Bryan O'Neal wrote: > Ok, I have a smart phone that can not auth for SMTP on this postfix box > > The error I get is > May 6 09:53:39 GNUbox postfix/smtpd[16233]: TLS connection > established from 2.sub-75-244-219.myvzw.com[75.244.219.2]: SSLv3 with > cipher RC4-MD5 (128/128 bits) > May 6 09:53:41 GNUbox postfix/smtpd[16233]: warning: SASL > authentication problem: unable to open Berkeley db /etc/sasldb2: No > such file or directory > May 6 09:53:41 GNUbox postfix/smtpd[16233]: warning: SASL > authentication problem: unable to open Berkeley db /etc/sasldb2: No > such file or directory > May 6 09:53:41 GNUbox postfix/smtpd[16233]: warning: SASL > authentication failure: no secret in database > May 6 09:53:41 GNUbox postfix/smtpd[16233]: warning: > 2.sub-75-244-219.myvzw.com[75.244.219.2]: SASL CRAM-MD5 authentication > failed: authentication failure > May 6 09:53:42 GNUbox postfix/smtpd[16233]: lost connection after > AUTH from 2.sub-75-244-219.myvzw.com[75.244.219.2] > May 6 09:53:42 GNUbox postfix/smtpd[16233]: disconnect from > 2.sub-75-244-219.myvzw.com[75.244.219.2] > > So after trying to fix SASL (And failing - I would have to set it up > again from scratch which I am not prepared to do rite now) I said - Ok > - I'll just turn it off and see what happens but I still get and SASL > error - see above - And this is what I find odd. If the server is not > advertising SASL why is the client trying to negotiate it and why is > the server looking to comply? Desktop clients work fine using TSL and > password auth against the LDAP server. Which is what I would like to > do for the phones at this point. > > Could I please get some help from some one smarter then I. > > Here is the appropriate segment of my main.cf file > > content_filter = smtp-amavis:[127.0.0.1]:10024 > > smtp_use_tls = yes > smtp_tls_note_starttls_offer = yes > smtp_tls_enforce_peername = no > smtpd_use_tls = yes > smtpd_enforce_tls = no > smtp_tls_CApath = /usr/share/ssl/certs > smtpd_tls_cert_file = /etc/postfix/ssl/mail.cmaz.com.crt > smtpd_tls_key_file = /etc/postfix/ssl/mail.cmaz.com.key > smtpd_tls_wrappermode = no > smtpd_tls_auth_only = yes > smtpd_tls_loglevel = 2 > smtpd_tls_received_header = yes > smtpd_tls_session_cache_timeout = 3600s > tls_random_source = dev:/dev/urandom > tls_daemon_random_source = dev:/dev/urandom > > smtpd_sasl_auth_enable = no > smtpd_sasl2_auth_enable = no > #smtpd_sasl_local_domain = $myhostname > #smtpd_sasl_security_options = noanonymous > #smtpd_sasl_path = smtpd > > smtpd_client_restrictions = permit_mynetworks > # permit_sasl_authenticated > > #smtpd_sasl_tls_security_options = $smtpd_sasl_security_options > > mime_header_checks = regexp:/etc/postfix/mime_header_checks > > smtpd_recipient_restrictions = > permit_sasl_authenticated, > permit_mynetworks, > check_sender_access hash:/etc/postfix/whitelist, > # check_sender_access ldap:whitelist, > check_sender_access hash:/etc/postfix/spoofed-domains, > reject_non_fqdn_sender, > reject_non_fqdn_recipient, > reject_unknown_sender_domain, > reject_unknown_recipient_domain, > reject_unauth_destination, > # reject_unauth_pipelining, > #reject_rbl_client cbl.abuseat.org, > #reject_rbl_client combined.njabl.org, > #reject_rbl_client sbl-xbl.spamhaus.org, > #reject_rbl_client relays.ordb.org, > #reject_rbl_client list.dsbl.org, > #reject_rhsbl_client blackhole.securitysage.com, > #reject_rhsbl_sender blackhole.securitysage.com, > > # reject_non_fqdn_helo_hostname > # reject_invalid_helo_hostname > check_policy_service unix:/var/spool/postfix/postgrey/socket > > smtpd_data_restrictions = > reject_multi_recipient_bounce > # sleep 1 > reject_unauth_pipelining Looks to me like perhaps you need to configure Cyrus SASL. See http://www.postfix.org/SASL_README.html#server_cyrus -- -Eric 'shubes' --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss