PDA

View Full Version : SMTP cannot authenticate


Happy_Gillmore
10th July 2009, 20:16
ISPCONFIG 2 setup with ubuntu 8.04 TLS server

Internal sending of email works fine. ie: roundcubemail, PHP scripts, etc...
My email client keeps asking for smtp password regardles of using no-encryption or TLS, PLAIN or LOGIN.

When I telnet here is what I get:
ps: I switched the real domain with "domain.com" on this output for posting purposes.
-----------------------------------------------------------------------------------
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 server1.domain.com ESMTP Postfix (Ubuntu)

ehlo localhost
250-server1.domain.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
auth login
334 VXNlcm5hbWU6
334 UGFzc3dvcmQ6
535 5.7.8 Error: authentication failed: generic failure

-----------------------------------------------------------------------------------

I think I messed up my ssl certificates and need to re-generate them.
How do I re-generate them?
Or if someone thinks it could be another problem please let me know.

Thank you.

till
11th July 2009, 09:52
Please post the exact error messages from the mail log.

Happy_Gillmore
13th July 2009, 23:30
Here's the output of /var/log/mail.log
note: removed cipher string for posting purposes.

************************************************** **************************************************
Jul 13 16:19:59 server1 postfix/smtpd[7916]: connect from unknown[192.168.0.105]
Jul 13 16:19:59 server1 postfix/smtpd[7916]: setting up TLS connection from unknown[192.168.0.105]

Jul 13 16:19:59 server1 postfix/smtpd[7916]: Anonymous TLS connection established from unknown[192.168.0.105]: TLSv1 with cipher [cipher goes here] (256/256 bits)
Jul 13 16:19:59 server1 pop3d: Connection, ip=[::ffff:192.168.0.105]
Jul 13 16:19:59 server1 pop3d: Connection, ip=[::ffff:192.168.0.105]
Jul 13 16:20:07 server1 postfix/smtpd[7916]: warning: SASL authentication problem: unknown password verifier

Jul 13 16:20:07 server1 postfix/smtpd[7916]: warning: SASL authentication failure: Password verification failed

Jul 13 16:20:07 server1 postfix/smtpd[7916]: warning: unknown[192.168.0.105]: SASL PLAIN authentication failed: no mechanism available
************************************************** **********************************************

Any idea?

abix_adamj
14th July 2009, 01:01
SASL PLAIN authentication failed: no mechanism available
This seems to be bad onfiguration of client's email client software.

My ISPConfig tells to me:
adasiek@sea-star:~> telnet vps 25
Trying 91.x.y.z...
Connected to vps.
Escape character is '^]'.
220 vps........pl ESMTP Postfix (Debian/GNU at vps.........pl)
EHLO test
250-vps.............pl
250-PIPELINING
250-SIZE 30240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
auth login
334 VXNlcm5hbWU6
ENTER an ENTER key
334 UGFzc3dvcmQ6
ENTER an ENTER key
535 5.7.8 Error: authentication failed: generic failure

But good configured software like Mozilla Thunderbird works perfectly.

So please try to change the client's password and to make another try with Mozilla Thunderbird.

Adam

Happy_Gillmore
14th July 2009, 01:28
Thank you for the helping hand, however it is not a client problem.
Since I'm up for anything I did however change the client's password like you sugested but still nothing.

if you look at the mail log it says why, i just don't know where to start fixing this.

I have checked all the steps I took to configure the server in the perfect setup guide and verified all the files one-by-one and they all match the perfect setup guide.

abix_adamj
14th July 2009, 10:38
Sure, I didn't notice ....

please, send here:
root@vps:~# ps xfaw | grep sasla
26300 pts/0 S+ 0:00 \_ grep sasla
13319 ? Ss 0:00 /usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/var/run/saslauthd -r -n 5
13320 ? S 0:00 \_ /usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/var/run/saslauthd -r -n 5
13321 ? S 0:00 \_ /usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/var/run/saslauthd -r -n 5
13322 ? S 0:00 \_ /usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/var/run/saslauthd -r -n 5
13324 ? S 0:00 \_ /usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/var/run/saslauthd -r -n 5


