Solved How to disable OTP feature in postfix

Hi guys
I have noticed that some error message appear in /var/log/message frequently.
Code:
Oct 27 09:44:51 ns2 postfix/smtpd[80966]: OTP unavailable because can't read/write key database /etc/opiekeys: Permission denied
Oct 27 09:46:03 ns2 postfix/smtpd[86005]: OTP unavailable because can't read/write key database /etc/opiekeys: Permission denied
Oct 27 09:46:03 ns2 postfix/smtpd[86005]: OTP unavailable because can't read/write key database /etc/opiekeys: Permission denied
Oct 27 09:46:03 ns2 postfix/smtpd[86007]: OTP unavailable because can't read/write key database /etc/opiekeys: Permission denied
Oct 27 09:46:42 ns2 postfix/smtpd[86005]: OTP unavailable because can't read/write key database /etc/opiekeys: Permission denied
Oct 27 09:48:37 ns2 postfix/smtpd[86016]: OTP unavailable because can't read/write key database /etc/opiekeys: Permission denied
But I don't using any OTP feature in my system , so I do the following below
Code:
#cd /usr/ports/security/cyrus-sasl2
#make deinstall clean
#make install WITHOUT_OTP= yes clean
However the error message still appear frequently .
How to fix this problem ,thanks.
 
Pay attention to correct formatting of make arguments, it might help. There shouldn't be any spaces in variable definitions / assignments.
 
Hi guys , I reinstall cyrus-sasl2 without OTP support , but not working .
So , I give the group 'mail' rw permissions to opiekeys , and the error message do not show anymore.
But I think it is not a good way ....
 
If you don't require OTP support you don't need to rebuild cyrus-sasl2. You simply need to change the cyrus-sasl2 runtime options to include the mechanisms you do require, leaving off OTP. By default, all mechanisms are in play.

The options are usually stored in /usr/local/lib/sasl2/appname.conf, where appname is "smtpd" when using postfix (or "Sendmail" when running sendmail).

For example, if you use only plain text authentication (and SSL for security, of course) with postfix, then your /usr/local/lib/sasl2/smtpd.conf file (create it if missing) would contain only one mechanism:

mech_list: plain

This is all covered in the html documentation found in the /usr/local/share/doc/cyrus-sasl2/html/ directory.
 
Back
Top