Postfix + SASL on CentOS 7 after Migration from Ubuntu?

1 post / 0 new
#1 Tue, 04/02/2019 - 20:48
granroth

Postfix + SASL on CentOS 7 after Migration from Ubuntu?

I've managed my domain using Virtualmin on Ubuntu 14.04 for awhile but find myself needing to upgrade since that OS is getting out of date. I attempted to migrate to an Ubuntu 18.04 box but that failed miserably due to IP issues. So I reprovisioned the box with CentOS 7 -- the gold standard of Virtualmin. And now I can't get Postfix to work with SASL.

The problem I'm facing is that I can't get Postfix and saslauthd to agree where the mux file is. This is possibly because I am migrating my domains from Ubuntu in the first place and CentOS and Ubuntu sharply disagree on where that should be.

CentOS has the sasl run files in /run/saslauthd like so:

/usr/sbin/saslauthd -m /run/saslauthd -a pam -r

I can successfully authenticate against SASL with the default configuration:

testsaslauthd -u my-user-name -p my-password -s smtp
0: OK "Success."

When I try to authenticate against Postfix, though, it doesn't work:

nc localhost 25
220 max.local ESMTP Postfix
ehlo domain.org
250-max.local
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
auth plain a3VydC1ncmFucma0aC1jb20Aa3VydC1nc2Fucm90aC1jb20AZ29mbWBoYWU=
535 5.7.8 Error: authentication failed: generic failure

Mar 31 20:44:41 max.local postfix/smtpd[16467]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory

The "No such file or directory" is suggestive since it implies that Postfix is looking in a very different location than saslauthd. strace shows otherwise, though:

socket(AF_LOCAL, SOCK_STREAM, 0)        = 11
connect(11, {sa_family=AF_LOCAL, sun_path="/run/saslauthd/mux"}, 110) = -1 ENOENT (No such file or directory)
close(11)

That looks like the right mux file.

I thought that maybe something else is going on because Postfix wants the file in /var/spool/postfix/var/run/saslauthd in Ubuntu. Indeed, even though I can find no config files that show that path, all of the docs fixate on it. So I tried switching saslauthd to use that path instead.

/usr/sbin/saslauthd -m /var/spool/postfix/var/run/saslauthd -a pam -r

I couldn't even get testsaslauthd to work with that... although I didn't try that hard because it seems wrong to be modifying CentOS native (non-Virtualmin controlled) files just to get Postfix to work. It really seems like Postfix should "just work" on CentOS with the default saslauthd.

I'm tearing my hair out over here! If I can't get this to work, then I will need to stick with 14.04 even longer. Any ideas what I'm missing?