Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: SMTP Auth Failing?

Hybrid View

  1. #1
    Join Date
    Oct 2005
    Posts
    19
    Rep Power
    10

    Default SMTP Auth Failing?

    I am unable to auth against the zimbra smtp server to send email.. here is the message I get:

    Oct 17 13:44:04 nucular saslauthd[14226]: auth_zimbra: mike.adams auth failed: curl_easy_perform: error(7): couldn't connect to host
    Oct 17 13:44:04 nucular saslauthd[14226]: do_auth : auth failure: [user=mike.adams] [service=smtp] [realm=unix-security.net] [mech=zimbra] [reason=Unknown]


    saslauthd is running...

    [root@nucular ~]# ps -ef | grep sasl
    zimbra 14225 1 0 13:42 ? 00:00:00 /opt/zimbra/cyrus-sasl-2.1.21.ZIMBRA/sbin/saslauthd -a zimbra
    zimbra 14226 14225 0 13:42 ? 00:00:00 /opt/zimbra/cyrus-sasl-2.1.21.ZIMBRA/sbin/saslauthd -a zimbra
    zimbra 14228 14225 0 13:42 ? 00:00:00 /opt/zimbra/cyrus-sasl-2.1.21.ZIMBRA/sbin/saslauthd -a zimbra
    zimbra 14229 14225 0 13:42 ? 00:00:00 /opt/zimbra/cyrus-sasl-2.1.21.ZIMBRA/sbin/saslauthd -a zimbra
    zimbra 14230 14225 0 13:42 ? 00:00:00 /opt/zimbra/cyrus-sasl-2.1.21.ZIMBRA/sbin/saslauthd -a zimbra
    root 16628 5850 0 13:45 pts/2 00:00:00 grep sasl
    [root@nucular ~]#


    Any clues? What is it trying to connect to?

  2. #2
    Join Date
    Sep 2005
    Posts
    274
    Rep Power
    10

    Default check the config file...

    $ cat /opt/zimbra/cyrus-sasl/etc/saslauthd.conf

    Is zimbra_url there look right?

    (URL should have "/service/soap/" for the filename part of it)

  3. #3
    Join Date
    Oct 2005
    Posts
    52
    Rep Power
    10

    Default

    I just upgraded to M2 and found that saslauthd stopped working. Looking in the saslauthd.conf file, I noticed that the url is set to use https and the zimbra_cert_file is set to /opt/zimbra/conf/smtpd.crt which does not exist on my system. At any rate, I changed the url to "http" and now the auth seems to be working. What should I do to use https for the soap services or should I just leave it alone?


    Quote Originally Posted by anand
    $ cat /opt/zimbra/cyrus-sasl/etc/saslauthd.conf

    Is zimbra_url there look right?

    (URL should have "/service/soap/" for the filename part of it)

  4. #4
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    Quote Originally Posted by tron
    I just upgraded to M2 and found that saslauthd stopped working. Looking in the saslauthd.conf file, I noticed that the url is set to use https and the zimbra_cert_file is set to /opt/zimbra/conf/smtpd.crt which does not exist on my system. At any rate, I changed the url to "http" and now the auth seems to be working. What should I do to use https for the soap services or should I just leave it alone?
    In the future please start a new thread for a new release. Things change so don't want to confuse the different releases at this early stage.

    The *upgrade* isn't really support yet so can't really comment. Not sure how you got there but this may or may not be upgrade related. It will be fine if this is all on one node. Not really a security risk.

  5. #5
    Join Date
    Oct 2005
    Posts
    52
    Rep Power
    10

    Default

    Sorry, Kevin. Next time I will start a new thread. To answer your question, this is upgrade related, and I am using M2.


    Quote Originally Posted by KevinH
    In the future please start a new thread for a new release. Things change so don't want to confuse the different releases at this early stage.

    The *upgrade* isn't really support yet so can't really comment. Not sure how you got there but this may or may not be upgrade related. It will be fine if this is all on one node. Not really a security risk.

  6. #6
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    Quote Originally Posted by tron
    Sorry, Kevin. Next time I will start a new thread. To answer your question, this is upgrade related, and I am using M2.
    How did you upgrade? Run the various SQL srcipts, after you ran the installer. You might want to try to recreate your SSL certs. You can search and see how to do that.

  7. #7
    Join Date
    Oct 2005
    Posts
    19
    Rep Power
    10

    Default

    [root@nucular docs]# cat /opt/zimbra/cyrus-sasl/etc/saslauthd.conf
    zimbra_url: http://nucular.unix-security.net/service/soap/
    zimbra_cert_file: /opt/zimbra/conf/smtpd.crt
    zimbra_cert_check: off
    [root@nucular docs]#

    Is this correct?

    I also notice that sasl isn't listening on any ports..

    [root@nucular docs]# lsof -i | grep -i sasl
    [root@nucular docs]#

  8. #8
    Join Date
    Sep 2005
    Posts
    274
    Rep Power
    10

    Default postfix -> sasl connection is through unix domain socket

    don't worry about not listening on INET socket.

    In your case, the error message was clearly that libcurl could not establish the HTTP connection. The URL does look sane. Can you connect to that URL from the command line with curl or wget?

  9. #9
    Join Date
    Oct 2005
    Posts
    19
    Rep Power
    10

    Default

    Quote Originally Posted by anand
    don't worry about not listening on INET socket.

    In your case, the error message was clearly that libcurl could not establish the HTTP connection. The URL does look sane. Can you connect to that URL from the command line with curl or wget?
    no, because I am running in https mode! Should I change the url to https?

  10. #10
    Join Date
    Sep 2005
    Posts
    274
    Rep Power
    10

    Default yeah try it

    change to https in saslauthd.conf and try to run zmsaslauthdctl restart.

    (One disclaimer though - check the config file again after you do this - we do some config file rewrite/publish on service start that might trash your change!)

    There is definitely a bug here - that you select https mode and we don't publish that change to the sasl config file. I'll open a bugzilla for this.

Similar Threads

  1. sms zimlet troubleshooting
    By switchnetworks in forum Zimlets
    Replies: 19
    Last Post: 09-09-2009, 04:37 AM
  2. need advice on configuring zimbra to work with fax server
    By pheonix1t in forum Administrators
    Replies: 0
    Last Post: 07-11-2007, 07:46 PM
  3. SMTP auth not working outside of ZCS's subnet
    By dvb in forum Administrators
    Replies: 3
    Last Post: 02-08-2007, 01:34 PM
  4. SMTP Auth error 535
    By FloydWilliams in forum Administrators
    Replies: 0
    Last Post: 01-04-2007, 01:33 PM
  5. Enable SMTP Auth to external users
    By VictorMedina in forum Administrators
    Replies: 1
    Last Post: 05-24-2006, 10:06 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •