PDA

View Full Version : Virtual Users And Domains With Postfix, Courier And MySQL can't login


wildgoosed
7th July 2007, 00:19
Hey everyone,

I just finished following the Virtual Users And Domains With Postfix, Courier And MySQL guide which was very well done :D

I tried connecting with outlook express and squirremail but both clients cannot connect. I always get a invalid user name or password error :/

I have added the domain and user into my mysql database as instructed.

Can anyone help?

Thanks

falko
7th July 2007, 18:20
Do you use the right username? It must be of the form user@domain.com.

MattijsR
8th July 2007, 20:42
I have the same problem... Trying to connect with Eudora.

The settings in Eudora are this:
email address: user@xxxxx.nl
user name: user@xxxxx.nl
smtp server: smtp.xxxxx.nl
authentication allowed
incomming mail server: mail.xxxxx.nl
authentication style: passwords
secure sockets when receiving: never

maillog:
Jul 8 19:24:56 fedora pop3d: Connection, ip=[::ffff:192.168.0.1]
Jul 8 19:24:56 fedora pop3d: LOGIN FAILED, user=user@xxxxx.nl, ip=[::ffff:192.168.0.1]
Jul 8 19:24:56 fedora pop3d: authentication error: Input/output error

postconf -n:
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
html_directory = /usr/share/doc/postfix-2.4.3-documentation/html
inet_interfaces = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = mail.xxxxx.nl, localhost, localhost.localdomain
myhostname = mail.xxxxx.nl
mynetworks = 127.0.0.0/8
newaliases_path = /usr/bin/newaliases.postfix
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.4.3-documentation/readme
receive_override_options = no_address_mappings
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_tls_cert_file = /etc/postfix/smtpd.crt
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_use_tls = yes
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
unknown_local_recipient_reject_code = 550
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_create_maildirsize = yes
virtual_gid_maps = static:5000
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_maildir_limit_message = "The user you are trying to reach is over quota."
virtual_overquota_bounce = yes
virtual_uid_maps = static:5000

Any ideas where I went wrong?

Thanks,
Mitzi

MattijsR
8th July 2007, 23:20
After searching some more I found a post from Falco that en email has to be send to the account before the Maildir is created.

But doing that got the following result in maillog:
Jul 8 22:17:47 fedora postfix/smtpd[11686]: fatal: open database /etc/postfix/aliases.db: No such file or directory
Jul 8 22:17:48 fedora postfix/master[11075]: warning: process /usr/libexec/postfix/smtpd pid 11686 exit status 1
Jul 8 22:17:48 fedora postfix/master[11075]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling

falko
9th July 2007, 18:04
Jul 8 22:17:47 fedora postfix/smtpd[11686]: fatal: open database /etc/postfix/aliases.db: No such file or directory

What are the outputs of ls -l /etc/aliases* and ls -l /etc/postfix/aliases*?

wildgoosed
9th July 2007, 19:34
These are my outputs...

root@test:~# ls -l /etc/aliases*
-rw-r--r-- 1 root root 68 2007-07-06 14:11 /etc/aliases
-rw-r--r-- 1 root root 12288 2007-07-06 14:11 /etc/aliases.db
root@test:~# ls -l /etc/postfix/aliases*
-rw-r--r-- 1 root root 68 2007-07-06 11:48 /etc/postfix/aliases
root@test:~#

What log files should I be checking ?

wildgoosed
9th July 2007, 23:52
I did a tail -f on /var/log/syslog and this is how my attempted login went...

