----- Original Message ----- From: "Jason Wellman" <nimh@xxxxxxxxxxx> > > Hey all, > > I have searched the mail archives and Google trying to solve my Postfix > SMTP AUTH issue. > > I have read the document: > > /usr/share/doc/postfix-2.0.11/README-Postfix-SASL-RedHat.txt > > And performed all the tasks it outlines but I am getting the errors > (hostnames edited of course): > > Jan 13 17:36:37 XXX postfix/smtpd[13820]: connect from XXX.net[1.1.1.1] > Jan 13 17:36:37 XXX postfix/smtpd[13820]: warning: SASL authentication > problem: unable to open Berkeley db /etc/sasldb2: No such file or directory > Jan 13 17:36:37 XXX postfix/smtpd[13820]: warning: SASL authentication > problem: unable to open Berkeley db /etc/sasldb2: No such file or directory > Jan 13 17:36:37 XXX postfix/smtpd[13820]: warning: SASL authentication > failure: no secret in database > Jan 13 17:36:37 XXX postfix/smtpd[13820]: warning: XXX.net[1.1.1.1]: > SASL CRAM-MD5 authentication failed > Jan 13 17:37:31 XXX postfix/smtpd[13820]: lost connection after AUTH > from XXX.net[1.1.1.1] > Jan 13 17:37:31 XXX postfix/smtpd[13820]: disconnect from XXX.net[1.1.1.1] > It looks like you may have already perfromed some of the following tasks, but I'm going to mention them anyway. The following works at my end. 1) Recompile postfix to support sasl version 2? i.e. [scowles@voyager scowles]$ rpm -q postfix postfix-2.0.16-8.pcre.sasl2.tls.rh9 2) After adding users to /etc/sasldb2 using the saslpasswd2 command, did you copy /etc/sasldb2 to the postfix chrooted etc directory? i.e. /var/spool/postfix/etc 3) Define the auth method to be used in /usr/lib/sasl2/smtpd.conf. NOTE: I do NOT run saslauthd [scowles@voyager sasl2]$ pwd /usr/lib/sasl2 [scowles@voyager sasl2]$ cat smtpd.conf pwcheck_method: auxprop realm: mail.mydomain.tld 4) Add the sasl related entries to /etc/postfix/main.cf [scowles@voyager postfix]$ pwd /etc/postfix [scowles@voyager postfix]$ grep sasl main.cf smtpd_sasl_auth_enable = yes smtpd_sasl2_auth_enable = yes smtpd_sasl_local_domain = mail.mydomain.tld smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes ...and the following: smtpd_recipient_restrictions = [snip...] permit_mynetworks permit_sasl_authenticated reject Note the order of the permits. I allow users that match "mynetworks" to send e-mail without authenticating. Steve Cowles