Hello Samuel, I mean starting the primary postfix process under `strace -f` (or - ff), which tracks all forked children processes. If Postfix utilizes SASL Channel Binding, then: The corresponding RFC says explicitly, that the SASL GSSAPI mechanism does not utilize channel binding. However, Cyrus SASL/GSSAPI commit https://github.com/cyrusimap/cyrus-sasl/commit/975edbb69070eba6b035f08776de7 adds implicit channel binding to the GSSAPI plugin. The rationale is, that Microsoft Active Directory LDAP server offers the GSSAPI mechanims with Channel Binding and thus OpenLDAP can do the same in order to be compatible with Windows Clients (workstations/Domain members). Cyrus IMAP contains tools for checking the smtp authentication, -- smtptest --, where you cane explicitly set the desired mechanism. It is anyway only application for Cyrus SASL, so if your Cyrus SASL do channel binding implicitly wrong, things will not work (unless both sides do GSSAPI at the same time wrong). That said, it might be easier to setup GS2-KRB5 than GSSAPI. Greetings Дилян On Mon, 2021-09-20 at 05:48 -0400, sr42354@xxxxxxxxx wrote: > Hello Дилян Палаузов, > > Here is the telnet output : > root@smtptest:~# telnet 127.0.0.1 587 > Trying 127.0.0.1... > Connected to 127.0.0.1. > Escape character is '^]'. > 220 smtptest.domain.fr ESMTP Postfix (Debian/GNU) > EHLO x > 250-smtptest.domain.fr > 250-PIPELINING > 250-SIZE 10240000 > 250-VRFY > 250-ETRN > 250-STARTTLS > 250-AUTH GSSAPI > 250-AUTH=GSSAPI > 250-ENHANCEDSTATUSCODES > 250-8BITMIME > 250-DSN > 250-SMTPUTF8 > 250 CHUNKING > > And here is the content of /usr/lib/x86_64-linux-gnu/sasl2 : > lrwxrwxrwx 1 root root 22 7 févr. 2021 libanonymous.so -> > libanonymous.so.2.0.25 > lrwxrwxrwx 1 root root 22 7 févr. 2021 libanonymous.so.2 -> > libanonymous.so.2.0.25 > -rw-r--r-- 1 root root 18656 7 févr. 2021 libanonymous.so.2.0.25 > lrwxrwxrwx 1 root root 20 7 févr. 2021 libcrammd5.so -> > libcrammd5.so.2.0.25 > lrwxrwxrwx 1 root root 20 7 févr. 2021 libcrammd5.so.2 -> > libcrammd5.so.2.0.25 > -rw-r--r-- 1 root root 22752 7 févr. 2021 libcrammd5.so.2.0.25 > lrwxrwxrwx 1 root root 22 7 févr. 2021 libdigestmd5.so -> > libdigestmd5.so.2.0.25 > lrwxrwxrwx 1 root root 22 7 févr. 2021 libdigestmd5.so.2 -> > libdigestmd5.so.2.0.25 > -rw-r--r-- 1 root root 60008 7 févr. 2021 libdigestmd5.so.2.0.25 > lrwxrwxrwx 1 root root 16 7 févr. 2021 libgs2.so -> > libgs2.so.2.0.25 > lrwxrwxrwx 1 root root 16 7 févr. 2021 libgs2.so.2 -> > libgs2.so.2.0.25 > -rw-r--r-- 1 root root 38920 7 févr. 2021 libgs2.so.2.0.25 > lrwxrwxrwx 1 root root 21 7 févr. 2021 libgssapiv2.so -> > libgssapiv2.so.2.0.25 > lrwxrwxrwx 1 root root 21 7 févr. 2021 libgssapiv2.so.2 -> > libgssapiv2.so.2.0.25 > -rw-r--r-- 1 root root 39360 7 févr. 2021 libgssapiv2.so.2.0.25 > lrwxrwxrwx 1 root root 18 7 févr. 2021 liblogin.so -> > liblogin.so.2.0.25 > lrwxrwxrwx 1 root root 18 7 févr. 2021 liblogin.so.2 -> > liblogin.so.2.0.25 > -rw-r--r-- 1 root root 18656 7 févr. 2021 liblogin.so.2.0.25 > lrwxrwxrwx 1 root root 17 7 févr. 2021 libntlm.so -> > libntlm.so.2.0.25 > lrwxrwxrwx 1 root root 17 7 févr. 2021 libntlm.so.2 -> > libntlm.so.2.0.25 > -rw-r--r-- 1 root root 39136 7 févr. 2021 libntlm.so.2.0.25 > lrwxrwxrwx 1 root root 18 7 févr. 2021 libplain.so -> > libplain.so.2.0.25 > lrwxrwxrwx 1 root root 18 7 févr. 2021 libplain.so.2 -> > libplain.so.2.0.25 > -rw-r--r-- 1 root root 18656 7 févr. 2021 libplain.so.2.0.25 > lrwxrwxrwx 1 root root 19 7 févr. 2021 libsasldb.so -> > libsasldb.so.2.0.25 > lrwxrwxrwx 1 root root 19 7 févr. 2021 libsasldb.so.2 -> > libsasldb.so.2.0.25 > -rw-r--r-- 1 root root 30632 7 févr. 2021 libsasldb.so.2.0.25 > lrwxrwxrwx 1 root root 18 7 févr. 2021 libscram.so -> > libscram.so.2.0.25 > lrwxrwxrwx 1 root root 18 7 févr. 2021 libscram.so.2 -> > libscram.so.2.0.25 > -rw-r--r-- 1 root root 43440 7 févr. 2021 libscram.so.2.0.25 > Are there any missing library files? > > I tried to run a strace command but I couldn't get it to work. > strace -p 33763 > strace: attach: ptrace(PTRACE_SEIZE, 33763): No such process > > Maybe because Postfix is in active (exited) state? > systemctl status postfix > ● postfix.service - Postfix Mail Transport Agent > Loaded: loaded (/lib/systemd/system/postfix.service; enabled; > vendor preset: enabled) > Active: active (exited) since Mon 2021-09-20 11:19:13 CEST; 12min > ago > Process: 33763 ExecStart=/bin/true (code=exited, status=0/SUCCESS) > Main PID: 33763 (code=exited, status=0/SUCCESS) > CPU: 1ms > I haven't figured out how to make strace work yet. > thanks. > Samuel > Cyrus / SASL / seediscussions +participants +delivery optionsPermalink ------------------------------------------ Cyrus: SASL Permalink: https://cyrus.topicbox.com/groups/sasl/T1e24816c0d686c81-M9bb16776e7c7e2eb6f66be67 Delivery options: https://cyrus.topicbox.com/groups/sasl/subscription
