【已解决】SASL LOGIN authentication failed: authentication failure - Chinaunix

Feb 26 18:47:33 centos5postfix postfix/smtpd[16481]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
Feb 26 18:47:33 centos5postfix postfix/smtpd[16481]: connect from unknown[192.168.0.111]
Feb 26 18:47:36 centos5postfix postfix/smtpd[16481]: warning: unknown[192.168.0.111]: SASL LOGIN authentication failed: authentication failure
Feb 26 18:47:36 centos5postfix postfix/smtpd[16481]: lost connection after AUTH from unknown[192.168.0.111]
Feb 26 18:47:36 centos5postfix postfix/smtpd[16481]: disconnect from unknown[192.168.0.111]
Feb 26 18:47:48 centos5postfix postfix/smtpd[16481]: connect from unknown[192.168.0.111]
Feb 26 18:47:50 centos5postfix postfix/smtpd[16481]: warning: unknown[192.168.0.111]: SASL LOGIN authentication failed: authentication failure
Feb 26 18:47:50 centos5postfix postfix/smtpd[16481]: lost connection after AUTH from unknown[192.168.0.111]
Feb 26 18:47:50 centos5postfix postfix/smtpd[16481]: disconnect from unknown[192.168.0.111]

[root@centos5postfix mailbox]# testsaslauthd -s smtp -u chen@centos5postfix.orlab-dev.jp -p 123456789
0: OK "Success."
[root@centos5postfix mailbox]# testsaslauthd -s smtp -u chen@centos5postfix.orlab-dev.jp -p 1234567890
0: NO "authentication failed"
[root@centos5postfix mailbox]#

#====================SASL========================
smtpd_sasl_auth_enable = yes
smtpd_sasl_application_name=smtp
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination

[root@centos5postfix sasl2]# cat /etc/sysconfig/saslauthd |grep FLAGS
FLAGS="-r"
[root@centos5postfix sasl2]#

===
Edit 15 dec 2006 :
IMPORTANT NOTICE FOR RHEL/CENTOS 4 USERS

I’m currently installing a mail server under CentOS 4.4 while this guide describes the CentOS 3 way
I thought it did not matter but there’s a small difference with saslauthd..

Under CentOS 4.x you need to add the following line in /etc/sysconfig/saslauthd :

FLAGS="-r"

Without the -r flag, saslauthd would query the MySQL database this way :

25 Query SELECT password FROM mailbox WHERE username = 'admin'

Obviously, the whole email address is stored in the database, with the -r flag, it will query correctly :

26 Query SELECT password FROM mailbox WHERE username = 'admin@example.org'

The man page for saslauthd mentions the -r flag under CentOS 4 only..

-r Combine the realm with the login (with an ’@’ sign in between). e.g. login: “foo” realm: “bar” will get passed as login: “foo@bar”. Note that the realm will still be passed, which may lead to unexpected behavior.
===