0

If I turn on smtp_sasl_auth_enable=yes <- yes

I get this set of warnings and a fatal for SASL. I can not see why it's also looking for cyrus - which is not compiled in.

postfix/smtp[87056]: warning: unsupported SASL client implementation: cyrus
Apr 20 13:29:52 zeus.quantum-radio.net postfix/smtp[87056]: fatal: SASL library initialization
Apr 20 13:29:53 zeus.quantum-radio.net postfix/master[86038]: warning: process /usr/libexec/postfix/smtp pid 87056 exit status 1
Apr 20 13:29:53 zeus.quantum-radio.net postfix/master[86038]: warning: /usr/libexec/postfix/smtp: bad command startup -- throttling

My configs are like this:

smtpd_use_tls=yes
smtpd_tls_cert_file=/System/Library/OpenSSL/certs/testServer.crt
smtpd_tls_key_file=/System/Library/OpenSSL/private/testServer.key
tls_random_source=dev:/dev/urandom

smtpd_sasl_auth_enable=yes
smtpd_sasl_type=dovecot
smtpd_sasl_path=private/auth
smtpd_recipient_restrictions=check_sender_access  hash:/usr/local/cutedge/postfix/etc/access, check_client_access hash:/usr/local/cutedge/postfix/etc/access, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access hash:/usr/local/cutedge/postfix/etc/access
broken_sasl_auth_clients=yes

smtp_sasl_auth_enable=no
smtp_sasl_password_maps=hash:/usr/local/cutedge/postfix/etc/sasl_passwd
smtp_sasl_security_options=noplaintext,noanonymous
smtp_use_tls=yes

smtpd_helo_required=yes
Harry McGovern
  • 101
  • 1
  • 2
  • did you realize that there is also the line `smtp_sasl_auth_enable=no` in your config? What you changed, was `smtpd_sasl_auth_enable=yes`, which is not what you say in your question – Slizzered Apr 20 '15 at 15:20
  • 1
    yes, I know. It was yes - generated error - I changed it to no - error gone. – Harry McGovern Apr 21 '15 at 08:08

1 Answers1

2

Postfix does not implement SASL itself, but instead uses existing implementations as building blocks. Currently postfix only support two SASL implementation, Cyrus SASL and Dovecot SASL.

  1. Cyrus SASL provide SASL framework for both Postfix SMTP server smtpd and SMTP client smtp
  2. Current implementation of Dovecot SASL does not provide client functionality.

So, that's clear enough why postfix smtp throws error about missing cyrus SASL implementation. It's because Postfix SMTP client only using Cyrus SASL implementation to get working.

The obvious solution is compile postfix with both SASL implementation: Cyrus SASL and Dovecot SASL. To check if they are both compiled to postfix use, postconf command 

postconf -a
masegaloeh
  • 17,978
  • 9
  • 56
  • 104
  • Thanks, I have Dovecot - not Cyrus. I don't need client - smtp, so didn't compile it in. So I probably also need to turn off smtp_use_tls=yes – Harry McGovern Apr 21 '15 at 08:10
  • Good... That's will turn off the error. – masegaloeh Apr 21 '15 at 08:32
  • I now have Postfix-3.1+Dovecot+Cyrus+Mysql+Pche compiled in and running - with Dovecot still the master. It seems to be working, mail is flowing - but now still getting "no worthy mechs found" in syslog. See other thread. – Harry McGovern Apr 22 '15 at 10:48