Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Problem with Telnet and Cyrus-sasl
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Yuri Ferreira
n00b
n00b


Joined: 23 Oct 2017
Posts: 17
Location: 2121

PostPosted: Mon Nov 20, 2017 1:17 am    Post subject: Problem with Telnet and Cyrus-sasl Reply with quote

i'm tryning to test cyrus-sasl, but i have problems

Code:
 root # telnet localhost 25
Trying ::1.....
Espace character is '^]'.
220 postfix.dominio.com.br ESMTP MEU DOMINIO
ehlo postfix
250-postfix.dominio.com.br
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DNS

AUTH PLAIN

502 5.5.1 Error: command not implemented

AUTH LOGIN

502 5.5.1 Error: command not implemented



my /etc/sasl2/smtpd.conf
Code:

pwcheck_method: authdaemond
mech_list: LOGIN PLAIN
sql_select dummy
authdaemond_path: /var/lib/courier/authdaemon/socket


my mail.log say

Code:

warning smtpd_sasl_auth_enable is true but sasl support is not compiled in


i installed cyrus-sasl and postfix with use flag "SASL"
cyrus-sasl also has a use flag "authdaemond"
What can it be ?
_________________
2121212
Back to top
View user's profile Send private message
eccerr0r
Watchman
Watchman


Joined: 01 Jul 2004
Posts: 6339
Location: almost Mile High in the USA

PostPosted: Mon Nov 20, 2017 1:24 am    Post subject: Reply with quote

Silly guess: did you restart postfix if you reinstalled it with USE=sasl?
(Note: I'm a sendmail + sasl user ... so only can give general suggestions...)
_________________
Intel Core i7 2700K@ 4.1GHz/HD3000 graphics/8GB DDR3/180GB SSD
What am I supposed watching?
Back to top
View user's profile Send private message
Yuri Ferreira
n00b
n00b


Joined: 23 Oct 2017
Posts: 17
Location: 2121

PostPosted: Mon Nov 20, 2017 1:33 am    Post subject: Reply with quote

eccerr0r wrote:
Silly guess: did you restart postfix if you reinstalled it with USE=sasl?
(Note: I'm a sendmail + sasl user ... so only can give general suggestions...)


Yes, I restarted postfix after installing with use "SASL"
_________________
2121212
Back to top
View user's profile Send private message
eccerr0r
Watchman
Watchman


Joined: 01 Jul 2004
Posts: 6339
Location: almost Mile High in the USA

PostPosted: Mon Nov 20, 2017 2:01 am    Post subject: Reply with quote

And "equery uses postfix" indeed indicates that you compiled with USE=sasl?

Does this
Code:
$ postconf -a

report SASL support?

The auth command necessarily needs to be part of postfix, so postfix is compiled wrong, somehow... Unless it can take plugins.
http://www.postfix.org/SASL_README.html
_________________
Intel Core i7 2700K@ 4.1GHz/HD3000 graphics/8GB DDR3/180GB SSD
What am I supposed watching?
Back to top
View user's profile Send private message
Yuri Ferreira
n00b
n00b


Joined: 23 Oct 2017
Posts: 17
Location: 2121

PostPosted: Mon Nov 20, 2017 4:01 pm    Post subject: Reply with quote

eccerr0r wrote:
And "equery uses postfix" indeed indicates that you compiled with USE=sasl?

Does this
Code:
$ postconf -a

report SASL support?

The auth command necessarily needs to be part of postfix, so postfix is compiled wrong, somehow... Unless it can take plugins.
http://www.postfix.org/SASL_README.html


command postconf -a
Code:

root # postconf -a
cyrus
dovecote

_________________
2121212
Back to top
View user's profile Send private message
Yuri Ferreira
n00b
n00b


Joined: 23 Oct 2017
Posts: 17
Location: 2121

PostPosted: Mon Nov 20, 2017 4:45 pm    Post subject: Reply with quote

eccerr0r wrote:
And "equery uses postfix" indeed indicates that you compiled with USE=sasl?

Does this
Code:
$ postconf -a

report SASL support?

The auth command necessarily needs to be part of postfix, so postfix is compiled wrong, somehow... Unless it can take plugins.
http://www.postfix.org/SASL_README.html


When i execute this:
Code:

root # telnet localhost 25
Trying ::1.....
Espace character is '^]'.
220 postfix.dominio.com.br ESMTP MEU DOMINIO
ehlo postfix
250-postfix.dominio.com.br
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DNS

AUTH PLAIN

502 5.5.1 Error: command not implemented


mail.log say:

warning smtpd_sasl_auth_enable is true but sasl support is not compiled in 


but, When I execute:
Code:

root # testsaslauthd -u tux@trcgento.com.br -p 123456
0: OK "SUCCESS.'


my method = POSTFIX ---> CYRUS-SASL -----> COURIER-AUTHLIB -------> DATABASE(MYSQL)
_________________
2121212
Back to top
View user's profile Send private message
Yuri Ferreira
n00b
n00b


Joined: 23 Oct 2017
Posts: 17
Location: 2121

PostPosted: Mon Nov 20, 2017 4:48 pm    Post subject: Reply with quote

I do not understand ! why with the telnet this error !
_________________
2121212
Back to top
View user's profile Send private message
eccerr0r
Watchman
Watchman


