Page 1 of 1

postfix/smtpd warning SASL authentication problem

Posted: 04 Jun 2014 00:42
by micoots
Hi,

We see alot of these messages in the maillog:

Jun 4 10:33:42 server postfix/smtpd[20149]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
Jun 4 10:33:42 server postfix/smtpd[20149]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory

They are warnings so not too much of a concern, since the authentication is assumed to be working (if the user actually authenticates) but it would be good to "fix" this if we can.

Have searched the web and there's not much there to "fix" this problem, and this explains a little about the warning:

[*]http://www.tummy.com/software/vpostmast ... l_warnings

If anyone has a fix please advise. Thanks.

Michael.

Re: postfix/smtpd warning SASL authentication problem

Posted: 04 Jun 2014 02:33
by shawniverson

Re: postfix/smtpd warning SASL authentication problem

Posted: 04 Jun 2014 04:03
by micoots
Hi,

I don't have a GitHub account so just posting an update here.

A little more research and I was able to "get rid of" this problem by:

# cat /usr/lib64/sasl2/smtpd.conf
pwcheck_method: auxprop
auxprop_plugin: sasldb
mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5

changed to:

# cat /usr/lib64/sasl2/smtpd.conf
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN

and:

# service saslauthd restart ; service postfix restart

This stopped those warnings altogether.

Another solution proposed by this:

http://lists.kolab.org/pipermail/users/ ... 15626.html

was to simply run:

# saslpasswd2 sasldb2

and a password after the prompt which would create the /etc/sasldb2 file. I did not do this solution so not sure what the result would have been.

The creation of /etc/sasldb2 may be better? as it would cater for no config changes to /usr/lib64/sasl2/smtpd.conf but am unsure what impact that would have so I would rather disable some AUTH methods.

What's your opinion?

Re: postfix/smtpd warning SASL authentication problem

Posted: 04 Jun 2014 20:03
by buzzzo
Note to dev: Is SASL really used in EFA ? i don't think.

Re: postfix/smtpd warning SASL authentication problem

Posted: 07 Jun 2014 23:45
by shawniverson
SASL isn't being used currently, but I wonder if some users may be interested?

Re: postfix/smtpd warning SASL authentication problem

Posted: 21 Jun 2014 21:02
by darky83
actually I added this to efa as it was included in esva and I know some users wanted to use it for relay authentication.

But should we keep it? if there is no need/request/whatever for it it might be better to disable it all..

Re: postfix/smtpd warning SASL authentication problem

Posted: 22 Jun 2014 16:44
by buzzzo
I would suggest to enable a sasl service to let postfix do smtp-auth against a pop3/imap service of corporate internal mail server.
After all all mails coming tru efa are delivered to a final smtp server.
And even exchange has imap/pop services.

Re: postfix/smtpd warning SASL authentication problem

Posted: 08 Jul 2014 17:45
by darky83
For the 3.0.0.5 update I will just add a dummy file with a randomly generated password if the file doesn't exist yet.

Re: postfix/smtpd warning SASL authentication problem

Posted: 12 Oct 2016 23:54
by dbrunt
Hackers are at work...

Code: Select all

Oct  9 23:22:33 efa postfix/smtpd[15261]: warning: unknown[1.250.238.180]: SASL LOGIN authentication failed: authentication failure
Oct  9 23:22:34 efa postfix/smtpd[15261]: lost connection after AUTH from unknown[1.250.238.180]
Is this the best way to disable SASL authentication?
/etc/postfix/main.cf:

Code: Select all

smtpd_sasl_auth_enable = no