# Problem with Telnet and Cyrus-sasl

## Yuri Ferreira

i'm tryning to test cyrus-sasl, but i have problems 

```
 root # telnet localhost 25

Trying ::1.....

Espace character is '^]'.

220 postfix.dominio.com.br ESMTP MEU DOMINIO

ehlo postfix

250-postfix.dominio.com.br

250-PIPELINING

250-SIZE 10240000

250-ETRN

250-ENHANCEDSTATUSCODES

250-8BITMIME

250 DNS

AUTH PLAIN

502 5.5.1 Error: command not implemented

AUTH LOGIN 

502 5.5.1 Error: command not implemented

```

 my /etc/sasl2/smtpd.conf

```

pwcheck_method: authdaemond

mech_list: LOGIN PLAIN

sql_select dummy

authdaemond_path: /var/lib/courier/authdaemon/socket

```

my mail.log say

```

warning smtpd_sasl_auth_enable is true but sasl support is not compiled in

```

i installed cyrus-sasl and postfix with use flag "SASL"

cyrus-sasl also has a use flag "authdaemond"

What can it be ?

----------

## eccerr0r

Silly guess: did you restart postfix if you reinstalled it with USE=sasl?

(Note: I'm a sendmail + sasl user ... so only can give general suggestions...)

----------

## Yuri Ferreira

 *eccerr0r wrote:*   

> Silly guess: did you restart postfix if you reinstalled it with USE=sasl?
> 
> (Note: I'm a sendmail + sasl user ... so only can give general suggestions...)

 

Yes, I restarted postfix after installing with use "SASL"

----------

## eccerr0r

And "equery uses postfix" indeed indicates that you compiled with USE=sasl?

Does this 

```
$ postconf -a
```

report SASL support?

The auth command necessarily needs to be part of postfix, so postfix is compiled wrong, somehow...  Unless it can take plugins.

http://www.postfix.org/SASL_README.html

----------

## Yuri Ferreira

 *eccerr0r wrote:*   

> And "equery uses postfix" indeed indicates that you compiled with USE=sasl?
> 
> Does this 
> 
> ```
> ...

 

command postconf -a

```

root # postconf -a

cyrus

dovecote

```

----------

## Yuri Ferreira

 *eccerr0r wrote:*   

> And "equery uses postfix" indeed indicates that you compiled with USE=sasl?
> 
> Does this 
> 
> ```
> ...

 

When i execute this: 

```

root # telnet localhost 25 

Trying ::1..... 

Espace character is '^]'. 

220 postfix.dominio.com.br ESMTP MEU DOMINIO 

ehlo postfix 

250-postfix.dominio.com.br 

250-PIPELINING 

250-SIZE 10240000 

250-ETRN 

250-ENHANCEDSTATUSCODES 

250-8BITMIME 

250 DNS 

AUTH PLAIN 

502 5.5.1 Error: command not implemented 

mail.log say:

warning smtpd_sasl_auth_enable is true but sasl support is not compiled in  

```

but, When I execute: 

```

root # testsaslauthd -u tux@trcgento.com.br -p 123456

0: OK "SUCCESS.'

```

my method = POSTFIX ---> CYRUS-SASL -----> COURIER-AUTHLIB -------> DATABASE(MYSQL)

----------

## Yuri Ferreira

I do not understand ! why  with the telnet this error !

----------

## eccerr0r

Well, it's not telnet that's the issue, it's just faking a MUA/MTA for debug.  Somehow postfix is not able to use sasl properly and I don't know why... This is starting to get into postfix-specific issues and I'd have to install postfix on one of my machines to play with...

----------

## Yuri Ferreira

 *Yuri Ferreira wrote:*   

> i'm tryning to test cyrus-sasl, but i have problems 
> 
> ```
>  root # telnet localhost 25
> 
> ...

 

I still can not solve ! 

Help-me ?

----------

## eccerr0r

I installed postfix with USE=sasl on one of my VMs temporarily.  Without configuring postfix/sasl I got this:

```
$ telnet 10.0.0.111 25

Trying 10.0.0.111...

Connected to 10.0.0.111.

Escape character is '^]'.

220 vmhost.localdomain ESMTP Postfix

EHLO postfix

250-vmhost.localdomain

250-PIPELINING

250-SIZE 10240000

250-VRFY

250-ETRN

250-ENHANCEDSTATUSCODES

250-8BITMIME

250-DSN

250 SMTPUTF8

AUTH PLAIN

503 5.5.1 Error: authentication not enabled

quit

221 2.0.0 Bye

```

Your postfix does not seem to be compiled properly, at least mine understands the AUTH command but cannot act upon it.

What does

```
# emerge -ptv postfix
```

report? 

```
[ebuild   R    ] mail-mta/postfix-3.1.6::gentoo  USE="berkdb eai ldap pam sasl ssl -cdb -doc -dovecot-sasl -hardened -ldap-bind (-libressl) -lmdb -mbox -memcached -mysql -nis -postgres (-selinux) -sqlite" 0 KiB
```

----------

## szatox

 *Quote:*   

> our postfix does not seem to be compiled properly, at least mine understands the AUTH command but cannot act upon it. 

 When I was talking to postfix using telnet it required STARTTLS before AUTH.

It's actually a pretty sane thing to do, so I wouldn't be surprised if this was the default.

----------

## eccerr0r

Alas the behavior of the OP's postfix and my postfix are different despite not using a SSL connection...

It also is a bad error message to indicate a command is disabled.  Here is my sendmail talk which is apparently disabling AUTH LOGIN when not under SSL, which I think is the right way to do things:

```
AUTH plain

504 5.3.3 AUTH mechanism plain not available

AUTH login

504 5.3.3 AUTH mechanism login not available

badcommand

500 5.5.1 Command unrecognized: "badcommand"
```

"5.5.1 Error: command not implemented" is hinting at compilation error IMHO.

----------

## Yuri Ferreira

I tried to recompile the postfix use = "sasl ssl mbox mysql" but to no avail:

mail.log says: warning smtpd_sasl_auth_enable = yes, but sasl support was not compiled in

----------

