search for: saslauth

Is it possible to use saslauth for digest-md5 or cram-md5 authentication? If so how would one go about configuring dovecot? Thanks, -- Knute Johnson Molon Labe...

...e: > On 4/25/2017 7:00 PM, Jobst Schmalenbach wrote: > > snip > > client request originated from, so logging the IP of the failed request had > best be done at a higher layer. Good answer, makes sense. As for the higher layer used - can be either sendmail or imaps as both use the saslauth. Just need to find a way to "connect" the sasl request to the caller that issued the sasl request ... thx Jobst -- Student to Teacher: Sir, what's an oxymoron? .... Teacher to Student: Microsoft security. | |0| | Jobst Schmalenbach, jobst at barrett.com.au, General Manager...

Hi Not sure whether this is the correct list to ask ... if it's not please direct me to the correct one. Is it possible on to log a bit more detail when auth failure occurs when using saslauthd? saslauthd[2119]: do_auth : auth failure: [user=DELETED] [service=smtp] [realm=DELETED] [mech=pam] [reason=PAM auth error] What I want is the IP address and if possible the incorrect password (just to see how far they are off). Is this possible? thanks Jobst -- If a pig loses its voice...

On 4/25/2017 7:00 PM, Jobst Schmalenbach wrote: > Is it possible on to log a bit more detail when auth failure occurs when using saslauthd? > > saslauthd[2119]: do_auth : auth failure: [user=DELETED] [service=smtp] [realm=DELETED] [mech=pam] [reason=PAM auth error] > > What I want is the IP address and if possible the incorrect password (just to see how far they are off). > Is this possible? what protocol are thes...

On 04/25/2017 07:00 PM, Jobst Schmalenbach wrote: > What I want is the IP address and if possible the incorrect password (just to see how far they are off). > Is this possible? I hope not. That's a terrible idea. Every time a user fat-fingers their password, your plain-text logs have a copy of their almost-correct password.

Hi All, I have a mail server with CentOS 4 (fully updated) running dovecot and postfix. I have a couple of virtual domains, so I've setup postfix and dovecot accordingly. That is, dovecot is doing the auth for internal hosts, and postfix is handling sending/receiving for both domains. What I want to do now is open up pop3s and smtp over TLS, which will give me access to my two domains from

I am trying to get cyrus-imapd and saslauthd running together so that I can get squirrelmail to work. I have accomplished this on several other servers and have relatively complete documentation on how to do this. What I am running into in this case has me baffled. If I start saslauthd as a service: # service saslauthd start And I try t...

On Tue, Apr 25, 2017 at 07:14:56PM -0700, Gordon Messmer (gordon.messmer at gmail.com) wrote: > On 04/25/2017 07:00 PM, Jobst Schmalenbach wrote: > > What I want is the IP address and if possible the incorrect password (just to see how far they are off). > > Is this possible? > > I hope not. That's a terrible idea. Every time a user fat-fingers their > password, your

...s up the users credentials to allow them to send email via that server via an imap server on the same machine when sending email while on the road. I can send email when specifying a user that is stored in the servers /etc/shadow ... no problem but I cannot get my head around it how to do make saslauth OR sendmail lookup the user via the imap daemon. This is the working config (mc) for the sendmail daemon when using a locally created user (I knock the PLAIN off once I got it to work): define(`confAUTH_MECHANISMS', `LOGIN PLAIN DIGEST-MD5 CRAM-MD5') TRUST_AUTH_MECH(`LOGIN PLAIN DIGE...

...ooks up the users credentials to allow them to send email via that server via an imap server on the same machine when sending email while on the road. I can send email when specifying a user that is stored in the servers /etc/shadow ... no problem but I cannot get my head around it how to do make saslauth OR sendmail lookup the user creds via the imap daemon. This is the working config (mc) for the sendmail daemon when using a locally created user (I knock the PLAIN off once I got it to work): define(`confAUTH_MECHANISMS', `LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl TRUST_AUTH_MECH(`LOGIN P...

..._retries = 3 sbus_timeout = 30 services = nss, pam domains = AD.COMPANY.COM [nss] filter_groups = root,bin,daemon,sys,adm,tty,disk,lp,mem,kmem,wheel,mail,uucp,man,games,gopher,video,dip,ftp,lock,audio,nobody,users,floppy,vcsa,utmp,utempter,rpc,cdrom,tape,dialout,rpcuser,nfsnobody,sshd,cgred,screen,saslauth,apache,mailnull,smmsp,mysql filter_users = root,bin,daemon,adm,lp,sync,shutdown,halt,mail,uucp,operator,games,gopher,ftp,nobody,vcsa,rpc,rpcuser,nfsnobody,sshd,saslauth,apache,mailnull,smmsp,mysql,apache reconnection_retries = 3 #entry_cache_timeout = 300 entry_cache_nowait_percentage = 75 [domain...

