1

I have such configuration:

/etc/postfix/main.cf

smtpd_sasl_type = cyrus
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = /usr/lib/sasl2/smtpd

/usr/lib/sasl2/smtpd.conf

pwcheck_method: auxprop
auxprop_plugin: sasldb
mech_list: PLAIN LOGIN DIGEST-MD5 NTLM

But when I connect to SMTP I get unexpected CRAM-MD5 mechanism

$ telnet localhost 25

Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 ubuntu8 ESMTP Postfix (Ubuntu)
EHLO localhost
250-AUTH NTLM CRAM-MD5 PLAIN LOGIN DIGEST-MD5
...

So it looks like it does not use my config. What is wrong here?

Also, if I don't specify smtpd_sasl_path, there is default config located? According to http://www.postfix.org/SASL_README.html

Cyrus SASL version 2.x searches for the configuration file in /usr/lib/sasl2/.

But actually I had no config at this location by default.

Versions: ubuntu 8.04, postfix 2.5

alex2k8
  • 175
  • 1
  • 4
  • 9

3 Answers3

2

You should not set the full path "/usr/lib/sasl2/smtpd" for "smtpd_sasl_path" here,only "smtpd" is ok,this pespective need an application name not a path for cyrus to deside the configuration file used by the postfix.

see http://www.postfix.org/postconf.5.html#smtpd_sasl_path.

weynhamz
  • 131
  • 4
1

The meaning of smtpd_sasl_path is specific to your SASL implementation; with Dovecot it points to a socket that Postfix can use to communicate with the IMAP daemon. I'm not sure exactly what it means with Cyrus, but you can find its default value (as well as the default value of all the other Postfix configuration variables) by running:

$ sudo postconf -d | grep smtpd_sasl_path

As for the Cyrus configuration file, have you tried setting cyrus_sasl_config_path in main.cf?

mshroyer
  • 280
  • 1
  • 3
  • 9
1

The documentation for this config option is a bit scattered.

As mentioned in one of the other answers, this documentation (http://www.postfix.org/postconf.5.html#smtpd_sasl_path) states that the default is smtpd.

Then, to find out what this actually means, take a look here -

http://www.postfix.org/SASL_README.html#server_cyrus_name

and here -

http://www.postfix.org/SASL_README.html#server_cyrus_location

These state:

The name of the configuration file (default: smtpd.conf) is configurable. It is a concatenation from a value that the Postfix SMTP server sends to the Cyrus SASL library, and the suffix .conf, added by Cyrus SASL.

The value sent by Postfix is the name of the server component that will use Cyrus SASL. It defaults to smtpd and is configured with one of the following variables:

/etc/postfix/main.cf:

# Postfix 2.3 and later
smtpd_sasl_path = smtpd

# Postfix < 2.3
smtpd_sasl_application_name = smtpd

And:

The location where Cyrus SASL searches for the named file depends on the Cyrus SASL version and the OS/distribution used.

You can read more about the following topics:

Cyrus SASL version 2.x searches for the configuration file in /usr/lib/sasl2/.

Cyrus SASL version 2.1.22 and newer additionally search in /etc/sasl2/.

Some Postfix distributions are modified and look for the Cyrus SASL configuration file in /etc/postfix/sasl/, /var/lib/sasl2/ etc. See the distribution-specific documentation to determine the expected location.

Note Cyrus SASL searches /usr/lib/sasl2/ first. If it finds the specified configuration file there, it will not examine other locations.

Then, you can check where Postfix will actually look first for the sasl config file, which can be found (For debian based distros) in /usr/share/doc/postfix/README.Debian

Here it mentions:

  1. For policy reasons:
    a. SASL configuration goes in /etc/postfix/sasl

So ... Putting that all together, defining it as smtpd (or leaving it as default), it will look for smtpd.conf in the /etc/poostfix/sasl directory.

If it doesn't exist there, it will look for the file in /usr/lib/sasl2/ then /etc/sasl2/

Gotta love ancient documentation :D