Home » Forums » trixbox CE development Forum » General Development

postfix sasl related problem

rvandam
Posts: 11
 Member Since:
2009-09-04
Submitted by rvandam on Wed, 12/29/2010 - 3:29am.

I spend the last day to get the voicemail notification working with Trixbox 2.8.0.4. All the notifications were refused by the password protected smtp server. It turned out that only the first 15 characters of the username/password combinations were send to login. So if my sasl_password file look like mail.myserver.nl:25 logins@myserver.nl:not@dlflewskr only logins@myserver is used for authorization, which is obviously wrong. When I disable sasl in main.cf the mails are send correctly.

How important is the sasl? and how do I get this working?

Rob

‹ How to get the caller number with java application add extension to ringgroup programmatically ›


Astrosmurfer
Posts: 643
 Member Since:
2009-12-28
News to me.
Wed, 12/29/2010 - 7:43am

I've never heard of any issues with character limits in SASL authentication. I can't help but wonder if you compiled the sasl_passwd file?

/etc/postfix/main.cf:
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd


# postmap /etc/postfix/sasl_passwd

As for the importance of sasl, it depends. sasl is required if you must have user authenticated access to postfix or, in your case, your SMTP relay host requires authentication prior to relaying. sasl is also needed when using TLS encrypted transport.

However, if your goal is to send out voicemail notifications through a smart host and you can successfully accomplish this with sasl disabled, as you described above, then sasl is of no importance to you.



rvandam
Posts: 11
 Member Since:
2009-09-04
Thanks for the reply. I
Wed, 12/29/2010 - 7:47am

Thanks for the reply. I indeed compiled the sasl_password file. When i do a reverse check "postmap -s sasl_password" I get the correct output.



rvandam
Posts: 11
 Member Since:
2009-09-04
Thanks to the Postfix
Wed, 12/29/2010 - 9:50am

Thanks to the Postfix mailinglist I found out that I was only capturing tcp headers, thus capped login credentials. This was also not related to the problems I have, sending mail to my mailserver.



rvandam
Posts: 11
 Member Since:
2009-09-04
Trixbox (Centos) is using an
Fri, 12/31/2010 - 1:03am

Trixbox (Centos) is using an old version of Postfix 2.3.3 These versions try to authenticate with SASL authoriZation ID (authzid); the SASL authentiCation ID (authcid) plus the authcid's password. This results in a username:username:password string as authentification.

My smtp server (with Exim) can only deal with a username:password authentification string.

In the newer versions of Postfix (2.4.4) this behaviour can be turned off with a send_cyrus_sasl_authzid = no option in main.cf

Not sure what to do now.......



SkykingOH
Posts: 9675
 Member Since:
2007-12-17
Just grab the newer postfix
Fri, 12/31/2010 - 1:45am

Just grab the newer postfix RPM for CentOS 5 and install:


cd /usr/src
wget <a href="http://www.linuxmail.info/files/postfix-2.4.7-1.mysql.sasl2.vda.rhel5.i386.rpm" title="http://www.linuxmail.info/files/postfix-2.4.7-1.mysql.sasl2.vda.rhel5.i386.rpm">http://www.linuxmail.info/files/postfix-2.4.7-1.mysql.sasl2.vda.r...</a>
rpm -ivh postfix-2.4.7-1.mysql.sasl2.vda.rhel5

That's it

I have not idea why our forum software is mangling the line in the wget statement...Just use the http part

--

Scott

aka "Skyking"



rvandam
Posts: 11
 Member Since:
2009-09-04
Thanks for the info!
Fri, 12/31/2010 - 1:57am

Thanks for the info!

Edit: It already works perfectly!!!!!!



Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.