9

Postfix fails to authenticate against cyrus saslauthd. However, saslauthd itself is willing to authenticate. What am I missing?

From syslog mail facility:

Aug  5 14:47:26 centos7-msa-test postfix/postfix-script[20286]: starting the Postfix mail system
Aug  5 14:47:26 centos7-msa-test postfix/master[20288]: daemon started -- version 2.10.1, configuration /etc/postfix
Aug  5 14:47:34 centos7-msa-test postfix/submission/smtpd[20291]: connect from client.example.com[192.0.2.2]
Aug  5 14:47:34 centos7-msa-test postfix/submission/smtpd[20291]: Anonymous TLS connection established from client.example.com[192.0.2.2]: TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits
Aug  5 14:47:34 centos7-msa-test postfix/submission/smtpd[20291]: warning: SASL authentication failure: Internal Error -4 in server.c near line 1757
Aug  5 14:47:34 centos7-msa-test postfix/submission/smtpd[20291]: warning: SASL authentication failure: Internal Error -4 in server.c near line 1757
Aug  5 14:47:34 centos7-msa-test postfix/submission/smtpd[20291]: warning: SASL authentication failure: Internal Error -4 in server.c near line 1757
Aug  5 14:47:34 centos7-msa-test postfix/submission/smtpd[20291]: warning: xsasl_cyrus_server_get_mechanism_list: no mechanism available
Aug  5 14:47:34 centos7-msa-test postfix/submission/smtpd[20291]: fatal: no SASL authentication mechanisms
Aug  5 14:47:35 centos7-msa-test postfix/master[20288]: warning: process /usr/libexec/postfix/smtpd pid 20291 exit status 1
Aug  5 14:47:35 centos7-msa-test postfix/master[20288]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling

Test of saslauthd:

# testsaslauthd -u $user -p $password -s smtp
0: OK "Success."

smtpd.conf:

# cat /etc/sasl2/smtpd.conf`
pwcheck_method: saslauthd
mech_list: plain login

postfix sasl settings:

# postconf | grep -e cyrus_sasl -e smtpd_sasl
cyrus_sasl_config_path =
send_cyrus_sasl_authzid = no
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = no
smtpd_sasl_exceptions_networks =
smtpd_sasl_local_domain =
smtpd_sasl_path = smtpd
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
smtpd_sasl_type = cyrus
84104
  • 12,698
  • 6
  • 43
  • 75

1 Answers1

19

Required additional package cyrus-sasl-plain. You can install it by

yum install cyrus-sasl-plain
masegaloeh
  • 17,978
  • 9
  • 56
  • 104
84104
  • 12,698
  • 6
  • 43
  • 75