Also, I'm using such packages to make authentication:
root@vps:~# dpkg -l | grep sasl
ii libauthen-sasl-perl 2.12-1 Authen::SASL - SASL Authentication framework
ii libsasl2-2 2.1.22.dfsg1-23+lenny1 Cyrus SASL - authentication abstraction libr
ii libsasl2-modules 2.1.22.dfsg1-23+lenny1 Cyrus SASL - pluggable authentication module
ii libsasl2-modules-sql 2.1.22.dfsg1-23+lenny1 Cyrus SASL - pluggable authentication module
ii sasl2-bin 2.1.22.dfsg1-23+lenny1 Cyrus SASL - administration programs for SAS
root@vps:~# dpkg -l | grep cyrus
root@vps:~# dpkg -l | grep cour
ii courier-authdaemon 0.61.0-1+lenny1 Courier authentication daemon
ii courier-authlib 0.61.0-1+lenny1 Courier authentication library
ii courier-authlib-mysql 0.61.0-1+lenny1 MySQL support for the Courier authentication
ii courier-authlib-userdb 0.61.0-1+lenny1 userdb support for the Courier authenticatio
ii courier-base 0.60.0-2 Courier mail server - base system
ii courier-imap 4.4.0-2 Courier mail server - IMAP server
ii courier-imap-ssl 4.4.0-2 Courier mail server - IMAP over SSL
rc courier-maildrop 0.60.0-2 Courier mail server - mail delivery agent
ii courier-pop 0.60.0-2 Courier mail server - POP3 server
ii courier-pop-ssl 0.60.0-2 Courier mail server - POP3 over SSL
ii courier-ssl 0.60.0-2 Courier mail server - SSL/TLS Support


What you are using ?

Adam

Happy_Gillmore
14th July 2009, 17:32
huh...... I get the following:


administrator@server1:/$ ps xfaw | grep sasla
23604 pts/0 S+ 0:00 \_ grep sasla
5403 ? Ss 0:00 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
5404 ? S 0:00 \_ /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
5405 ? S 0:00 \_ /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
5406 ? S 0:00 \_ /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
5407 ? S 0:00 \_ /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
8988 ? Ss 0:00 /usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/var/run/saslauthd -r -n 5
8989 ? S 0:00 \_ /usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/var/run/saslauthd -r -n 5
8990 ? S 0:00 \_ /usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/var/run/saslauthd -r -n 5
8991 ? S 0:00 \_ /usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/var/run/saslauthd -r -n 5
8992 ? S 0:00 \_ /usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/var/run/saslauthd -r -n 5





administrator@server1:/$ dpkg -l | grep sasl
ii libsasl2-2 2.1.22.dfsg1-18ubuntu2 Cyrus SASL - authentication abstraction libr
ii libsasl2-modules 2.1.22.dfsg1-18ubuntu2 Cyrus SASL - pluggable authentication module
ii sasl2-bin 2.1.22.dfsg1-18ubuntu2 Cyrus SASL - administration programs for SAS
administrator@server1:/$ dpkg -l | grep cyrus
administrator@server1:/$ dpkg -l | grep cour
ii courier-authdaemon 0.60.1-1ubuntu2 Courier authentication daemon
ii courier-authlib 0.60.1-1ubuntu2 Courier authentication library
ii courier-authlib-userdb 0.60.1-1ubuntu2 userdb support for the Courier authenticatio
ii courier-base 0.58.0.20080127-1ubuntu1 Courier mail server - base system
ii courier-imap 4.3.0.20081027-1ubuntu1 Courier mail server - IMAP server
ii courier-imap-ssl 4.3.0.20081027-1ubuntu1 Courier mail server - IMAP over SSL
ii courier-pop 0.58.0.20080127-1ubuntu1 Courier mail server - POP3 server
ii courier-pop-ssl 0.58.0.20080127-1ubuntu1 Courier mail server - POP3 over SSL
ii courier-ssl 0.58.0.20080127-1ubuntu1 Courier mail server - SSL/TLS Support

abix_adamj
14th July 2009, 18:43
I think that you have running two instances saslauthd, and this is your problem.
Try to check /etc/init.d

Adam

Happy_Gillmore
14th July 2009, 22:21
Adam, you have been a great help! :D

You made me realize I had royally screwed up somewhere in my installation so I went ahead and re-installed from scratch.
It was way easier to do this than to waste more time trying to find the needle in the hay stack.

All is fine now and I can send emails using TLS without any problems!

Thanks a lot! :)

abix_adamj
14th July 2009, 23:48
OK - I'm glad I can help.

Adam