Jul 9 14:48:01 test imaplogin: Connection, ip=[::ffff:127.0.0.1]
Jul 9 14:48:01 test imaplogin: LOGIN: DEBUG: ip=[::ffff:127.0.0.1], command=LOGIN
Jul 9 14:48:01 test imaplogin: LOGIN: DEBUG: ip=[::ffff:127.0.0.1], username=david@test.iainc.local
Jul 9 14:48:01 test imaplogin: LOGIN: DEBUG: ip=[::ffff:127.0.0.1], password=fred
Jul 9 14:48:01 test imaplogin: authdaemon: starting client module
Jul 9 14:48:02 test imaplogin: authdaemon: REJECT
Jul 9 14:48:07 test imaplogin: LOGIN FAILED, ip=[::ffff:127.0.0.1]
Jul 9 14:48:07 test imaplogin: LOGIN: DEBUG: ip=[::ffff:127.0.0.1], command=LOGOUT
Jul 9 14:48:07 test imaplogin: LOGOUT, ip=[::ffff:127.0.0.1]


I figured perhaps its a problem with authmysql ? This is what my authmysqlrc file looks like under /etc/courier/authmysqlrc...

MYSQL_SERVER localhost

MYSQL_USERNAME mail_admin

MYSQL_PASSWORD test

MYSQL_PORT 0

MYSQL_DATABASE mail

MYSQL_USER_TABLE users

MYSQL_CRYPT_PWFIELD password

#MYSQL_CLEAR_PWFIELD password

MYSQL_UID_FIELD 5000

MYSQL_GID_FIELD 5000

MYSQL_LOGIN_FIELD email

MYSQL_HOME_FIELD "/home/vmail"

MYSQL_MAILDIR_FIELD CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/')

#MYSQL_NAME_FIELD

MYSQL_QUOTA_FIELD quota

wildgoosed
9th July 2007, 23:55
Also, here is my postconf -n output...

root@test:/var/log# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = amavis:[127.0.0.1]:10024
delay_warning_time = 4h
disable_vrfy_command = yes
inet_interfaces = all
local_recipient_maps =
mailbox_size_limit = 0
maximal_backoff_time = 8000s
maximal_queue_lifetime = 7d
minimal_backoff_time = 1000s
mydestination = test.iainc.local, localhost, localhost.localdomain
myhostname = test.iainc.local
mynetworks = 127.0.0.0/8
mynetworks_style = host
myorigin = /etc/mailname
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_ mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_ maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
receive_override_options = no_address_mappings
recipient_delimiter = +
relayhost =
smtp_helo_timeout = 60s
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_client_restrictions = reject_rbl_client sbl.spamhaus.org, reject_rbl_client relays.ordb.org, reject_rbl_client blackholes.e asynet.nl, reject_rbl_client dnsbl.njabl.org
smtpd_hard_error_limit = 12
smtpd_recipient_limit = 16
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sender_restrictions = permit_mynetworks, warn_if_reject reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth _pipelining, permit
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
unknown_local_recipient_reject_code = 450
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_uid_maps = static:5000

wildgoosed
10th July 2007, 00:05
Can someone post the correct commands to use telnet with smtp-auth to send an email? I wanna test that things are actually working :/

MattijsR
10th July 2007, 08:34
What are the outputs of ls -l /etc/aliases* and ls -l /etc/postfix/aliases*?


[root@fedora ~]# ll /etc/aliases*
-rw-r--r-- 1 root root 1512 2005-04-25 18:48 /etc/aliases
-rw-r----- 1 root smmsp 12288 2007-07-07 05:51 /etc/aliases.db
[root@fedora ~]# ll /etc/postfix/aliases*
ls: cannot access /etc/postfix/aliases*: No such file or directory
[root@fedora ~]#

Seeing my problem... Thanks

Other problem is that telnet localhost 25 hangs after Escape character is '^]'.
And other things got messed up also.
I'll do a clean install.

falko
10th July 2007, 16:37
[root@fedora ~]# ll /etc/aliases*
-rw-r--r-- 1 root root 1512 2005-04-25 18:48 /etc/aliases
-rw-r----- 1 root smmsp 12288 2007-07-07 05:51 /etc/aliases.db
[root@fedora ~]# ll /etc/postfix/aliases*
ls: cannot access /etc/postfix/aliases*: No such file or directory
[root@fedora ~]#

Seeing my problem... ThanksDid you fix it (by changing the values in /etc/postfix/main.cf and restarting Postfix)?

