PhilyWisk
21st February 2008, 00:02
I'm sorry if I am being a bit dimm but I can't authenticate SMTP after following the Virtual Users And Domains With Postfix, Courier And MySQL (+ SMTP-AUTH, Quota, SpamAssassin, ClamAV) tutorial almost word-for-word.
Both pop and imap are working brilliantly, but when I come to enter my UN & PW (same ones for pop & imap auth) it is refused.
Note: DNS & PortForwarding is set up correctly. A telnet localhost 25 returns correctly, it is just the un & pw that seem to be the problem.
Thunderbird says:
The message could not be sent because connecting to SMTP server {servername} failed.
Here are some of my sasl files:
/etc/default/saslauthd
# This needs to be uncommented before saslauthd will be run automatically
START=yes
# You must specify the authentication mechanisms you wish to use.
# This defaults to "pam" for PAM support, but may also include
# "shadow" or "sasldb", like this:
# MECHANISMS="pam shadow"
MECHANISMS="pam"
PARAMS="-m /var/spool/postfix/var/run/saslauthd -r"
/etc/init.d/saslauthd
#! /bin/sh
### BEGIN INIT INFO
# Provides: saslauthd
# Required-Start: $local_fs $remote_fs
# Required-Stop: $local_fs $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: S 0 1 6
# Short-Description: saslauthd startup script
# Description: This script starts the saslauthd daemon. It is
# configured using the file /etc/default/saslauthd.
### END INIT INFO
# Author: Fabian Fagerholm <fabbe@debian.org>
#
# Based on previous work by Dima Barsky.
# Do NOT "set -e"
# PATH should only include /usr/* if it runs after the mountnfs.sh script
PATH=/usr/sbin:/usr/bin:/sbin:/bin
DESC="SASL Authentication Daemon"
NAME=saslauthd
DAEMON=/usr/sbin/$NAME
DAEMON_ARGS=""
SCRIPTNAME=/etc/init.d/$NAME
FALLBACK_RUN_DIR=/var/run/$NAME
EXIT_ERROR_CODE=1
# Exit if the daemon is not installed
test -x "$DAEMON" || exit 0
# Read configuration variable file if it is present
[ -r /etc/default/$NAME ] && . /etc/default/$NAME
# Load the VERBOSE setting and other rcS variables
[ -f /etc/default/rcS ] && . /etc/default/rcS
# Define LSB log_* functions.
# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
. /lib/lsb/init-functions
# Determine run directory and pid file location by looking for an -m option.
RUN_DIR=`echo "$OPTIONS" | xargs -n 1 echo | sed -n '/^-m$/{n;p}'`
if [ -z "$RUN_DIR" ]; then
# No run directory defined in defaults file, use fallback
RUN_DIR=$FALLBACK_RUN_DIR
fi
PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"
# If the daemon is not enabled, give the user a warning and then exit,
# unless we are stopping the daemon
if [ "$START" != "yes" -a "$1" != "stop" ]; then
log_warning_msg "To enable $NAME, edit /etc/default/$NAME and set START=yes"
exit 0
fi
# If no mechanisms are defined, log this and exit
if [ -z "$MECHANISMS" ]; then
log_failure_msg "No mechanisms defined in /etc/default/$NAME," \
"not starting $NAME"
exit $EXIT_ERROR_CODE
fi
# If there are mechanism options defined, prepare them for use with the -O flag
if [ -n "$MECH_OPTIONS" ]; then
MECH_OPTIONS="-O $MECH_OPTIONS"
fi
# If there is a threads option defined, prepare it for use with the -n flag
if [ -n "$THREADS" ]; then
THREAD_OPTIONS="-n $THREADS"
fi
# Construct argument string
DAEMON_ARGS="$DAEMON_ARGS -a $MECHANISMS $MECH_OPTIONS $OPTIONS $THREAD_OPTIONS"
#
# Function that creates a directory with the specified
# ownership and permissions
#
createdir()
{
# $1 = user
# $2 = group
# $3 = permissions (octal)
# $4 = path to directory
# In the future, use -P/-Z to have SE Linux enhancement.
install -d --group="$2" --mode="$3" --owner="$1" "$4"
}
#
# Function that starts the daemon/service
#
do_start()
{
# Return
# 0 if daemon has been started
# 1 if daemon was already running
# 2 if daemon could not be started
if dpkg-statoverride --list $RUN_DIR > /dev/null; then
dir=`dpkg-statoverride --list $RUN_DIR`
fi
test -z "$dir" || createdir $dir
start-stop-daemon --start --quiet --pidfile $PIDFILE --name $NAME \
--exec $DAEMON --test > /dev/null \
|| return 1
start-stop-daemon --start --quiet --pidfile $PIDFILE --name $NAME \
--exec $DAEMON -- $DAEMON_ARGS \
|| return 2
# Add code here, if necessary, that waits for the process to be ready
# to handle requests from services started subsequently which depend
# on this one. As a last resort, sleep for some time.
}
#
# Function that stops the daemon/service
#
do_stop()
{
# Return
# 0 if daemon has been stopped
# 1 if daemon was already stopped
# 2 if daemon could not be stopped
# other if a failure occurred
start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 \
--pidfile $PIDFILE --name $NAME
RETVAL="$?"
