From: Gordan Bobic on 20 Jul 2010 09:55
I am seeing errors like this in syslog:
postfix/smtpd: auxpropfunc error invalid parameter supplied
postfix/smtpd: sql_select option missing
postfix/smtpd: auxpropfunc error no mechanism available
It would appear that they are coming from the otherwise unused (that is
unused for postfix) sasl libraries:
If I move those out from /usr/lib/sasl2, the errors go away.
Note: everything is actually working, I just want to remove this noise
from my logs.
The problem is that I cannot actually remove libldapdb.so because I need
it for other sasl/ldap authenticated things on the machine (I have LDAP
user login authentication on the servers).
So, what I am looking for is a way to disable libsql and libldapdb only
in the postfix/smtpd instance, without removing the libraries from the
system. Is this possible?
My /usr/lib/sasl2/smtpd.conf includes only:
mech_list: plain login
Any suggestions appreciated.
From: Walter Pinto on 20 Jul 2010 11:09
Have you tried adding:
From: Gordan Bobic on 20 Jul 2010 11:16
On Tue, 2010-07-20 at 08:09 -0700, Walter Pinto wrote:
> Have you tried adding:
> auxprop_plugin: ldap
What, exactly, would that do? My LDAP relevant configuration entries
mydestination = $myhostname, localhost.localdomain, localhost,
local_recipient_maps = ldap:/etc/postfix/ldap-recipients.cf
The authentication off LDAP is done by SASL. But it looks like whenever
non-authenticated connection arrives (i.e. normal inbound mail, rather
than authenticated relaying), I seem to get the mentioned errors.
So I think what I actually need to do is explicitly disable libldapdb
and libsql plugins for smtp. Or is that not the case? Am I
misunderstanding the nature of the problem I am looking at?
From: Walter Pinto on 20 Jul 2010 11:33
Try adding this to your smtpd.conf
Or you could recompile sasl without sql capabilities
From: Gordan Bobic on 20 Jul 2010 11:42
On Tue, 2010-07-20 at 08:33 -0700, Walter Pinto wrote:
> Try adding this to your smtpd.conf
> sql_select: dummy
> Or you could recompile sasl without sql capabilities
Awesome, that silenced the libsql warning. Is there a way to do
something similar with the libldapdb warning?