Hello *,

At first I have to thank for all the howtos, they really helped me a lot!

I followed the howto of http://www.howtoforge.org/isp-mailserver-with-virtual-users-domains-postfix-dovecot-mysql-centos5.0.

Receiving emails is no problem and works really fine. But if I try to send emails, I got following errors:

In the /var/log/maillog:

Dec 1 23:09:41 h1426918 postfix/smtpd[3711]: initializing the server-side TLS engine
Dec 1 23:09:41 h1426918 postfix/smtpd[3711]: connect from *****.pool.einsundeins.de[77.188.53.1]
Dec 1 23:09:43 h1426918 postfix/smtpd[3711]: warning: SASL authentication failure: Password verification failed
Dec 1 23:09:43 h1426918 postfix/smtpd[3711]: warning: *****.pool.einsundeins.de[77.188.53.1]: SASL PLAIN authentication failed: authentication failure
Dec 1 23:09:44 h1426918 postfix/smtpd[3711]: lost connection after AUTH from ******.pool.einsundeins.de[77.188.53.1]
Dec 1 23:09:44 h1426918 postfix/smtpd[3711]: disconnect from ******.pool.einsundeins.de[77.188.53.1]


In the /var/log/message

Dec 1 23:09:41 h1426918 postfix/smtpd[3711]: sql_select option missing
Dec 1 23:09:41 h1426918 postfix/smtpd[3711]: auxpropfunc error no mechanism available
Dec 1 23:09:41 h1426918 postfix/smtpd[3711]: auxpropfunc error invalid parameter supplied
Dec 1 23:09:43 h1426918 saslauthd[30061]: do_auth : auth failure: [user=webmaster] [service=smtp] [realm=***.de] [mech=pam] [reason=PAM auth error]


When I run saslfinger I got the following results.

saslfinger - postfix Cyrus sasl configuration Mo 1. Dez 23:17:06 CET 2008
version: 1.0.2
mode: client-side SMTP AUTH

-- basics --
Postfix: 2.3.3
System: CentOS release 5.2 (Final)

-- smtp is linked to --
libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7d58000)

-- active SMTP AUTH and TLS parameters for smtp --
relayhost =
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes


-- listing of /usr/lib/sasl --
insgesamt 32
drwxr-xr-x 2 root root 4096 1. Dez 22:51 .
drwxr-xr-x 79 root root 20480 27. Nov 19:10 ..
-rw-r--r-- 1 root root 48 1. Dez 22:51 smtpd.conf
-rw-r--r-- 1 root root 270 1. Dez 22:51 smtpd.conf~

-- listing of /usr/lib/sasl2 --
insgesamt 3384
drwxr-xr-x 2 root root 4096 1. Dez 22:58 .
drwxr-xr-x 79 root root 20480 27. Nov 19:10 ..
-rwxr-xr-x 1 root root 884 7. Jan 2007 libanonymous.la
-rwxr-xr-x 1 root root 14372 7. Jan 2007 libanonymous.so
-rwxr-xr-x 1 root root 14372 7. Jan 2007 libanonymous.so.2
-rwxr-xr-x 1 root root 14372 7. Jan 2007 libanonymous.so.2.0.22
-rwxr-xr-x 1 root root 870 7. Jan 2007 libcrammd5.la
-rwxr-xr-x 1 root root 16832 7. Jan 2007 libcrammd5.so
-rwxr-xr-x 1 root root 16832 7. Jan 2007 libcrammd5.so.2
-rwxr-xr-x 1 root root 16832 7. Jan 2007 libcrammd5.so.2.0.22
-rwxr-xr-x 1 root root 893 7. Jan 2007 libdigestmd5.la
-rwxr-xr-x 1 root root 47204 7. Jan 2007 libdigestmd5.so
-rwxr-xr-x 1 root root 47204 7. Jan 2007 libdigestmd5.so.2
-rwxr-xr-x 1 root root 47204 7. Jan 2007 libdigestmd5.so.2.0.22
-rwxr-xr-x 1 root root 933 7. Jan 2007 libgssapiv2.la
-rwxr-xr-x 1 root root 26528 7. Jan 2007 libgssapiv2.so
-rwxr-xr-x 1 root root 26528 7. Jan 2007 libgssapiv2.so.2
-rwxr-xr-x 1 root root 26528 7. Jan 2007 libgssapiv2.so.2.0.22
-rwxr-xr-x 1 root root 877 7. Jan 2007 libldapdb.la
-rwxr-xr-x 1 root root 15472 7. Jan 2007 libldapdb.so
-rwxr-xr-x 1 root root 15472 7. Jan 2007 libldapdb.so.2
-rwxr-xr-x 1 root root 15472 7. Jan 2007 libldapdb.so.2.0.22
-rwxr-xr-x 1 root root 856 7. Jan 2007 liblogin.la
-rwxr-xr-x 1 root root 14752 7. Jan 2007 liblogin.so
-rwxr-xr-x 1 root root 14752 7. Jan 2007 liblogin.so.2
-rwxr-xr-x 1 root root 14752 7. Jan 2007 liblogin.so.2.0.22
-rwxr-xr-x 1 root root 858 7. Jan 2007 libntlm.la
-rwxr-xr-x 1 root root 31516 7. Jan 2007 libntlm.so
-rwxr-xr-x 1 root root 31516 7. Jan 2007 libntlm.so.2
-rwxr-xr-x 1 root root 31516 7. Jan 2007 libntlm.so.2.0.22
-rwxr-xr-x 1 root root 856 7. Jan 2007 libplain.la
-rwxr-xr-x 1 root root 14848 7. Jan 2007 libplain.so
-rwxr-xr-x 1 root root 14848 7. Jan 2007 libplain.so.2
-rwxr-xr-x 1 root root 14848 7. Jan 2007 libplain.so.2.0.22
-rwxr-xr-x 1 root root 930 7. Jan 2007 libsasldb.la
-rwxr-xr-x 1 root root 905200 7. Jan 2007 libsasldb.so
-rwxr-xr-x 1 root root 905200 7. Jan 2007 libsasldb.so.2
-rwxr-xr-x 1 root root 905200 7. Jan 2007 libsasldb.so.2.0.22
-rwxr-xr-x 1 root root 878 7. Jan 2007 libsql.la
-rwxr-xr-x 1 root root 23084 7. Jan 2007 libsql.so
-rwxr-xr-x 1 root root 23084 7. Jan 2007 libsql.so.2
-rwxr-xr-x 1 root root 23084 7. Jan 2007 libsql.so.2.0.22
-rw-r--r-- 1 root root 61 1. Dez 22:58 smtpd.conf
-rw-r--r-- 1 root root 48 1. Dez 22:58 smtpd.conf~