[ "$RETVAL" = 2 ] && return 2
# Wait for children to finish too if this is a daemon that forks
# and if the daemon is only ever run from this initscript.
# If the above conditions are not satisfied then add some other code
# that waits for the process to drop all resources that could be
# needed by services started subsequently. A last resort is to
# sleep for some time.
start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 \
--exec $DAEMON
[ "$?" = 2 ] && return 2
# Many daemons don't delete their pidfiles when they exit.
rm -f $PIDFILE
return "$RETVAL"
}
#
# Function that sends a SIGHUP to the daemon/service
#
do_reload() {
#
# If the daemon can reload its configuration without
# restarting (for example, when it is sent a SIGHUP),
# then implement that here.
#
start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE \
--name $NAME
return 0
}
case "$1" in
start)
[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
do_start
case "$?" in
0) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
1) [ "$VERBOSE" != no ] && log_progress_msg "(already running)" && \
log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
stop)
[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
do_stop
case "$?" in
0) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
1) [ "$VERBOSE" != no ] && log_progress_msg "(not running)" && \
log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
#reload|force-reload)
#
# If do_reload() is not implemented then leave this commented out
# and leave 'force-reload' as an alias for 'restart'.
#
#log_daemon_msg "Reloading $DESC" "$NAME"
#do_reload
#log_end_msg $?
#;;
restart|force-reload)
#
# If the "reload" option is implemented then remove the
# 'force-reload' alias
#
log_daemon_msg "Restarting $DESC" "$NAME"
do_stop
case "$?" in
0|1)
do_start
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
exit 3
;;
esac
:
/etc/pam.d/smtp
auth required pam_mysql.so user=mail_admin passwd=CORRECT_PWD_REPLACED host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1
account sufficient pam_mysql.so user=mail_admin passwd=CORRECT_PWD_REPLACED host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1
/etc/postfix/sasl/smtpd.conf
pwcheck_method: saslauthd
mech_list: plain login
allow_plaintext: true
auxprop_plugin: mysql
sql_hostnames: 127.0.0.1
sql_user: mail_admin
sql_passwd: CORRECT_PWD_REPLACED
sql_database: mail
sql_select: select password from users where email = '%u'
Finally, my /etc/postfix/main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
#Lines for SASL
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = MYDOMAIN
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_security_options = noanonymous
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
# TLS parameters
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = MYDOMAIN
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = MYDOMAIN, localhost, localhost.localdomain
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /home/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
virtual_sasl_auth_enable = yes
virtual_sasl_auth_clients = yes
broken_sasl_auth_clients = yes
smtpd_use_cert_file = /etc/postfix/smtpd.cert
smtpd_use_key_file = /etc/postfix/smtpd.key
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
virtual_mailbox_extended = yes
virtual_mailbox_limit_maips = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_mailbox_limit_message = "The user you are trying to reach is over their quota, sorry."
virtual_overquota_bounce = yes
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
content_filter = amavis:[127.0.0.1]:10024
recieve_override_options = no_address_mappings
virtual_create_maildirsize = yes
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_maildir_limit_message = "The user you are trying to reach is over quota."
tail -f /var/log/mail.log - during SMTP attempt
Feb 20 22:22:26 CHANGED_DOMAIN postfix/smtpd[19346]: connect from 216.XXX.XXXXXXXXX[84.XXX.XXX.XXX]
Feb 20 22:23:33 CHANGED_DOMAIN postfix/smtpd[19346]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Feb 20 22:23:33 CHANGED_DOMAIN postfix/smtpd[19346]: warning: SASL authentication failure: Password verification failed
Feb 20 22:23:33 CHANGED_DOMAIN postfix/smtpd[19346]: warning: 216.XXX.XXXXXXXXX[84.XXX.XXX.XXX]: SASL PLAIN authentication failed: generic failure
Feb 20 22:23:34 CHANGED_DOMAIN postfix/smtpd[19346]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Feb 20 22:23:34 CHANGED_DOMAIN postfix/smtpd[19346]: warning: 216.XXX.XXXXXXXXX[84.XXX.XXX.XXX]: SASL LOGIN authentication failed: generic failure
Feb 20 22:24:22 CHANGED_DOMAIN postfix/smtpd[19346]: disconnect from 216.XXX.XXXXXXXXX[84.XXX.XXX.XXX]
Both pop and imap are working brilliantly, but when I come to enter my UN & PW (same ones for pop & imap auth) it is refused.
