SASL + Postfix with Debian Lenny
In the last days I have reinstalled a mail server on a new virtual host and upgraded from debain etch to lenny. The initial set was done by a friend of mine following this instructions. With the upgrade to lenny however a few adjustments were required. So I describe the new setup here.
apt-get install libsasl2-2 sasl2-bin libsasl2-modules
The postfix configuration requires the following update in/etc/postfix/main.cf.
# add permit_sasl_authenticated for SASL support
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
check_policy_service inet:127.0.0.1:60000
# add these options
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
Create /etc/postfix/sasl/smtpd.conf with this content
pwcheck_method: saslauthd mech_list: plain login
Then create directory /var/spool/postfix/var/run/saslauthd
mkdir -p /var/spool/postfix/var/run/saslauthd
Set permissions
dpkg-statoverride --add root sasl 710 /var/spool/postfix/var/run/saslauthd
And add postfix user to group sasl
adduser postfix sasl
/etc/default/saslauthd Requires some modifications
START=yes OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"
Finally restart some services.
/etc/init.d/saslauthd restart /etc/init.d/postfix restart
Upgrading from debian etch
If you are upgrading and getting permission errors then you can fix these by berforming the steps above where permissions for /var/spool/postfix/var/run/saslauthd are set and the user group sasl is updated.
SASL authentication failure: Password verification failed SASL PLAIN authentication failed: generic failure SASL authentication failure: cannot connect to saslauthd server: Permission denied SASL LOGIN authentication failed: generic failure
Recent Comments