On 01/12/09 09:51 -0600, Cliff Hayes wrote:
We have 3200 users using a sendmail/dovecot/saslauthd server. I just upgraded to new hardware and Fedora 11. Since then saslauthd randomly stops working. I have tried auth modes of both pam and shadow and that has not helped. Currently using shadow. This morning users were complaining they could not send mail. Further research revealed log entries like the following started at 17:48 and continued on till morning for everyone until I did a service saslauthd restart: Nov 30 17:48:29 sendmail saslauthd[1646]: do_auth : auth failure: [user=sjcca1] [service=smtp] [realm=] [mech=shadow] [reason=Unknown] I can find no log entries other than the above so nothing to go on. The only thing I can see is that 99% of users have no realm in the log entries. Why a few do and most don't is a mystery to me. I am using version 2.1.22 - I have another server which has 2.1.23 so I know a new version is out there. When I run yum update it does not report that a newer version of saslauthd will be installed, so not sure how to get the newer version or if that will help.
Cliff, I'm moving this discussion to the cyrus-sasl list since it appears to be the most appropriate location. Can you provide your saslauthd configuration or startup options (e.g. /etc/default/saslauthd)? Also include your /etc/saslauthd.conf if you have one. Can you provide your sasl related sendmail config? The existence of a realm may depend on the client implementation. By default, saslauthd runs with 5 threads. You can increase it with the -n option. Try using testsaslauthd to help troubleshoot when the problem is happening. -- Dan White