Other problem is that telnet localhost 25 hangs after Escape character is '^]'.
And other things got messed up also.
I'll do a clean install.Any errors in your mail log? What's the output of postconf -n and hostname -f?

MattijsR
10th July 2007, 21:59
postconf -n
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
html_directory = /usr/share/doc/postfix-2.4.3-documentation/html
inet_interfaces = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = mail.xxxxx.nl, localhost, localhost.localdomain
myhostname = mail.xxxxx.nl
mynetworks = 127.0.0.0/8
newaliases_path = /usr/bin/newaliases.postfix
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtu al_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relo cated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.4.3-documentation/readme
receive_override_options = no_address_mappings
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_tls_cert_file = /etc/postfix/smtpd.crt
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_use_tls = yes
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
unknown_local_recipient_reject_code = 550
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_maildir_limit_message = "The user you are trying to reach is over quota."
virtual_overquota_bounce = yes
virtual_uid_maps = static:5000

hostname -f
fedora.xxxxx.nl

falko
11th July 2007, 17:39
Please create an A record for fedora.mellowtown.nl and run
postconf -e 'alias_database = hash:/etc/aliases'
postconf -e 'alias_maps = hash:/etc/aliases'
postconf -e 'myorigin = fedora.mellowtown.nl'
/etc/init.d/postfix restart

MattijsR
11th July 2007, 18:21
But I want to use mail.xxxxx.nl as address for incomming mail.
Do I have to change the hostname of the server to mail.xxxxx.nl?

falko
11th July 2007, 18:22
The A record for mail.mellowtown.nl is already existing, so you don't have to create that one.

Change the above commands to
postconf -e 'alias_database = hash:/etc/aliases'
postconf -e 'alias_maps = hash:/etc/aliases'
postconf -e 'myorigin = mail.mellowtown.nl'
/etc/init.d/postfix restart

MattijsR
11th July 2007, 18:52
Thanks, got a bit further, but still not all the way :(

Jul 11 17:24:41 fedora postfix/smtpd[5126]: connect from post-24.mail.nl.xxxxx.net[194.159.73.194]
Jul 11 17:24:42 fedora postfix/smtpd[5126]: 2177CAC2D6: client=post-24.mail.nl.xxxxx.net[194.159.73.194]
Jul 11 17:24:42 fedora postfix/cleanup[5137]: 2177CAC2D6: message-id=<20070711152442.2177CAC2D6@mail.xxxxx.nl>
Jul 11 17:24:42 fedora postfix/qmgr[5123]: 2177CAC2D6: from=<mail@xxxxxx.xxxxx.nl>, size=790, nrcpt=1 (queue active)
Jul 11 17:24:42 fedora postfix/smtpd[5126]: disconnect from post-24.mail.nl.demon.net[194.159.73.194]
Jul 11 17:24:43 fedora clamd.amavisd[1702]: SelfCheck: Database status OK.
Jul 11 17:24:46 fedora postfix/smtpd[5143]: connect from unknown[127.0.0.1]
Jul 11 17:24:46 fedora postfix/smtpd[5143]: 50BE8AC2DE: client=unknown[127.0.0.1]
Jul 11 17:24:46 fedora postfix/cleanup[5137]: 50BE8AC2DE: message-id=<20070711152442.2177CAC2D6@mail.xxxxx.nl>
Jul 11 17:24:46 fedora postfix/qmgr[5123]: 50BE8AC2DE: from=<mail@xxxxx.xxxxx.nl>, size=1379, nrcpt=1 (queue active)
Jul 11 17:24:46 fedora amavis[2088]: (02088-01) Passed CLEAN, [194.159.73.194] [83.160.144.39] <mail@xxxxx.xxxxx.nl> -
> <user@xxxxx.nl>, Message-ID: <20070711152442.2177CAC2D6@mail.xxxxx.nl>, mail_id: 5atA-bIwi-e2, Hits: 2.899, size
: 790, queued_as: 50BE8AC2DE, 4192 ms
Jul 11 17:24:46 fedora postfix/smtp[5138]: 2177CAC2D6: to=<user@xxxxx.nl>, relay=127.0.0.1[127.0.0.1]:10024, delay=4.7,
delays=0.34/0.14/0.07/4.2, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 50BE8AC2DE)
Jul 11 17:24:46 fedora postfix/qmgr[5123]: 2177CAC2D6: removed
Jul 11 17:24:46 fedora postfix/smtpd[5143]: disconnect from unknown[127.0.0.1]
Jul 11 17:24:46 fedora postfix/virtual[5145]: 50BE8AC2DE: to=<user@xxxxx.nl>, relay=virtual, delay=0.49, delays=0.1/0.2
9/0/0.1, dsn=2.0.0, status=sent (delivered to maildir)
Jul 11 17:24:46 fedora postfix/qmgr[5123]: 50BE8AC2DE: removed
Jul 11 17:26:04 fedora pop3d: Connection, ip=[::ffff:192.168.0.1]
Jul 11 17:26:05 fedora pop3d: LOGIN FAILED, user=user@xxxxx.nl, ip=[::ffff:192.168.0.1]

