[Nottingham] SASL with Postfix woes

Michael Quaintance penfoldq at penfoldq.co.uk
Tue Dec 5 19:38:57 GMT 2006


Hi

I have a new server I'm trying to configure to host my domains and 
email. It is running Debian Sarge and I have installed postfix as the MTA.

As the box is in Redbus Interhouse (London), and I want to use it as my 
SMTP server for myself and a couple of other users all on DHCP-assigned 
addresses without having an open relay, I'm trying to use SASL to 
authenticate the users trying to relay through it.

Unfortunately, although I have installed postfix with TLS and SASL and 
the SASL libraries, when I try to authenticate I get "535 Error: 
authentication failed."

lorraine:~ penfoldq$ telnet remote.domain 25
Trying xxx.xxx.xxx.xxx...
Connected to remote.domain.
Escape character is '^]'.
220 remote.domain ESMTP Postfix (Debian/GNU)
EHLO some.rubbish
250-remote.domain
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH NTLM LOGIN PLAIN DIGEST-MD5 CRAM-MD5
250 8BITMIME
AUTH PLAIN cGVuZm9sZHEAcGVuZm9sZHEAcGFzc3dvcmQ=
535 Error: authentication failed
quit
221 Bye
Connection closed by foreign host.
lorraine:~ penfoldq$


I cannot see anything in /var/log/messages (at all during the period of 
the test) and I don't know how to proceed in debugging this.

All the software used was either part of the base install of Debian or 
was obtained through apt-get. I'd rather not have to compile anything on 
this box but if it's not available as a package, I might not have the 
choice.

Any ideas on how to proceed? At all?

-Michael

PS to save anyone trying to decode the base64 password above, the 
example given is not my real password, but assume I am using a base64 
encoding of "penfoldq\0penfoldq\0<password>" where <password> is a valid 
one in the SASL2 database /etc/sasl2db for the user penfoldq.

-M.



More information about the Nottingham mailing list