /USR/SBIN/CRON[4674]: (root) CMD (test -x /usr/lib/web-admin/notify-dispatcher.pl && /usr/lib/web-admin/notify-dispatcher.pl)
Jul 15 10:10:03 b3 postfix/pickup[4531]: 202781C031: uid=0 from=<root>
Jul 15 10:10:03 b3 postfix/cleanup[4680]: 202781C031: message-id=<20110715081003.202781C031@b3.localdomain>
Jul 15 10:10:03 b3 postfix/qmgr[32108]: 202781C031: from=<root@b3.localdomain>, size=4478, nrcpt=1 (queue active)
Jul 15 10:10:03 b3 postfix/local[4682]: 202781C031: to=<root@b3.localdomain>, orig_to=<root>, relay=local, delay=0.16, delays=0.08/0.03/0/0.04, dsn=2.0.0, status=sent (delivered to maildir)
Jul 15 10:10:03 b3 postfix/qmgr[32108]: 202781C031: removed
Jul 15 10:11:08 b3 ftd: Tracker announce failed: tracker error
Jul 15 10:11:49 b3 ftd: Tracker announce failed: tracker error
Jul 15 10:12:30 b3 ftd: Tracker announce failed: tracker error
Jul 15 10:12:59 b3 ftd: Tracker announce failed: tracker error
Jul 15 10:13:02 b3 postfix/qmgr[32108]: 8F68C1C010: from=<supermag@privatdemail.net>, size=1705, nrcpt=1 (queue active)
Jul 15 10:13:02 b3 postfix/smtp[4685]: cannot load Certificate Authority data: disabling TLS support
Jul 15 10:13:03 b3 postfix/smtp[4685]: warning: TLS library problem: 4685:error:02001002:system library:fopen:No such file or directory:bss_file.c:126:fopen('/etc/postfix/cacert.pem','r'):
Jul 15 10:13:03 b3 postfix/smtp[4685]: warning: TLS library problem: 4685:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:129:
Jul 15 10:13:03 b3 postfix/smtp[4685]: warning: TLS library problem: 4685:error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib:by_file.c:274:
Jul 15 10:13:03 b3 postfix/smtp[4685]: 8F68C1C010: to=<supermag@privatdemail.net>, relay=mail.privatdemail.net[217.139.17.156]:587, delay=146800, delays=146799/0.68/0.62/0, dsn=4.7.5, status=deferred (TLS is required, but our TLS engine is unavailable)
Jul 15 10:13:11 b3 ftd: Tracker announce failed: tracker error
Jul 15 10:13:40 b3 ftd: Tracker announce failed: tracker error
Jul 15 10:13:45 b3 ftd: Tracker announce failed: tracker error
Jul 15 10:14:26 b3 ftd: Tracker announce failed: tracker error
Jul 15 10:15:01 b3 /USR/SBIN/CRON[4690]: (root) CMD (test -x /usr/lib/web-admin/notify-dispatcher.pl && /usr/lib/web-admin/notify-dispatcher.pl)
Jul 15 10:15:01 b3 /USR/SBIN/CRON[4691]: (root) CMD (test -x /usr/bin/php && /usr/bin/php /usr/share/horde3/scripts/alarms.php)
Jul 15 10:15:03 b3 postfix/pickup[4531]: 024E71C031: uid=0 from=<root>
Jul 15 10:15:03 b3 postfix/cleanup[4697]: 024E71C031: message-id=<20110715081503.024E71C031@b3.localdomain>
Jul 15 10:15:03 b3 postfix/qmgr[32108]: 024E71C031: from=<root@b3.localdomain>, size=4478, nrcpt=1 (queue active)
Jul 15 10:15:03 b3 postfix/local[4699]: 024E71C031: to=<root@b3.localdomain>, orig_to=<root>, relay=local, delay=0.16, delays=0.1/0.03/0/0.03, dsn=2.0.0, status=sent (delivered to maildir)
Jul 15 10:15:03 b3 postfix/qmgr[32108]: 024E71C031: removed
Jul 15 10:15:40 b3 ftd: Tracker announce failed: tracker error
Jul 15 10:16:21 b3 ftd: Tracker announce failed: tracker error
Jul 15 10:16:26 b3 ftd: Tracker announce failed: tracker error
Jul 15 10:17:01 b3 /USR/SBIN/CRON[4701]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Jul 15 10:17:07 b3 ftd: Tracker announce failed: tracker error
Jul 15 10:18:02 b3 postfix/qmgr[32108]: 158AE1C025: from=<root@b3.localdomain>, size=334, nrcpt=1 (queue active)
Jul 15 10:18:02 b3 postfix/qmgr[32108]: 0E2871C026: from=<root@b3.localdomain>, size=331, nrcpt=1 (queue active)