-- listing of /etc/sasl2 --
insgesamt 8
drwxr-xr-x 2 root root 4096 7. Jan 2007 .
drwxr-xr-x 79 root root 4096 28. Nov 21:42 ..


Cannot find the smtp_sasl_password_maps parameter in main.cf.
Client-side SMTP AUTH cannot work without this parameter!

So I think, there should be something wrong with this mysterious smtp_sasl_password_maps parameter. But how it has to look like? I searched a little bit but don't get an answer that helped me really ...

saslfinger for the server-side returns this:

saslfinger - postfix Cyrus sasl configuration Mo 1. Dez 23:18:55 CET 2008
version: 1.0.2
mode: server-side SMTP AUTH

-- basics --
Postfix: 2.3.3
System: CentOS release 5.2 (Final)

-- smtpd is linked to --
libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7d45000)

-- active SMTP AUTH and TLS parameters for smtpd --
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/postfix/ssl/mailserver/cacert.pem
smtpd_tls_cert_file = /etc/postfix/ssl/mailserver/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/mailserver/smtpd.key
smtpd_tls_loglevel = 4
smtpd_tls_received_header = no
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes


-- listing of /usr/lib/sasl --
insgesamt 32
drwxr-xr-x 2 root root 4096 1. Dez 22:51 .
drwxr-xr-x 79 root root 20480 27. Nov 19:10 ..
-rw-r--r-- 1 root root 48 1. Dez 22:51 smtpd.conf
-rw-r--r-- 1 root root 270 1. Dez 22:51 smtpd.conf~