It looks like the mail is recieved, but if i try to log in with eudora, it fails to login.

Using user@xxxxx.nl to log in. But I don't get the password.
When I use phpMyAdmin to add the account I put encrypt in the function. But if I remove the password and fill it again, it shows another encrypted word then before.
Might the be why I can't log in???

theMikeroy
11th July 2007, 18:57
But if I remove the password and fill it again, it shows another encrypted word then before.
Might the be why I can't log in???

If I'm not mistaken, MySQL's ENCRYPT() function uses a random salt if none is explicitly given, which means that the same password will always encrypt differently unless you specify the salt to use.

MySQL will remember the salt it used (somehow?) but it's designed that way so encrypted stuff can't be reverted back easily (if at all). I can't see this affecting the password issue you're having, but you never know.

the ENCRYPT() function uses the system's Crypt library, so unless there's something weird about their relationship, I don't think it's what's causing the issue you're experiencing.

If I'm wrong, my apologies, I just thought I'd try to offer some help rather than always just bugging Falco =)

MattijsR
11th July 2007, 20:03
Makes sense Mike...

But who can I check where the login fails?

MattijsR
11th July 2007, 22:34
On www.courier-mta.org/authlib/README.authdebug.html (http://www.courier-mta.org/authlib/README.authdebug.html) I found how to debug the login.

Jul 11 21:18:25 fedora pop3d: Connection, ip=[::ffff:127.0.0.1]
Jul 11 21:18:48 fedora authdaemond: received auth request, service=pop3, authtype=login
Jul 11 21:18:48 fedora authdaemond: authmysql: trying this module
Jul 11 21:18:48 fedora authdaemond: SQL query: SELECT email, password, password, 5000, 5000, /home/vmail, CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/'), quota, "", "" FROM users WHERE email = "user@xxxxx.nl"
Jul 11 21:18:48 fedora authdaemond: mysql_query failed, reconnecting: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '/home/vmail, CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',' at line 1
Jul 11 21:18:48 fedora authdaemond: mysql_query failed second time, giving up: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '/home/vmail, CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',' at line 1
Jul 11 21:18:48 fedora authdaemond: authmysql: TEMPFAIL - no more modules will be tried
Jul 11 21:18:48 fedora pop3d: LOGIN FAILED, user=user@xxxxx.nl, ip=[::ffff:127.0.0.1]
Jul 11 21:18:48 fedora pop3d: authentication error: Input/output error

The SQL syntax is in /etc/authlib/authmysqlrc and my mistake was
MYSQL_HOME_FIELD /home/vmail

but should be
MYSQL_HOME_FIELD "/home/vmail"

Thanks for your help!!!