Jul 15 10:18:02 b3 postfix/qmgr[32108]: F1B3A1C027: from=<supermag@privatdemail.net>, size=1076, nrcpt=1 (queue active)
Jul 15 10:18:02 b3 postfix/qmgr[32108]: DD1BC1C00F: from=<supermag@privatdemail.net>, size=1727, nrcpt=1 (queue active)
Jul 15 10:18:02 b3 postfix/smtp[4704]: cannot load Certificate Authority data: disabling TLS support
Jul 15 10:18:02 b3 postfix/smtp[4704]: warning: TLS library problem: 4704:error:02001002:system library:fopen:No such file or directory:bss_file.c:126:fopen('/etc/postfix/cacert.pem','r'):
Jul 15 10:18:02 b3 postfix/smtp[4704]: warning: TLS library problem: 4704:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:129:
Jul 15 10:18:02 b3 postfix/smtp[4704]: warning: TLS library problem: 4704:error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib:by_file.c:274:
Jul 15 10:18:02 b3 postfix/smtp[4705]: cannot load Certificate Authority data: disabling TLS support
Jul 15 10:18:02 b3 postfix/smtp[4705]: warning: TLS library problem: 4705:error:02001002:system library:fopen:No such file or directory:bss_file.c:126:fopen('/etc/postfix/cacert.pem','r'):
Jul 15 10:18:02 b3 postfix/smtp[4705]: warning: TLS library problem: 4705:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:129:
Jul 15 10:18:02 b3 postfix/smtp[4705]: warning: TLS library problem: 4705:error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib:by_file.c:274:
Jul 15 10:18:02 b3 postfix/smtp[4706]: cannot load Certificate Authority data: disabling TLS support
Jul 15 10:18:02 b3 postfix/smtp[4706]: warning: TLS library problem: 4706:error:02001002:system library:fopen:No such file or directory:bss_file.c:126:fopen('/etc/postfix/cacert.pem','r'):
Jul 15 10:18:02 b3 postfix/smtp[4706]: warning: TLS library problem: 4706:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:129:
Jul 15 10:18:02 b3 postfix/smtp[4706]: warning: TLS library problem: 4706:error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib:by_file.c:274:
Jul 15 10:18:02 b3 postfix/smtp[4707]: cannot load Certificate Authority data: disabling TLS support
Jul 15 10:18:02 b3 postfix/smtp[4707]: warning: TLS library problem: 4707:error:02001002:system library:fopen:No such file or directory:bss_file.c:126:fopen('/etc/postfix/cacert.pem','r'):
Jul 15 10:18:02 b3 postfix/smtp[4707]: warning: TLS library problem: 4707:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:129:
Jul 15 10:18:02 b3 postfix/smtp[4707]: warning: TLS library problem: 4707:error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib:by_file.c:274:
Jul 15 10:18:03 b3 ftd: Scrape failed
Jul 15 10:18:03 b3 postfix/smtp[4704]: 158AE1C025: to=<someone@somewhere.com>, relay=mail.privatdemail.net[217.139.17.156]:587, delay=76179, delays=76177/0.11/1.3/0, dsn=4.7.5, status=deferred (TLS is required, but our TLS engine is unavailable)
Jul 15 10:18:03 b3 postfix/smtp[4706]: F1B3A1C027: to=<krbjhvee@online.no>, relay=mail.privatdemail.net[217.139.17.156]:587, delay=76052, delays=76050/0.19/1.2/0, dsn=4.7.5, status=deferred (TLS is required, but our TLS engine is unavailable)
Jul 15 10:18:03 b3 postfix/smtp[4705]: 0E2871C026: to=<krbjhvee@online.no>, relay=mail.privatdemail.net[217.139.17.156]:587, delay=76106, delays=76104/0.14/1.3/0, dsn=4.7.5, status=deferred (TLS is required, but our TLS engine is unavailable)
Jul 15 10:18:03 b3 postfix/smtp[4707]: DD1BC1C00F: to=<krbjhvee@online.no>, relay=mail.privatdemail.net[217.139.17.156]:587, delay=147494, delays=147492/0.24/1.2/0, dsn=4.7.5, status=deferred (TLS is required, but our TLS engine is unavailable)