OK. Why does saslauth ship on CentOS4 with a saslpasswd application that creates a db called /etc/sasldb and a sasldblistusers application that will look nowhere else while the sendmail that ships with it looks for /etc/sasldb2??? Where is this getting set? sendmail[25343]: unable to open Berkeley db /etc/sasldb2: No s...

From time to time I'm seeing this message: I couldn't find the numerical IDs of these users: abrt nslcd pulse rtkit saslauth tcpdump usbmuxd In most cases this is caused by inconsistencies in the user or group database, e.g. between the files /etc/passwd, /etc/group and their respective shadow files /etc/shadow and /etc/gshadow. I will try to ignore these entries and continue for now, but please fix these inconsisten...

On Wed, Sep 11, 2019 at 09:43:32AM -0400, Jonathan Billings (billings at negate.org) wrote: > On Wed, Sep 11, 2019 at 01:34:27PM +1000, Jobst Schmalenbach wrote: > > CentOS 7.X, sendmail.x86_64 8.14.7-5.el7, cyrus-sasl.x86_64 2.1.26-23.el7 > If you look at the systemd unit for saslauthd, you can see this: > > [Unit] > Description=SASL authentication daemon. > After=syslog.target > > [Install] > WantedBy=multi-user.target > I have tried that as well before I asked for help, however systemd refuses to accept this as the "-d" keeps saslauthd in...

...(Not the complete list to reduce the long of email) root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin ntp:x:38:38::/etc/ntp:/sbin/nologin saslauth:x:996:76:Saslauthd user:/run/saslauthd:/sbin/nologin ATGTM00\rommel:*:21144:20513:Rommel Rodriguez Toirac:/home/rommel:/bin/bash ATGTM00\administrator:*:20500:20513::/home/administrator:/bin/bash [root at gtmpve /]# getent group root:x:0: bin:x:1: daemon:x:2: sys:x:3: adm:x:4: nfsnobody:x:65534: n...

....128.0 10.0.0.0/255.0.0.0 192.170.192.0/255.255.224.0 invalid users = root bin daemon adm lp sync shutdown halt mail operator games ftp nobody dbus systemd-coredump systemd-resolve tss polkitd geoclue rtkit pulse pipewire libstoragemgmt qemu usbmuxd unbound rpc gluster chrony setroubleshoot saslauth dnsmasq radvd clevis cockpit-ws cockpit-wsinstance sssd flatpak colord gdm rpcuser gnome-initial-setup sshd pesign avahi rngd tcpdump munge kernel oplocks = Yes vfs objects = gpfs fileid catia fruit streams_xattr [root at midway3-dm1 samba]# wbinfo -D ADLOCAL Name : A...

Hi CentOS 7.X, sendmail.x86_64 8.14.7-5.el7, cyrus-sasl.x86_64 2.1.26-23.el7 There are conflicting message on how to increase the logging of saslauthd. I know I can do this: /usr/sbin/saslauthd -d -n0 -m /var/run/saslauthd -a pam but that requires a terminal as saslauthd logs the output to STDOUT, this is not what I want. I would like to have it started as a daemon and verbosity of logging increased into a log file. How can I increase th...

...192.170.192.0/255.255.224.0 > > invalid users = root bin daemon adm lp sync shutdown halt mail > operator games ftp nobody dbus systemd-coredump systemd-resolve tss > polkitd geoclue rtkit pulse pipewire libstoragemgmt qemu usbmuxd unbound > rpc gluster chrony setroubleshoot saslauth dnsmasq radvd clevis > cockpit-ws cockpit-wsinstance sssd flatpak colord gdm rpcuser > gnome-initial-setup sshd pesign avahi rngd tcpdump munge > > kernel oplocks = Yes > > vfs objects = gpfs fileid catia fruit streams_xattr > > [homes] > > b...

...ment I get : Relay access denied Here is my configuration (first is file hierarchy followed by file contents) and I would like to know what I need to do to allow authenticated user send email. In this tutorial http://library.linode.com/email/postfix/dovecot-mysql-ubuntu-10.04-lucid#sph_configure-saslauthd-to-use-mysql it seems I have to add some configuration lines inside /etc/pam.d/smtp and add database configuration inside /etc/postfix/sasl/smtpd.conf. But what I find weird is the fact I have to configure some sql queries from smtpd.conf while normally dovecot has already all the information to...

hi dovecot mailinglist - Configuration FreeBSD-9.3 sendmail -d0.1 == sendmail-8.14.9 <<-- dovecot --version == dovecot-2.2.15 # =================================================================== # I'm trying to get sendmail to invoke dovecot.m4 ( dovecot-lda ) to # deliver emails to dovecot's virtual users ( /etc/dovecot/passwd ) # or mysql/postgresql virtual users #