Note: DNS & PortForwarding is set up correctly. A telnet localhost 25 returns correctly, it is just the un & pw that seem to be the problem.
Thunderbird says:
The message could not be sent because connecting to SMTP server {servername} failed.
Here are some of my sasl files:
/etc/default/saslauthd
# This needs to be uncommented before saslauthd will be run automatically
START=yes
# You must specify the authentication mechanisms you wish to use.
# This defaults to "pam" for PAM support, but may also include
# "shadow" or "sasldb", like this:
# MECHANISMS="pam shadow"
MECHANISMS="pam"
PARAMS="-m /var/spool/postfix/var/run/saslauthd -r"
/etc/init.d/saslauthd
#! /bin/sh
### BEGIN INIT INFO
# Provides: saslauthd
# Required-Start: $local_fs $remote_fs
# Required-Stop: $local_fs $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: S 0 1 6
# Short-Description: saslauthd startup script
# Description: This script starts the saslauthd daemon. It is
# configured using the file /etc/default/saslauthd.
### END INIT INFO
# Author: Fabian Fagerholm <fabbe@debian.org>
#
# Based on previous work by Dima Barsky.
# Do NOT "set -e"
# PATH should only include /usr/* if it runs after the mountnfs.sh script
PATH=/usr/sbin:/usr/bin:/sbin:/bin
DESC="SASL Authentication Daemon"
NAME=saslauthd
DAEMON=/usr/sbin/$NAME
DAEMON_ARGS=""
SCRIPTNAME=/etc/init.d/$NAME
FALLBACK_RUN_DIR=/var/run/$NAME
EXIT_ERROR_CODE=1
# Exit if the daemon is not installed
test -x "$DAEMON" || exit 0
# Read configuration variable file if it is present
[ -r /etc/default/$NAME ] && . /etc/default/$NAME
# Load the VERBOSE setting and other rcS variables
[ -f /etc/default/rcS ] && . /etc/default/rcS
# Define LSB log_* functions.
# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
. /lib/lsb/init-functions
# Determine run directory and pid file location by looking for an -m option.
RUN_DIR=`echo "$OPTIONS" | xargs -n 1 echo | sed -n '/^-m$/{n;p}'`
if [ -z "$RUN_DIR" ]; then
# No run directory defined in defaults file, use fallback
RUN_DIR=$FALLBACK_RUN_DIR
fi
PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"
# If the daemon is not enabled, give the user a warning and then exit,
# unless we are stopping the daemon
if [ "$START" != "yes" -a "$1" != "stop" ]; then
log_warning_msg "To enable $NAME, edit /etc/default/$NAME and set START=yes"
exit 0
fi
# If no mechanisms are defined, log this and exit
if [ -z "$MECHANISMS" ]; then
log_failure_msg "No mechanisms defined in /etc/default/$NAME," \
"not starting $NAME"
exit $EXIT_ERROR_CODE
fi
# If there are mechanism options defined, prepare them for use with the -O flag
if [ -n "$MECH_OPTIONS" ]; then
MECH_OPTIONS="-O $MECH_OPTIONS"
fi
# If there is a threads option defined, prepare it for use with the -n flag
if [ -n "$THREADS" ]; then
THREAD_OPTIONS="-n $THREADS"
fi
# Construct argument string
DAEMON_ARGS="$DAEMON_ARGS -a $MECHANISMS $MECH_OPTIONS $OPTIONS $THREAD_OPTIONS"
#
# Function that creates a directory with the specified
# ownership and permissions
#
createdir()
{
# $1 = user
# $2 = group
# $3 = permissions (octal)
# $4 = path to directory
# In the future, use -P/-Z to have SE Linux enhancement.
install -d --group="$2" --mode="$3" --owner="$1" "$4"
}
#
# Function that starts the daemon/service
#
do_start()
{
# Return
# 0 if daemon has been started
# 1 if daemon was already running
# 2 if daemon could not be started
if dpkg-statoverride --list $RUN_DIR > /dev/null; then
dir=`dpkg-statoverride --list $RUN_DIR`
fi
test -z "$dir" || createdir $dir
start-stop-daemon --start --quiet --pidfile $PIDFILE --name $NAME \
--exec $DAEMON --test > /dev/null \
|| return 1
start-stop-daemon --start --quiet --pidfile $PIDFILE --name $NAME \
--exec $DAEMON -- $DAEMON_ARGS \
|| return 2
# Add code here, if necessary, that waits for the process to be ready
# to handle requests from services started subsequently which depend
# on this one. As a last resort, sleep for some time.
}
#
# Function that stops the daemon/service
#
do_stop()
{
# Return
# 0 if daemon has been stopped
# 1 if daemon was already stopped
# 2 if daemon could not be stopped
# other if a failure occurred
start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 \
--pidfile $PIDFILE --name $NAME
RETVAL="$?"