Jul 15 10:18:48 b3 ftd: Tracker announce failed: tracker error
Jul 15 10:19:48 b3 mt-daapd[1185]: Rescanning database
Jul 15 10:19:51 b3 mt-daapd[1185]: Error reading: Unknown error
Jul 15 10:19:58 b3 mt-daapd[1185]: Error reading: Unknown error
Jul 15 10:19:58 b3 mt-daapd[1185]: Error reading: Unknown error
Jul 15 10:19:58 b3 mt-daapd[1185]: Error reading: Unknown error
Jul 15 10:19:58 b3 mt-daapd[1185]: Error reading: Unknown error
Jul 15 10:19:58 b3 mt-daapd[1185]: Error reading: Unknown error
Jul 15 10:19:58 b3 mt-daapd[1185]: Error reading: Unknown error
Jul 15 10:19:58 b3 mt-daapd[1185]: Starting playlist scan
Jul 15 10:19:58 b3 mt-daapd[1185]: Attempt to add duplicate playlist: '00-charta_77-sagan_om_varldens_mest_hypade_band-2000-evighet' type: 2, path: /home/storage/music/mp3/Dia Psalma/Charta 77/Charta_77-Sagan_Om_Varldens_Mest_Hypade_Band-2000-EVIGHET/00-charta_77-sagan_om_varldens_mest_hypade_band-2000-evighet.m3u, idx: 0
Jul 15 10:19:58 b3 mt-daapd[1185]: Error adding m3u /home/storage/music/mp3/Charta 77/Charta_77-Sagan_Om_Varldens_Mest_Hypade_Band-2000-EVIGHET/00-charta_77-sagan_om_varldens_mest_hypade_band-2000-evighet.m3u: Duplicate Playlist: 00-charta_77-sagan_om_varldens_mest_hypade_band-2000-evighet
Jul 15 10:19:59 b3 mt-daapd[1185]: Updating playlists
Jul 15 10:20:00 b3 mt-daapd[1185]: Scanned 6708 songs (was 6708) in 12 seconds
Jul 15 10:20:01 b3 /USR/SBIN/CRON[4713]: (root) CMD (test -x /usr/lib/web-admin/notify-dispatcher.pl && /usr/lib/web-admin/notify-dispatcher.pl)
Jul 15 10:20:01 b3 /USR/SBIN/CRON[4714]: (root) CMD (test -x /usr/bin/php && /usr/bin/php /usr/share/horde3/scripts/alarms.php)
Jul 15 10:20:02 b3 postfix/pickup[4531]: BC1BB1C031: uid=0 from=<root>
Jul 15 10:20:02 b3 postfix/cleanup[4720]: BC1BB1C031: message-id=<20110715082002.BC1BB1C031@b3.localdomain>
Jul 15 10:20:02 b3 postfix/qmgr[32108]: BC1BB1C031: from=<root@b3.localdomain>, size=4478, nrcpt=1 (queue active)
Jul 15 10:20:02 b3 postfix/local[4722]: BC1BB1C031: to=<root@b3.localdomain>, orig_to=<root>, relay=local, delay=0.14, delays=0.08/0.03/0/0.03, dsn=2.0.0, status=sent (delivered to maildir)
Jul 15 10:20:02 b3 postfix/qmgr[32108]: BC1BB1C031: removed
Jul 15 10:25:01 b3 /USR/SBIN/CRON[4740]: (root) CMD (test -x /usr/bin/php && /usr/bin/php /usr/share/horde3/scripts/alarms.php)
Jul 15 10:25:01 b3 /USR/SBIN/CRON[4741]: (root) CMD (test -x /usr/lib/web-admin/notify-dispatcher.pl && /usr/lib/web-admin/notify-dispatcher.pl)
Jul 15 10:25:03 b3 postfix/pickup[4531]: 755BE1C031: uid=0 from=<root>
Jul 15 10:25:03 b3 postfix/cleanup[4747]: 755BE1C031: message-id=<20110715082503.755BE1C031@b3.localdomain>
Jul 15 10:25:03 b3 postfix/qmgr[32108]: 755BE1C031: from=<root@b3.localdomain>, size=4478, nrcpt=1 (queue active)
Jul 15 10:25:03 b3 postfix/local[4749]: 755BE1C031: to=<root@b3.localdomain>, orig_to=<root>, relay=local, delay=0.13, delays=0.08/0.04/0/0.02, dsn=2.0.0, status=sent (delivered to maildir)
Jul 15 10:25:03 b3 postfix/qmgr[32108]: 755BE1C031: removed
Jul 15 10:26:21 b3 ftd: Tracker announce failed: tracker error
Jul 15 10:26:36 b3 postfix/master[32101]: terminating on signal 15
Jul 15 10:26:37 b3 postfix/master[4849]: daemon started -- version 2.7.1, configuration /etc/postfix
Jul 15 10:27:02 b3 ftd: Tracker announce failed: tracker error
Jul 15 10:27:07 b3 ftd: Tracker announce failed: tracker error


