Well after a long night I managed to setup Postfix and SASL2 under
Debian. As you can guess, it's not working completely. I set up SASL2 to
check a sasl2db. It works if you do the SMTP conversation by hand. Thats
the promt you get:

---
220 bla.bla.org ESMTP Balin
ehlo tobi.local
250-blabla.org
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH NTLM LOGIN PLAIN OTP DIGEST-MD5 CRAM-MD5
250-AUTH=NTLM LOGIN PLAIN OTP DIGEST-MD5 CRAM-MD5
250 8BITMIME
AUTH PLAIN xyz
235 Authentication successful
---

These are the important lines in my main.cf:
---
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_pipelining,
reject_unknown_recipient_domain,
reject_rhsbl_recipient blackhole.securitysage.com,
reject_unauth_destination,
permit

smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = bla.org
broken_sasl_auth_clients = yes
---

To make it short: The problem is that the MTA and the MUA don't start an
authentification progress. If I send mail the mailserver sais relay
denied and does not even try to authentificate via SASL. I configured my
MUA (Tunderbird - and yes I even tried Outlook Express :D) to
Authentificate by username and password which is correctly set up too.

mail.log only sais the following lines: ---
Dec 19 02:30:43 balin postfix/smtpd[10320]: connect from
dialin-145-254-099-238.arcor-ip.net[145.254.99.238]
Dec 19 02:30:45 balin postfix/smtpd[10320]: NOQUEUE: reject: RCPT from
dialin-145-254-099-238.arcor-ip.net[145.254.99.238]: 554
<tobi.sasse@bla.de>: Relay access denied; from=<tobi@bla.org>
to=<tobi.sasse@bla.de> proto=ESMTP helo=<[145.254.99.238]>
---

Why does nobody requests an SASL Authentification, I think it's running
but nobody wants to use it :D

Strange things. I hope somebody can give me a tip. Good Night and thank you,

Tobi
--
Tobias Sasse
tobi@coldweb.org
http://tobi.coldweb.org/