[ "$RETVAL" = 2 ] && return 2
# Wait for children to finish too if this is a daemon that forks
# and if the daemon is only ever run from this initscript.
# If the above conditions are not satisfied then add some other code
# that waits for the process to drop all resources that could be
# needed by services started subsequently. A last resort is to
# sleep for some time.
start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 \
--exec $DAEMON
[ "$?" = 2 ] && return 2
# Many daemons don't delete their pidfiles when they exit.
rm -f $PIDFILE
return "$RETVAL"
}
#
# Function that sends a SIGHUP to the daemon/service
#
do_reload() {
#
# If the daemon can reload its configuration without
# restarting (for example, when it is sent a SIGHUP),
# then implement that here.
#
start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE \
--name $NAME
return 0
}
case "$1" in
start)
[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
do_start
case "$?" in
0) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
1) [ "$VERBOSE" != no ] && log_progress_msg "(already running)" && \
log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
stop)
[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
do_stop
case "$?" in
0) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
1) [ "$VERBOSE" != no ] && log_progress_msg "(not running)" && \
log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
#reload|force-reload)
#
# If do_reload() is not implemented then leave this commented out
# and leave 'force-reload' as an alias for 'restart'.
#
#log_daemon_msg "Reloading $DESC" "$NAME"
#do_reload
#log_end_msg $?
#;;
restart|force-reload)
#
# If the "reload" option is implemented then remove the
# 'force-reload' alias
#
log_daemon_msg "Restarting $DESC" "$NAME"
do_stop
case "$?" in
0|1)
do_start
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
exit 3
;;
esac
:
/etc/pam.d/smtp
auth required pam_mysql.so user=mail_admin passwd=CORRECT_PWD_REPLACED host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1
account sufficient pam_mysql.so user=mail_admin passwd=CORRECT_PWD_REPLACED host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1
/etc/postfix/sasl/smtpd.conf
pwcheck_method: saslauthd
mech_list: plain login
allow_plaintext: true
auxprop_plugin: mysql
sql_hostnames: 127.0.0.1
sql_user: mail_admin
sql_passwd: CORRECT_PWD_REPLACED
sql_database: mail
sql_select: select password from users where email = '%u'
Finally, my /etc/postfix/main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
#Lines for SASL
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = MYDOMAIN
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_security_options = noanonymous
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
# TLS parameters
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = MYDOMAIN
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = MYDOMAIN, localhost, localhost.localdomain
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /home/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
virtual_sasl_auth_enable = yes
virtual_sasl_auth_clients = yes
broken_sasl_auth_clients = yes
smtpd_use_cert_file = /etc/postfix/smtpd.cert
smtpd_use_key_file = /etc/postfix/smtpd.key
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
virtual_mailbox_extended = yes
virtual_mailbox_limit_maips = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_mailbox_limit_message = "The user you are trying to reach is over their quota, sorry."
virtual_overquota_bounce = yes
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
content_filter = amavis:[127.0.0.1]:10024
recieve_override_options = no_address_mappings
virtual_create_maildirsize = yes
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_maildir_limit_message = "The user you are trying to reach is over quota."
tail -f /var/log/mail.log - during SMTP attempt
Feb 20 22:22:26 CHANGED_DOMAIN postfix/smtpd[19346]: connect from 216.XXX.XXXXXXXXX[84.XXX.XXX.XXX]
Feb 20 22:23:33 CHANGED_DOMAIN postfix/smtpd[19346]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Feb 20 22:23:33 CHANGED_DOMAIN postfix/smtpd[19346]: warning: SASL authentication failure: Password verification failed
Feb 20 22:23:33 CHANGED_DOMAIN postfix/smtpd[19346]: warning: 216.XXX.XXXXXXXXX[84.XXX.XXX.XXX]: SASL PLAIN authentication failed: generic failure
Feb 20 22:23:34 CHANGED_DOMAIN postfix/smtpd[19346]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Feb 20 22:23:34 CHANGED_DOMAIN postfix/smtpd[19346]: warning: 216.XXX.XXXXXXXXX[84.XXX.XXX.XXX]: SASL LOGIN authentication failed: generic failure
Feb 20 22:24:22 CHANGED_DOMAIN postfix/smtpd[19346]: disconnect from 216.XXX.XXXXXXXXX[84.XXX.XXX.XXX]