seems that some files is missing. The TLS manager is active:
postfix 4872 0.0 0.4 6892 2556 ? S 10:31 0:00 tlsmgr -l -t unix -u -c

My main.cf
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
biff = no
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
disable_dns_lookups = yes
disable_vrfy_command = yes
home_mailbox = Mail/
inet_interfaces = all
mailbox_size_limit = 0
mydestination = b3.localdomain, localhost.localdomain, localhost, /etc/postfix/bubbadomains
myhostname = b3.localdomain
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
recipient_delimiter = +
relayhost = [mail.privatdemail.net]:587
smtp_generic_maps = hash:/etc/postfix/generic
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_tls_loglevel = 1
smtp_tls_per_site = hash:/etc/postfix/tls_per_site
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination reject_unauth_pipelining reject_invalid_hostname reject_non_fqdn_se$
smtpd_sasl_auth_enable = no
smtpd_sasl_local_domain = $myhostname
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_cert_file = /etc/postfix/FOO-cert.pem
smtpd_tls_key_file = /etc/postfix/FOO-key.pem
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_tls_loglevel = 1
smtp_tls_per_site = hash:/etc/postfix/tls_per_site
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination reject_unauth_pipelining reject_invalid_hostname reject_non_fqdn_se$
smtpd_sasl_auth_enable = no
smtpd_sasl_local_domain = $myhostname
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_cert_file = /etc/postfix/FOO-cert.pem
smtpd_tls_key_file = /etc/postfix/FOO-key.pem
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
Top
supermagnum
Posts: 57
Joined: 19 Oct 2010, 05:27

