qmail-smtpd auth problems

I know that this topic has been beaten to death, but I can't seem to
find an answer to my problem. I have spent the better part of 2 days
searching any available information on the subject, and still cannot
get this thing going.

I have qmail 1.04 patched with the smtp-auth/smtp-starttls patch. The
patch was applied with no problems. I rebuilt, reinstalled, and
started testing. Here is telnet session:
--------------------------------------------------------------------------------
[qmaild@Desktop bin]$ telnet 0 25
Trying 0.0.0.0...
Connected to 0 (0.0.0.0).
Escape character is '^]'.
220 desktop.local ESMTP
EHLO localhost
250-desktop.local
250-STARTTLS
250-PIPELINING
250-8BITMIME
250 AUTH LOGIN PLAIN CRAM-MD5
AUTH PLAIN (base-64 encoded user/pw string)
535 authentication failed (#5.7.1)
--------------------------------------------------------------------------------


However, if I run qmail-smptd myself, it works:
--------------------------------------------------------------------------------
[qmaild@Desktop bin]$ ./qmail-smtpd /usr/local/bin/checkpassword-pam
-s smtp /b
in/true
220 desktop.local ESMTP
EHLO localhost
250-desktop.local
250-STARTTLS
250-PIPELINING
250-8BITMIME
250 AUTH LOGIN PLAIN CRAM-MD5
AUTH PLAIN (base-64 encoded user/pw string)
235 ok, go ahead (#2.0.0)
--------------------------------------------------------------------------------

Notice that I am running this as user qmaild, so it should not be a
permissions issue. The AUTH PLAIN string is the same in each case.

I am running this with tcpserver and daemontools, here is my
qmail-smtpd supervise script:

--------------------------------------------------------------------------------
#!/bin/sh

QMAILDUID=`id -u qmaild`
NOFILESGID=`id -g qmaild`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
LOCAL=`head -1 /var/qmail/control/me`

if [ -z "$QMAILDUID" -o -z "$NOFILESGID" -o -z "$MAXSMTPD" -o -z
"$LOCAL" ]; the
n
echo QMAILDUID, NOFILESGID, MAXSMTPD, or LOCAL is unset in
echo /var/qmail/supervise/qmail-smtpd/run
exit 1
fi

if [ ! -f /var/qmail/control/rcpthosts ]; then
echo "No /var/qmail/control/rcpthosts!"
echo "Refusing to start SMTP listener because it'll create an open
relay"
exit 1
fi

exec /usr/local/bin/softlimit -m 10000000 \
/usr/local/bin/tcpserver -vRHD -l "$LOCAL" -x /etc/tcp.smtp.cdb -c
"$MAXSMTP
D" \
-u "$QMAILDUID" -g "$NOFILESGID" 0 smtp /var/qmail/bin/qmail-smtpd
"$LOCAL"
/usr/local/bin/checkpassword-pam -s smtp /bin/true 2>&1

--------------------------------------------------------------------------------



I have tweaked the settings for tcpserver many different ways, based
upon what I have seen on the net and in groups. I have tried with and
without the "$LOCAL" hostname arg to smtpd, I have tried with
checkpassword-pam and checkpassword. Nothing seems to work.

Here are the current permissions on my checkpassword(s):

--------------------------------------------------------------------------------
[root@Desktop bin]# ls -al checkpassword
-rwsr-xr-x 1 root root 8936 Jan 16 14:05 checkpassword*

----------->which is 4755

[root@Desktop bin]# ls -al checkpassword-pam
-rwsr-xr-x 1 root root 51488 Mar 1 15:11
checkpassword-pam*

----------->same thing.
--------------------------------------------------------------------------------

I have tried it with 755, 700, 6755, all the same result. Running it
manually failed with 755 and 700 permissions which make sense.

My logs arent helpful:

--------------------------------------------------------------------------------
[root@Desktop bin]# tail /var/log/qmail/smtpd/current
@400000004044d94a198c13c4 tcpserver: status: 1/20
@400000004044d94a19916edc tcpserver: pid 2592 from 127.0.0.1
@400000004044d94a1996972c tcpserver: ok 2592
desktop.local:127.0.0.1:25 :127.0.0
..1::32855
@400000004044d960065b53b4 tcpserver: end 2592 status 0
@400000004044d960065b961c tcpserver: status: 0/20
--------------------------------------------------------------------------------

I don't know how to get more info there.

When it tries to verify my user/pass it takes it two or three seconds
before it fails. But when I run it manually and it verifies it, it is
immediate.

One last thing. I am also running qmail-pop3d, using checkpassword,
and have never had any problems with it. Here is its supervise
script:

--------------------------------------------------------------------------------
#!/bin/sh

exec /usr/local/bin/softlimit -m 5000000 \
/usr/local/bin/tcpserver -v -R -H -1 0 110
/var/qmail/bin/qmail-popup \
pop.bolander.com /usr/local/bin/checkpassword-pam -s pop3
/var/qmail/bi
n/qmail-pop3d \
Maildir 2>&1
--------------------------------------------------------------------------------

Well, I don't know what other information I can give. If I left out
anything important, please let me know.

Thanks,

Andrew

A> I know that this topic has been beaten to death, [...]

Then I'll just give you a hint: If you hadn't word-wrapped your
"./run" file, your error would have been easy to spot. (-:

I love irony. Not 5 minutes after posting this, it started working.
Apparantly, I hadn't tested very well before. I removed the "$LOCAL"
from after the qmail-smtpd and voila, it workes. Now I have installed
and configured stunnel to work with smtp on the smtps port.


Thanks for all your help =D