saslfinger is a bash utility script that seeks to help you debugging your SMTP AUTH setup. It gathers various informations about Cyrus SASL and Postfix from your system and sends it to stdout.

If you are looking for a book on Postfix check The Book of Postfix, which Ralf Hildebrandt and I have written. People really seem to like it.


saslfinger has been tested with bash version 2.04 or greater on the following plattforms:


You must run saslfinger with one of the following options:


If you run saslfinger with the option -c it will collect data required for client-side SMTP AUTH. Client-side SMTP AUTH is when Postfix smtp daemon uses SMTP AUTH to authenticate itself with a remote mail server that offers SMTP AUTH.

saslfinger will try to telnet to all hosts listed in smtp_sasl_password_maps, if it may read smtp_sasl_password_maps

The telnet test verifies your host is able to reach the remote servers and shows what AUTH mechanisms they offer - in some cases this is required to debug client-side SMTP AUTH.

Important: By default smtp_sasl_password_maps must be read-only to root, since these maps contain the usernames and passwords to authenticate. If you run saslfinger as root access will be no problem, but saslfinger will fail if you lack the permissions to access smtp_sasl_password_maps.

If you want to run the telnet test, but don't want to run saslfinger as root change permissions of smtp_sasl_password_maps so that the user running saslfinger may access smtp_sasl_password_maps while you debug.

*note: You don't need to worry about saslfinger doing anything with the username or password stored next to the remote hosts in your smtp_sasl_password_maps; saslfinger completely ignores these informations!


If you run saslfinger with the option -h it will print a little help message that tells you about the options you can use.


If you run saslfinger with the option -s it will collect data required for server-side SMTP AUTH. Server-side SMTP AUTH is when Postfix smtpd daemon offers SMTP AUTH to mail clients.


saslfinger-1.0.3.tar.gz (HTTP-Download)

Patrick Koetter,