Results 1 to 10 of 10

Thread: cyrus-sasl looking to /usr/lib/libsasl2*

  1. #1
    robertl is offline Intermediate Member
    Join Date
    Aug 2006
    Posts
    16
    Rep Power
    9

    Default cyrus-sasl looking to /usr/lib/libsasl2*

    Is there a way to tell Zimbra to look toward it's own sasl libraries instead of the Ubuntu /usr/lib/libsasl2 libs?

    Zimbra 4.0.5 Ubuntu

    Code:
    root@blueline:/var/log# lsof -i tcp:25
    COMMAND   PID    USER   FD   TYPE  DEVICE SIZE NODE NAME
    
    smtpd     326 postfix    6u  IPv4 1291575       TCP *:smtp (LISTEN)
    
    
    root@blueline:/var/log# pmap 326 |grep sasl2.so
    b7da4000     76K r-x--  /usr/lib/libsasl2.so.2.0.19
    b7db7000      4K rw---  /usr/lib/libsasl2.so.2.0.19
    
    root@blueline:/var/log# cat /etc/ld.so.conf
    /lib
    /usr/lib
    /var/lib
    /opt/zimbra/lib
    /opt/zimbra/sleepycat/lib
    /opt/zimbra/openldap/lib
    /opt/zimbra/cyrus-sasl/lib
    I believe this to be the cause of broken T-Bird, Outlook and Goldmine client connections.

    The error on connect form Thunderbird;

    "Sending of message Failed.

    The message could not be sent because connecting to the SMTP server mail.hackme.com failed. The server may be unavailable or is refusing SMTP connections. Please verify that your SMTP server setting is correct and try again, or else contact your network administrator."

    I see this in my /var/log/zimbra.log (edited /etc/syslog.conf auth.* -/var/log/zimbra.log);

    Jan 23 21:44:24 blueline postfix/smtpd[354]: setting up TLS connection from ip-addr-here[ip.addr.here]
    Jan 23 21:44:26 blueline postfix/smtpd[354]: TLS connection established from ip-addr-here[ip.addr.here]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)

    No other errors to go on (that I am aware of). /opt/zimbra/log/zimbra.log seems happy.

    Client settings are good. I can connect to a TLS enabled postfix on port 25 with it on another box (non Zimbra).

    Webmail is working as expected.

    Hope the above is helpful.

    Thanks.
    Bob
    Last edited by robertl; 01-23-2007 at 11:43 PM.

  2. #2
    robertl is offline Intermediate Member
    Join Date
    Aug 2006
    Posts
    16
    Rep Power
    9

    Default attach to above.

    watching the rather quickly filling (unbelievable amount of spambots hitting this box =) /var/log/zimbra.log I think I am seeing SMTP die off with the attempt.

    Code:
    Jan 23 22:28:17 blueline postfix/smtpd[8361]: TLS connection established from ip-addr-here.hackme.com[ip.addr.here]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
    Jan 23 22:28:18 blueline postfix/master[32616]: warning: process /opt/zimbra/postfix-2.2.9/libexec/smtpd pid 8361 killed by signal 11
    Again,

    Code:
    Jan 23 22:35:05 blueline postfix/smtpd[11230]: TLS connection established from ip-addr-here.hackme.com[ip.addr.here]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
    Jan 23 22:35:06 blueline postfix/master[32616]: warning: process /opt/zimbra/postfix-2.2.9/libexec/smtpd pid 11230 killed by signal 11
    Resilient thing though. Keeps coming back like a trooper.

    Could this be the result of Zimbra using the wrong libs?

    Thanks.

  3. #3
    anand is offline Zimbra Employee
    Join Date
    Sep 2005
    Posts
    274
    Rep Power
    9

    Default

    we take care of this on the headgear flavors of Linux by adding to /etc/ld.so.conf.d/zimbra.ld.conf the path our SASL libraries (amongst other things). If this is not working on Ubuntu, please file a bug.
    Bugzilla - Wiki - Downloads - Before posting... Search!

  4. #4
    robertl is offline Intermediate Member
    Join Date
    Aug 2006
    Posts
    16
    Rep Power
    9

    Default Bug report # 9727

    Aside from being an earlier version and on FC5 that bug seems to be the same.

    http://bugzilla.zimbra.com/show_bug.cgi?id=9727

    Code:
    su - zimbra
    ./bin/zmsaslauthctl status
    Returns "crickets" on this host as well.

    saslauthd is running however. Just no connect. Do you still recommend filing the bug report?

    Thanks,
    Bob

  5. #5
    robertl is offline Intermediate Member
    Join Date
    Aug 2006
    Posts
    16
    Rep Power
    9

    Default Bug report filed

    bug # 14090

    Thanks for the direction.

  6. #6
    robertl is offline Intermediate Member
    Join Date
    Aug 2006
    Posts
    16
    Rep Power
    9

    Default

    While I await bug team review of this issue, is it possible to point Zimbra in the right direction as far as the sasl libs are concerned?

    Thanks

  7. #7
    jholder's Avatar
    jholder is offline Former Zimbran
    Join Date
    Oct 2005
    Location
    Thatcher, AZ
    Posts
    5,606
    Rep Power
    20

    Default

    Have you tried installing 4.5.2?

    -john

  8. #8
    robertl is offline Intermediate Member
    Join Date
    Aug 2006
    Posts
    16
    Rep Power
    9

    Default

    I am attempting to avoid re-install as it represents a significant amount of time and potential for mail loss. I am just wondering if it is possible to point the install toward the right libs.

    Thanks.

  9. #9
    brian is offline Project Contributor
    Join Date
    Jul 2006
    Posts
    623
    Rep Power
    10

    Default

    change the order of ld.so.conf so the zimbra libs come before the system libraries and rerun /sbin/ldconfig.

    If the system is only running zimbra the other option is to remove the systems sasl libraries so they don't conflict.

    -bp
    Bugzilla - Wiki - Downloads - Before posting... Search!

  10. #10
    robertl is offline Intermediate Member
    Join Date
    Aug 2006
    Posts
    16
    Rep Power
    9

    Default

    I did as directed. I moved all the Zimbra lib entries to be read first in ld.so.conf and ran /sbin/ldconfig. Web mail still works, Thunderbird was denied, but the errors about the wrong libs vanished.

    I connected to the host with netcat

    Code:
    robertl@pele:~$ nc domain-name.com 25
    220 blueline.domain-name.com ESMTP Postfix
    helo blueline
    250 blueline.domain-name.com
    starttls
    220 Ready to start TLS
    With some more reading about postfix I will take nc testing further and see if I can't get you some more info. I think it's using the correct libs now. I am still seeing the auth logging but the libsasl errors are no longer showing.

    Thoughts?

    Thank you,
    Bob

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Cannot SASL authenticate to server
    By crichell in forum Installation
    Replies: 10
    Last Post: 08-22-2007, 09:41 AM
  2. Pulling my hair out - SASL Login authentication failed
    By alloptions in forum Installation
    Replies: 4
    Last Post: 03-30-2007, 11:42 PM
  3. SASL error when sending via SMTP Auth
    By daniellawson in forum Administrators
    Replies: 10
    Last Post: 12-10-2006, 07:39 AM
  4. Cyrus & IMAP IDLE command
    By phoenix in forum Administrators
    Replies: 12
    Last Post: 04-14-2006, 11:39 AM
  5. can't send mail using sasl (remote network)
    By skullbolix in forum Installation
    Replies: 3
    Last Post: 03-24-2006, 12:45 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •