After the death of my former mail server I have been tweaking its replacement. The new box is running SuSE 9.3 and instead of Sendmail + UW IMAP it runs Postfix and Cyrus. I setup the Cyrus authentication to use PAM. The PAM authentication is then using ‘pam_winbind.so’ to authenticate to my samba domain. Everything seemed to be working well for the past few days. Seemed to be, that is until I attempted to send mail away form home via my mail server. Due to mail security to prevent spammers from using me as an open relay sending was of course blocked. I did some more configuration and went through every HOWTO I could find. Every time I tried connecting I would get errors from the client and the following in the ‘/var/log/mail.warn’ file.
postfix/smtpd[11633]: warning: SASL authentication failure: Password verification failed
postfix/smtpd[11633]: warning: (remote hostname): SASL PLAIN authentication failed
postfix/smtpd[11633]: warning: (remote hostname): SASL LOGIN authentication failed
I finaly ran across a posting on a message board describing this problem. Their resolution was to edit the file ‘/etc/sysconfig/saslauthd’ and change the line:
SASLAUTHD_AUTHMECH=pam
to
SASLAUTHD_AUTHMECH=shadow
that change would negate the use of PAM authentication when relaying mail. This was not an option for me. It then occured to me that what was needed was a coresponding PAM entry in ‘/etc/pam.d/’ to handle SMTP. To that end I copied my ‘imap’ file to ‘smtp’ so that the resulting file contained the following:
#%PAM-1.0
auth include common-auth
account include common-account
password include common-password
session include common-session
After that file was created I tried sending my message again, and it worked perfectly.
The best HOWTO I found, aside from the one on the PostFix website, was one located on HOWTO Forge. It is a subset of an overall SUSE Perfect Setup . By following it I was able to setup TLS in minutes.
John's Musings 