Hi,
We see alot of these messages in the maillog:
Jun  4 10:33:42 server postfix/smtpd[20149]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
Jun  4 10:33:42 server postfix/smtpd[20149]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
They are warnings so not too much of a concern, since the authentication is assumed to be working (if the user actually authenticates) but it would be good to "fix" this if we can.
Have searched the web and there's not much there to "fix" this problem, and this explains a little about the warning:
[*]http://www.tummy.com/software/vpostmast ... l_warnings
If anyone has a fix please advise. Thanks.
Michael.
			
			
									
						
										
						postfix/smtpd warning SASL authentication problem
- shawniverson
- Posts: 3783
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: postfix/smtpd warning SASL authentication problem
Hi,
I don't have a GitHub account so just posting an update here.
A little more research and I was able to "get rid of" this problem by:
# cat /usr/lib64/sasl2/smtpd.conf
pwcheck_method: auxprop
auxprop_plugin: sasldb
mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
changed to:
# cat /usr/lib64/sasl2/smtpd.conf
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
and:
# service saslauthd restart ; service postfix restart
This stopped those warnings altogether.
Another solution proposed by this:
http://lists.kolab.org/pipermail/users/ ... 15626.html
was to simply run:
# saslpasswd2 sasldb2
and a password after the prompt which would create the /etc/sasldb2 file. I did not do this solution so not sure what the result would have been.
The creation of /etc/sasldb2 may be better? as it would cater for no config changes to /usr/lib64/sasl2/smtpd.conf but am unsure what impact that would have so I would rather disable some AUTH methods.
What's your opinion?
			
			
									
						
										
						I don't have a GitHub account so just posting an update here.
A little more research and I was able to "get rid of" this problem by:
# cat /usr/lib64/sasl2/smtpd.conf
pwcheck_method: auxprop
auxprop_plugin: sasldb
mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
changed to:
# cat /usr/lib64/sasl2/smtpd.conf
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
and:
# service saslauthd restart ; service postfix restart
This stopped those warnings altogether.
Another solution proposed by this:
http://lists.kolab.org/pipermail/users/ ... 15626.html
was to simply run:
# saslpasswd2 sasldb2
and a password after the prompt which would create the /etc/sasldb2 file. I did not do this solution so not sure what the result would have been.
The creation of /etc/sasldb2 may be better? as it would cater for no config changes to /usr/lib64/sasl2/smtpd.conf but am unsure what impact that would have so I would rather disable some AUTH methods.
What's your opinion?
Re: postfix/smtpd warning SASL authentication problem
Note to dev: Is SASL really used in EFA ? i don't think.
			
			
									
						
										
						- shawniverson
- Posts: 3783
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: postfix/smtpd warning SASL authentication problem
SASL isn't being used currently, but I wonder if some users may be interested?
			
			
									
						
										
						Re: postfix/smtpd warning SASL authentication problem
actually I added this to efa as it was included in esva and I know some users wanted to use it for relay authentication.
But should we keep it? if there is no need/request/whatever for it it might be better to disable it all..
			
			
									
						
							But should we keep it? if there is no need/request/whatever for it it might be better to disable it all..
Version eFa 5.x now available!
			
						Re: postfix/smtpd warning SASL authentication problem
I would suggest to enable a sasl service to let postfix do smtp-auth against a pop3/imap service of corporate internal mail server.
After all all mails coming tru efa are delivered to a final smtp server.
And even exchange has imap/pop services.
			
			
									
						
										
						After all all mails coming tru efa are delivered to a final smtp server.
And even exchange has imap/pop services.
Re: postfix/smtpd warning SASL authentication problem
For the 3.0.0.5 update I will just add a dummy file with a randomly generated password if the file doesn't exist yet.
			
			
									
						
							Version eFa 5.x now available!
			
						Re: postfix/smtpd warning SASL authentication problem
Hackers are at work...
Is this the best way to disable SASL authentication?
/etc/postfix/main.cf:
			
			
									
						
										
						Code: Select all
Oct  9 23:22:33 efa postfix/smtpd[15261]: warning: unknown[1.250.238.180]: SASL LOGIN authentication failed: authentication failure
Oct  9 23:22:34 efa postfix/smtpd[15261]: lost connection after AUTH from unknown[1.250.238.180]/etc/postfix/main.cf:
Code: Select all
smtpd_sasl_auth_enable = no