Re: sasl problems

Post by supermagnum »

supermagnum wrote: alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
biff = no
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
disable_dns_lookups = yes
disable_vrfy_command = yes
home_mailbox = Mail/
inet_interfaces = all
mailbox_size_limit = 0
mydestination = b3.localdomain, localhost.localdomain, localhost, /etc/postfix/bubbadomains
myhostname = b3.localdomain
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
recipient_delimiter = +
relayhost = [mail.privatdemail.net]:587
smtp_generic_maps = hash:/etc/postfix/generic
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_tls_loglevel = 1
smtp_tls_per_site = hash:/etc/postfix/tls_per_site
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination reject_unauth_pipelining reject_invalid_hostname reject_non_fqdn_se$
smtpd_sasl_auth_enable = no
smtpd_sasl_local_domain = $myhostname
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_cert_file = /etc/postfix/FOO-cert.pem
smtpd_tls_key_file = /etc/postfix/FOO-key.pem
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_tls_loglevel = 1
smtp_tls_per_site = hash:/etc/postfix/tls_per_site
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination reject_unauth_pipelining reject_invalid_hostname reject_non_fqdn_se$
smtpd_sasl_auth_enable = no
smtpd_sasl_local_domain = $myhostname
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_cert_file = /etc/postfix/FOO-cert.pem
smtpd_tls_key_file = /etc/postfix/FOO-key.pem
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
quote: http://forums.opensuse.org/english/get- ... ost2065169

Using CApath instead of CAfile makes all the certs in /etc/ssl/certs valid, and you don't have to choose one to put in cacert.pem and point CAfile to it as suggested by most tutes, which will fail if gmail switches to another CA.

privatdemail.net uses SSL startcom.ltd certificates (StartCom_Certification_Authority.pem and StartCom_Ltd..pem is present in /etc/ssl/certs )
Top
Eek
Posts: 372
Joined: 23 Dec 2007, 03:03
Location: the Netherlands

Re: sasl problems

Post by Eek »

Ah yes, the syslog points to the fact that you are missing
smtp_tls_CAfile = /etc/postfix/cacert.pem
You could try the opensuse forum suggestion and use
smtp_tls_CApath = /etc/ssl/certs

I tried it and it works
cheers
Eek
Top
supermagnum
Posts: 57
Joined: 19 Oct 2010, 05:27

Re: sasl problems

Post by supermagnum »

Eek wrote:Ah yes, the syslog points to the fact that you are missing
smtp_tls_CAfile = /etc/postfix/cacert.pem
You could try the opensuse forum suggestion and use
smtp_tls_CApath = /etc/ssl/certs

I tried it and it works
It works here too!

Heres my main.cf file if someone has the same problem:

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
biff = no
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
disable_dns_lookups = yes
disable_vrfy_command = yes
home_mailbox = Mail/
inet_interfaces = all
mailbox_size_limit = 0
mydestination = b3.localdomain, localhost.localdomain, localhost, /etc/postfix/bubbadomains
myhostname = b3.localdomain
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
recipient_delimiter = +
relayhost = [mail.privatdemail.net]:587
smtp_generic_maps = hash:/etc/postfix/generic
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_loglevel = 1
smtp_tls_per_site = hash:/etc/postfix/tls_per_site
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination reject_unauth_pipelining reject_invalid_hostname reject_non_fqdn_se$
smtpd_sasl_auth_enable = no
smtpd_sasl_local_domain = $myhostname
smtp_tls_CApath = /etc/ssl/certs
smtpd_tls_cert_file = /etc/ssl/certs/StartCom_Certification_Authority.pem
smtpd_tls_key_file = /etc/postfix/FOO-key.pem
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_loglevel = 1
smtp_tls_per_site = hash:/etc/postfix/tls_per_site
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination reject_unauth_pipelining reject_invalid_hostname reject_non_fqdn_se$
smtpd_sasl_auth_enable = no
smtpd_sasl_local_domain = $myhostname
smtp_tls_CApath = /etc/ssl/certs
smtpd_tls_cert_file = /etc/ssl/certs/StartCom_Certification_Authority.pem
smtpd_tls_key_file = /etc/postfix/FOO-key.pem
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550



Everything works, my home IP adress in the header is replaced with the one of the server. :D
Thanks for the help! :D

If only excito can update horde to the latest version, so it supports gnupg too!
Top
Eek
Posts: 372
Joined: 23 Dec 2007, 03:03
Location: the Netherlands

Re: sasl problems

Post by Eek »

Great!
I was already busy creating a wiki entry for using TLS email servers
but then ...darn-it ... vacation ;)
So in the wiki I mention your mail server option.
cheers
Eek
Top
Post Reply

Return to “B2 & B3 Support”