-- listing of /usr/lib/sasl2 --
insgesamt 3384
drwxr-xr-x 2 root root 4096 1. Dez 22:58 .
drwxr-xr-x 79 root root 20480 27. Nov 19:10 ..
-rwxr-xr-x 1 root root 884 7. Jan 2007 libanonymous.la
-rwxr-xr-x 1 root root 14372 7. Jan 2007 libanonymous.so
-rwxr-xr-x 1 root root 14372 7. Jan 2007 libanonymous.so.2
-rwxr-xr-x 1 root root 14372 7. Jan 2007 libanonymous.so.2.0.22
-rwxr-xr-x 1 root root 870 7. Jan 2007 libcrammd5.la
-rwxr-xr-x 1 root root 16832 7. Jan 2007 libcrammd5.so
-rwxr-xr-x 1 root root 16832 7. Jan 2007 libcrammd5.so.2
-rwxr-xr-x 1 root root 16832 7. Jan 2007 libcrammd5.so.2.0.22
-rwxr-xr-x 1 root root 893 7. Jan 2007 libdigestmd5.la
-rwxr-xr-x 1 root root 47204 7. Jan 2007 libdigestmd5.so
-rwxr-xr-x 1 root root 47204 7. Jan 2007 libdigestmd5.so.2
-rwxr-xr-x 1 root root 47204 7. Jan 2007 libdigestmd5.so.2.0.22
-rwxr-xr-x 1 root root 933 7. Jan 2007 libgssapiv2.la
-rwxr-xr-x 1 root root 26528 7. Jan 2007 libgssapiv2.so
-rwxr-xr-x 1 root root 26528 7. Jan 2007 libgssapiv2.so.2
-rwxr-xr-x 1 root root 26528 7. Jan 2007 libgssapiv2.so.2.0.22
-rwxr-xr-x 1 root root 877 7. Jan 2007 libldapdb.la
-rwxr-xr-x 1 root root 15472 7. Jan 2007 libldapdb.so
-rwxr-xr-x 1 root root 15472 7. Jan 2007 libldapdb.so.2
-rwxr-xr-x 1 root root 15472 7. Jan 2007 libldapdb.so.2.0.22
-rwxr-xr-x 1 root root 856 7. Jan 2007 liblogin.la
-rwxr-xr-x 1 root root 14752 7. Jan 2007 liblogin.so
-rwxr-xr-x 1 root root 14752 7. Jan 2007 liblogin.so.2
-rwxr-xr-x 1 root root 14752 7. Jan 2007 liblogin.so.2.0.22
-rwxr-xr-x 1 root root 858 7. Jan 2007 libntlm.la
-rwxr-xr-x 1 root root 31516 7. Jan 2007 libntlm.so
-rwxr-xr-x 1 root root 31516 7. Jan 2007 libntlm.so.2
-rwxr-xr-x 1 root root 31516 7. Jan 2007 libntlm.so.2.0.22
-rwxr-xr-x 1 root root 856 7. Jan 2007 libplain.la
-rwxr-xr-x 1 root root 14848 7. Jan 2007 libplain.so
-rwxr-xr-x 1 root root 14848 7. Jan 2007 libplain.so.2
-rwxr-xr-x 1 root root 14848 7. Jan 2007 libplain.so.2.0.22
-rwxr-xr-x 1 root root 930 7. Jan 2007 libsasldb.la
-rwxr-xr-x 1 root root 905200 7. Jan 2007 libsasldb.so
-rwxr-xr-x 1 root root 905200 7. Jan 2007 libsasldb.so.2
-rwxr-xr-x 1 root root 905200 7. Jan 2007 libsasldb.so.2.0.22
-rwxr-xr-x 1 root root 878 7. Jan 2007 libsql.la
-rwxr-xr-x 1 root root 23084 7. Jan 2007 libsql.so
-rwxr-xr-x 1 root root 23084 7. Jan 2007 libsql.so.2
-rwxr-xr-x 1 root root 23084 7. Jan 2007 libsql.so.2.0.22
-rw-r--r-- 1 root root 61 1. Dez 22:58 smtpd.conf
-rw-r--r-- 1 root root 48 1. Dez 22:58 smtpd.conf~

-- listing of /etc/sasl2 --
insgesamt 8
drwxr-xr-x 2 root root 4096 7. Jan 2007 .
drwxr-xr-x 79 root root 4096 28. Nov 21:42 ..




-- content of /usr/lib/sasl/smtpd.conf --
pwcheck_method: saslauthd
mech_list: plain login
-- content of /usr/lib/sasl2/smtpd.conf --
pwcheck_method: saslauthd
mech_list: plain login
log_level: 5
-- content of /etc/postfix/sasl/smtpd.conf --
pwcheck_method: saslauthd
mech_list: plain login
log_level: 5

-- active services in /etc/postfix/master.cf --
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
smtp inet n - n - - smtpd
-o content_filter=spamfilter:dummy
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
-o smtp_fallback_relay=
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
mailman unix - n n - - pipe
flags=FR user=mailman argv=/urs/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
spamfilter unix - n n - - pipe
flags=Rq user=spamfilter argv=/usr/local/bin/spamfilter -f ${sender} -- ${recipient}

-- mechanisms on localhost --

-- end of saslfinger output --


I hope you can help me, thanks a lot!

Can you try
pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/var/spool/authdaemon/socket
in /usr/lib/sasl2/smtpd.conf?

@Falko, I tried it out but it didn't changed anything.
Perheps it's important, that the /var/spool/authdaemon/socket does not exist?

Did you start the courier-authdaemon?

no, I don't have it. I don't use courier. I use Postfix with Dovecot. And in the installation howto it's not mentioned...

EDIT: I tried something different and it worked. I read in the Postfix SASL Howto, that it is possible to use the auth of dovecot, so I tried and everything is fine. Here (http://www.postfix.org/SASL_README.html#server_dovecot) for more information, perhaps someone else has the same problem ...

Naja, I don't suppose you could post your dovecot and postfix configs? I'm going to try taking the same route as you, as I'm having the same problems. I'm working on the dovecot config right now, but I'm getting sort of lost between the SASL docs and using mysql for auth.

Scratch that! Thanks for your insight, I found http://wiki.dovecot.org/HowTo/DovecotLDAPostfixAdminMySQL and sorted out the last few details. Yes! (It's been many days running now and now I celebrate).