saslauthd running in segfault after some time

Question

I'm using postfix with courier and mysql for authentication.

Lately I have some segmentation faults, which causes sasl deamon to crash. It seems, the have something to do with dictionary attacks on my mail server. In the log files, I got segfault errors for saslauthd

segfault at 0 ip 00007fe3107a3d8e sp 00007ffc2b007de8 error 4 in libc-2.19.so

• libsasl2-2 version: 2.1.26.dfsg1-13+deb8u1
• postfix version: 2.11.3-1

saslauthd conf:

START=yes
DESC="SASL Authentication Daemon"
NAME="saslauthd"
MECHANISMS="pam"
MECH_OPTIONS=""
THREADS=5
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"

postfix main.cf

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

append_dot_mydomain = no

readme_directory = no

smtpd_tls_cert_file = /root/ssl/startssl/server.crt
smtpd_tls_CAfile = /root/ssl/startssl/startssl-ca-bundle.pem
smtpd_tls_key_file = /root/ssl/startssl/server.key

smtpd_use_tls=yes
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_loglevel = 3
tls_random_source = dev:/dev/urandom

myhostname = ...
mydestination = localhost, localhost.localdomain
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = ipv4

#smtpd
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_authenticated_header = yes
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes

# virtual
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /home/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf

proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps

# spam/virus
content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings
message_size_limit = 52428800
virtual_mailbox_limit = 102400000

Any suggestions to stop saslauthd from crashing?

Feel free to post other suggestions/issues about my postfix conf file..

Answer 1

When you see processes stopped with a segfault, the best way to debug them is to enable core dumps. Then you can use gdb to print a stack trace and see precisely where the program has crashed.

As there is a recent security bug for glibc, I would start by upgrading glibc and restarting the machine. See: CVE-2015-7547