similar to: saslauthd attack

Hi, I'm running a Centos 5.1 server that uses saslauthd to allow sendmail SMTP relaying for some clients. saslauthd is configured to use method "shadow" to lookup the username / password directly from /etc/shadow. This setup has been working for several month now, but is broken since last Monday. I haven't changed anything neither on the server nor on the clients. Now whenever a

I'm setting up a postfix server using "The Book of Postfix". In ch 15 there is a section on testing saslauthd which I can't get to work. I can get it to work using shadow password authentication, but it fails on pam. I don't kow squat about troubleshooting pam. Any PAM wizzes out there that can help? I saw a unrelated post talking about something needing to be in the pam

Folks I am using sendmail as my mail server. SELINUX is disabled. I observe messages in Centos 7 (and 6) in /var/log/messages, similar to: saslauthd[2765]: do_auth : auth failure: [user=bettie] [service=smtp] [realm=] [mech=pam] [reason=PAM auth error] I guess that this is because somebody tried to access one of the SMTP ports with a logon attempt. This is understandable; there are

Hello, I'm having trouble to get saslauthd running on a centos-5.3. I can't autheticate via testsaslauthd. Here's what I do using a fresh /etc/sasldb2: 1) start saslauthd in debug mode: saslauthd -d -a shadow -O /usr/lib64/sasl2/smtpd.conf -r -l 2) saslpasswd2 -c -a mail -u mail testuser 3) testsaslauthd -u testomat -p <mypassword> -s smtp -r mail shell output of

Hi Not sure whether this is the correct list to ask ... if it's not please direct me to the correct one. Is it possible on to log a bit more detail when auth failure occurs when using saslauthd? saslauthd[2119]: do_auth : auth failure: [user=DELETED] [service=smtp] [realm=DELETED] [mech=pam] [reason=PAM auth error] What I want is the IP address and if possible the incorrect password

Hi, I am using SMTP-AUTH over TLS with sendmail, to allow remote users to authenticate and send mail via my server, and this uses saslauthd to authenticate users. I have set up saslauthd with the "MECH=rimap" mechanism, so it uses the local IMAP server, Dovecot, for authentication. I want to do this because Dovecot is set up to use /etc/passwd for user credentials (so I don't

I am trying to get cyrus-imapd and saslauthd running together so that I can get squirrelmail to work. I have accomplished this on several other servers and have relatively complete documentation on how to do this. What I am running into in this case has me baffled. If I start saslauthd as a service: # service saslauthd start And I try testsaslauthd -u cyrus -p test Then I see this: 0: NO

Hi CentOS 7.X, sendmail.x86_64 8.14.7-5.el7, cyrus-sasl.x86_64 2.1.26-23.el7 There are conflicting message on how to increase the logging of saslauthd. I know I can do this: /usr/sbin/saslauthd -d -n0 -m /var/run/saslauthd -a pam but that requires a terminal as saslauthd logs the output to STDOUT, this is not what I want. I would like to have it started as a daemon and verbosity of

sieveshell cannot connect as any user Mar 14 23:53:45 srv1 saslauthd[22038]: do_auth : auth failure: [user=root] [service=sieve] [realm=] [mech=shadow] [reason=Unknown] Mar 14 23:53:45 srv1 sieve[22047]: Password verification failed Mar 14 23:53:45 srv1 perl: No worthy mechs found Mar 15 00:01:54 srv1 saslauthd[22164]: do_auth : auth failure: [user=root] [service=sieve] [realm=]

the commande [root @ r13 *** ~] # sasl2-shared-mechlist Available mechanisms: GSSAPI, ANONYMOUS CRAM-MD5, DIGEST-MD5, LOGIN, PLAIN, NTLM Library media: EXTERNAL, NTLM, PLAIN, LOGIN, DIGEST-MD5, CRAM-MD5, ANONYMOUS, GSSAPI [root @ r13151 ~] # indicates the presence of all options the customer smtp in the page http://www.sendmail.org/~ca/email/auth.html it indicates that you have to

Hello folks, I have a CentOS 6.4 installation running Sendmail, and after some serious hair tear stare and compare I'm a bit stumped. When I connect to the server either with telnet or SSL, sendmail is not presenting the AUTH capability after an EHLO. Everything looks like it should be working, but no amount of tweaking is getting the AUTH capability advertised (and it doesn't work if

On 4/25/2017 7:00 PM, Jobst Schmalenbach wrote: > Is it possible on to log a bit more detail when auth failure occurs when using saslauthd? > > saslauthd[2119]: do_auth : auth failure: [user=DELETED] [service=smtp] [realm=DELETED] [mech=pam] [reason=PAM auth error] > > What I want is the IP address and if possible the incorrect password (just to see how far they are off). > Is

On Wed, Sep 11, 2019 at 01:34:27PM +1000, Jobst Schmalenbach wrote: > CentOS 7.X, sendmail.x86_64 8.14.7-5.el7, cyrus-sasl.x86_64 2.1.26-23.el7 > > There are conflicting message on how to increase the logging of saslauthd. > > I know I can do this: > /usr/sbin/saslauthd -d -n0 -m /var/run/saslauthd -a pam > > but that requires a terminal as saslauthd logs the output

The dovecot instance set up with auth_realms and auth_default_realm variables and it is working well. In saslauthd configurations setting same variables giving configuration parsing error (I think it is not right way to configure kerberos realm in saslauthd). However testsaslauthd working without any problems even if I don't specify realm parameter from command line. On 03/10/17 06:17,

Hello, I'm trying to set up a sendmail server on 4.8 that supports auth-based relaying. I followed the procedures at http://puresimplicity.net/~hemi/freebsd/sendmail.html, and aside from having to run makes manually in the library directories, I had no difficulty. I did not use the rebuild world recommendation, though. Everything is up and running, but whenever I try to send mail

Hello I just finished setting up FreeIPA with Dovecot + Postfix + Saslauthd. I can easily access to mails using imap via dovecot with gssapi authentication and postfix also delivering mails very well. But I cannot send email from postfix using gssapi authentication (plain and login authentication working fine) because saslauthd is not specifying realm when requesting service from freeipa domain.

On Wed, Sep 11, 2019 at 09:43:32AM -0400, Jonathan Billings (billings at negate.org) wrote: > On Wed, Sep 11, 2019 at 01:34:27PM +1000, Jobst Schmalenbach wrote: > > CentOS 7.X, sendmail.x86_64 8.14.7-5.el7, cyrus-sasl.x86_64 2.1.26-23.el7 > If you look at the systemd unit for saslauthd, you can see this: > > [Unit] > Description=SASL authentication daemon. >

I just took my first cent server into production and now saslauthd keep crashing after brute force attack. I found a bug report so this has already been reported but not fixed. http://bugs.centos.org/print_bug_page.php?bug_id=2860 I assume this has to be a large problem for many people and am surprised it hasn't been fixed yet. Has anyone found a work around for this bug? Is there a

This is the first time I am using cyrus-imapd package. I am unable to retrieve messages (pop3). At first, I had not entered the cyrus-master in /etc/hosts.allow and was getting connection refused. After adding the entry I am able to connect to port 110 but for some reason the pop3 server is failing the password authentication (see below). With the same userid/passwd I am able to ssh into the

Hi ... Can someone tell me whether or not this is indicative of a hardware, or software, problem? It happened a few times today, on two different drives, and it seem to "self-recover", since the server is still purring along without any noticeable problems: neptune# grep "timed out" /var/log/messages Jul 25 03:52:51 neptune /kernel: (da2:ahd1:0:2:0): SCB 0x40 - timed out