Bernd Bartmann wrote:
It did start without any problems. Looks like I found the cause. From the logs I see that someone tried a brute force attach on the SMTP relay with several username / password combinations. Then one of the attempts lead to a segfault of saslauth. Which probably means that there is a bug in saslauthd as it should not be possible to crash a service just by suppling a "weird" comibination of input data.
Sounds to me like you should consider running SELinux - that is if you aren't already :-) . Of course it won't solve the segfault, but it should restrict any damage a compromised saslauthd process can do.
Anyway, glad you're on track again.
Ian