Joined: 01 Jul 2004
Posts: 6339
Location: almost Mile High in the USA

PostPosted: Mon Nov 20, 2017 5:59 pm    Post subject: Reply with quote

Well, it's not telnet that's the issue, it's just faking a MUA/MTA for debug. Somehow postfix is not able to use sasl properly and I don't know why... This is starting to get into postfix-specific issues and I'd have to install postfix on one of my machines to play with...
_________________
Intel Core i7 2700K@ 4.1GHz/HD3000 graphics/8GB DDR3/180GB SSD
What am I supposed watching?
Back to top
View user's profile Send private message
Yuri Ferreira
n00b
n00b


Joined: 23 Oct 2017
Posts: 17
Location: 2121

PostPosted: Tue Nov 28, 2017 6:42 pm    Post subject: Re: Problem with Telnet and Cyrus-sasl Reply with quote

Yuri Ferreira wrote:
i'm tryning to test cyrus-sasl, but i have problems

Code:
 root # telnet localhost 25
Trying ::1.....
Espace character is '^]'.
220 postfix.dominio.com.br ESMTP MEU DOMINIO
ehlo postfix
250-postfix.dominio.com.br
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DNS

AUTH PLAIN

502 5.5.1 Error: command not implemented

AUTH LOGIN

502 5.5.1 Error: command not implemented



my /etc/sasl2/smtpd.conf
Code:

pwcheck_method: authdaemond
mech_list: LOGIN PLAIN
sql_select dummy
authdaemond_path: /var/lib/courier/authdaemon/socket


my mail.log say

Code:

warning smtpd_sasl_auth_enable is true but sasl support is not compiled in


i installed cyrus-sasl and postfix with use flag "SASL"
cyrus-sasl also has a use flag "authdaemond"
What can it be ?



I still can not solve !
Help-me ?
_________________
2121212
Back to top
View user's profile Send private message
eccerr0r
Watchman
Watchman


Joined: 01 Jul 2004
Posts: 6339
Location: almost Mile High in the USA

PostPosted: Tue Nov 28, 2017 8:26 pm    Post subject: Reply with quote

I installed postfix with USE=sasl on one of my VMs temporarily. Without configuring postfix/sasl I got this:
Code:
$ telnet 10.0.0.111 25
Trying 10.0.0.111...
Connected to 10.0.0.111.
Escape character is '^]'.
220 vmhost.localdomain ESMTP Postfix
EHLO postfix
250-vmhost.localdomain
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 SMTPUTF8
AUTH PLAIN
503 5.5.1 Error: authentication not enabled
quit
221 2.0.0 Bye

Your postfix does not seem to be compiled properly, at least mine understands the AUTH command but cannot act upon it.

What does

Code:
# emerge -ptv postfix


report?

Code:
[ebuild   R    ] mail-mta/postfix-3.1.6::gentoo  USE="berkdb eai ldap pam sasl ssl -cdb -doc -dovecot-sasl -hardened -ldap-bind (-libressl) -lmdb -mbox -memcached -mysql -nis -postgres (-selinux) -sqlite" 0 KiB

_________________
Intel Core i7 2700K@ 4.1GHz/HD3000 graphics/8GB DDR3/180GB SSD
What am I supposed watching?
Back to top
View user's profile Send private message
szatox
Veteran
Veteran


Joined: 27 Aug 2013
Posts: 1493

PostPosted: Tue Nov 28, 2017 9:17 pm    Post subject: Reply with quote

Quote:
our postfix does not seem to be compiled properly, at least mine understands the AUTH command but cannot act upon it.
When I was talking to postfix using telnet it required STARTTLS before AUTH.
It's actually a pretty sane thing to do, so I wouldn't be surprised if this was the default.
Back to top
View user's profile Send private message
eccerr0r
Watchman
Watchman


Joined: 01 Jul 2004
Posts: 6339
Location: almost Mile High in the USA

PostPosted: Tue Nov 28, 2017 9:22 pm    Post subject: Reply with quote

Alas the behavior of the OP's postfix and my postfix are different despite not using a SSL connection...

It also is a bad error message to indicate a command is disabled. Here is my sendmail talk which is apparently disabling AUTH LOGIN when not under SSL, which I think is the right way to do things:
Code:
AUTH plain
504 5.3.3 AUTH mechanism plain not available
AUTH login
504 5.3.3 AUTH mechanism login not available
badcommand
500 5.5.1 Command unrecognized: "badcommand"

"5.5.1 Error: command not implemented" is hinting at compilation error IMHO.
_________________
Intel Core i7 2700K@ 4.1GHz/HD3000 graphics/8GB DDR3/180GB SSD
What am I supposed watching?
Back to top
View user's profile Send private message
Yuri Ferreira
n00b
n00b


Joined: 23 Oct 2017
Posts: 17
Location: 2121

PostPosted: Sat Dec 02, 2017 11:59 am    Post subject: Reply with quote

I tried to recompile the postfix use = "sasl ssl mbox mysql" but to no avail:
mail.log says: warning smtpd_sasl_auth_enable = yes, but sasl support was not compiled in
_________________
2121212
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum