PDA

View Full Version : Read but not send mail


briggers
15th September 2005, 17:22
Hi,
This was originally posted alongside an ftp log-in problem ' cause i thought they might be related.

So the background is that I can read mail (pop3) but not send mail.
The mail client - Thunderbird - gives error that the SMTP server is rejecting the log-in and asks for username and password repeatedly.

The mail log contains:
Sep 15 15:21:42 ns0 ipop3d[11064]: Auth user=travalog.com_rb host=[192.168.1.250] nmsgs=0/0
Sep 15 15:21:42 ns0 ipop3d[11064]: Logout user=travalog.com_rb host=[192.168.1.250] nmsgs=0 ndele=0
Sep 15 15:24:49 ns0 postfix/anvil[11041]: statistics: max connection rate 1/60s for (smtp:192.168.1.250) at Sep 15 15:20:32
Sep 15 15:24:49 ns0 postfix/anvil[11041]: statistics: max connection count 1 for (smtp:192.168.1.250) at Sep 15 15:20:32
Sep 15 15:24:49 ns0 postfix/anvil[11041]: statistics: max cache size 1 at Sep 15 15:20:32
Sep 15 15:27:14 ns0 ipop3d[11188]: pop3 service init from 192.168.1.250
Sep 15 15:27:15 ns0 ipop3d[11188]: Auth user=travalog.com_rb host=[192.168.1.250] nmsgs=0/0
Sep 15 15:27:15 ns0 ipop3d[11188]: Logout user=travalog.com_rb host=[192.168.1.250] nmsgs=0 ndele=0
Sep 15 15:31:44 ns0 postfix/smtpd[11282]: connect from unknown[192.168.1.250]
Sep 15 15:31:50 ns0 postfix/smtpd[11282]: warning: SASL authentication problem: unknown password verifier
Sep 15 15:31:50 ns0 postfix/smtpd[11282]: warning: SASL authentication failure: Password verification failed
Sep 15 15:31:50 ns0 postfix/smtpd[11282]: warning: unknown[192.168.1.250]: SASL PLAIN authentication failed
Sep 15 15:31:50 ns0 postfix/smtpd[11282]: warning: SASL authentication problem: unknown password verifier
Sep 15 15:31:50 ns0 postfix/smtpd[11282]: warning: unknown[192.168.1.250]: SASL LOGIN authentication failed
Sep 15 15:31:55 ns0 postfix/smtpd[11282]: warning: SASL authentication problem: unknown password verifier
Sep 15 15:31:55 ns0 postfix/smtpd[11282]: warning: SASL authentication failure: Password verification failed
Sep 15 15:31:55 ns0 postfix/smtpd[11282]: warning: unknown[192.168.1.250]: SASL PLAIN authentication failed
Sep 15 15:31:55 ns0 postfix/smtpd[11282]: warning: SASL authentication problem: unknown password verifier
Sep 15 15:31:55 ns0 postfix/smtpd[11282]: warning: unknown[192.168.1.250]: SASL LOGIN authentication failed
Sep 15 15:32:39 ns0 postfix/smtpd[11282]: lost connection after AUTH from unknown[192.168.1.250]
Sep 15 15:32:39 ns0 postfix/smtpd[11282]: disconnect from unknown[192.168.1.250]
Sep 15 15:33:46 ns0 ipop3d[11325]: pop3 service init from 192.168.1.250
Sep 15 15:33:47 ns0 ipop3d[11325]: Auth user=travalog.com_rb host=[192.168.1.250] nmsgs=0/0
Sep 15 15:33:48 ns0 ipop3d[11325]: Logout user=travalog.com_rb host=[192.168.1.250] nmsgs=0 ndele=0
Sep 15 15:35:59 ns0 postfix/anvil[11284]: statistics: max connection rate 1/60s for (smtp:192.168.1.250) at Sep 15 15:31:44
Sep 15 15:35:59 ns0 postfix/anvil[11284]: statistics: max connection count 1 for (smtp:192.168.1.250) at Sep 15 15:31:44
Sep 15 15:35:59 ns0 postfix/anvil[11284]: statistics: max cache size 1 at Sep 15 15:31:44
Sep 15 15:37:14 ns0 ipop3d[11398]: pop3 service init from 192.168.1.250
Sep 15 15:37:15 ns0 ipop3d[11398]: Auth user=travalog.com_rb host=[192.168.1.250] nmsgs=0/0
Sep 15 15:37:15 ns0 ipop3d[11398]: Logout user=travalog.com_rb host=[192.168.1.250] nmsgs=0 ndele=0

As you see, it accepts the pop3 log-in but rejects the smtp

This line looks suspicious:
Sep 15 15:31:50 ns0 postfix/smtpd[11282]: warning: SASL authentication problem: unknown password verifier

The same username/password is used for both read and send.

I have tried it with both Plain and TLS authentication - both give the same result.

Any thoughts?

Thank you

falko
15th September 2005, 17:26
Is saslauthd running? Run ps aux to find out.
What's the output if you issue a telnet localhost 25 and then ehlo localhost?

briggers
15th September 2005, 17:58
Hi Falko,

Is saslauthd running? Run ps aux to find out.
Yes
What's the output if you issue a telnet localhost 25 and then ehlo localhost?

connected to local...

250-ns0.iimco.net
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-8BITMIME



Thanks

mattg
13th January 2006, 17:24
I have the same problem, but as far as i can tell, all my config files are as the how to says they should be with no whitespace. I can login and retrieve messages with thunderbird using pop3, but then when i try to send with no encryption using the same username/password, it just keeps asking for thepassword again.

The only anomaly in the system is that using webmin, i can't stop/start saslauthd successfully. Stopping it fails with 'not running' even though it shows up in the process list. starting fails too as there is one instance already there (that won't stop). If I kill all processes for saslauthd, then i can start it ok from webmin.

here is the tail of my mail.log. All assistance greatly appreciated and THANK YOU for such a well written and helpful how to!

Jan 13 16:12:49 inauraa1 courierpop3login: Connection, ip=[::ffff:88.108.81.10]
Jan 13 16:12:49 inauraa1 courierpop3login: LOGIN, user=mattmyday.to, ip=[::ffff:88.108.81.10]
Jan 13 16:12:49 inauraa1 courierpop3login: LOGOUT, user=mattmyday.to, ip=[::ffff:88.108.81.10], top=0, retr=0, time=0
Jan 13 16:13:02 inauraa1 postfix/smtpd[15305]: connect from 88-108-81-10.dynamic.dsl.as9105.com[88.108.81.10]
Jan 13 16:13:03 inauraa1 postfix/smtpd[15305]: NOQUEUE: reject: RCPT from 88-108-81-10.dynamic.dsl.as9105.com[88.108.81.10]: 554 <mattinaura.net>: Relay access denied; from=<mattmyday.to> to=<mattinaura.net> proto=ESMTP helo=<[127.0.0.1]>
Jan 13 16:13:06 inauraa1 postfix/smtpd[15305]: disconnect from 88-108-81-10.dynamic.dsl.as9105.com[88.108.81.10]
Jan 13 16:13:23 inauraa1 postfix/smtpd[15305]: connect from 88-108-81-10.dynamic.dsl.as9105.com[88.108.81.10]
Jan 13 16:13:31 inauraa1 postfix/smtpd[15305]: warning: SASL authentication problem: unknown password verifier
Jan 13 16:13:31 inauraa1 postfix/smtpd[15305]: warning: SASL authentication failure: Password verification failed
Jan 13 16:13:31 inauraa1 postfix/smtpd[15305]: warning: 88-108-81-10.dynamic.dsl.as9105.com[88.108.81.10]: SASL PLAIN authentication failed
Jan 13 16:13:31 inauraa1 postfix/smtpd[15305]: warning: SASL authentication problem: unknown password verifier
Jan 13 16:13:31 inauraa1 postfix/smtpd[15305]: warning: 88-108-81-10.dynamic.dsl.as9105.com[88.108.81.10]: SASL LOGIN authentication failed
Jan 13 16:13:46 inauraa1 postfix/smtpd[15305]: warning: SASL authentication problem: unknown password verifier
Jan 13 16:13:46 inauraa1 postfix/smtpd[15305]: warning: SASL authentication failure: Password verification failed
Jan 13 16:13:46 inauraa1 postfix/smtpd[15305]: warning: 88-108-81-10.dynamic.dsl.as9105.com[88.108.81.10]: SASL PLAIN authentication failed
Jan 13 16:13:46 inauraa1 postfix/smtpd[15305]: warning: SASL authentication problem: unknown password verifier
Jan 13 16:13:46 inauraa1 postfix/smtpd[15305]: warning: 88-108-81-10.dynamic.dsl.as9105.com[88.108.81.10]: SASL LOGIN authentication failed
Jan 13 16:15:00 inauraa1 postfix/smtpd[15305]: warning: SASL authentication problem: unknown password verifier
Jan 13 16:15:00 inauraa1 postfix/smtpd[15305]: warning: SASL authentication failure: Password verification failed
Jan 13 16:15:00 inauraa1 postfix/smtpd[15305]: warning: 88-108-81-10.dynamic.dsl.as9105.com[88.108.81.10]: SASL PLAIN authentication failed
Jan 13 16:15:00 inauraa1 postfix/smtpd[15305]: warning: SASL authentication problem: unknown password verifier
Jan 13 16:15:00 inauraa1 postfix/smtpd[15305]: warning: 88-108-81-10.dynamic.dsl.as9105.com[88.108.81.10]: SASL LOGIN authentication failed
Jan 13 16:15:06 inauraa1 postfix/smtpd[15305]: disconnect from 88-108-81-10.dynamic.dsl.as9105.com[88.108.81.10]

till
13th January 2006, 19:00
Which linux distribution do you use? have you used one of the perfect setup howtos?

mattg
13th January 2006, 21:16
No, I'm configuring a miniserver at a remote ISP. It's Debian sarge 3.1 and it was clean when i got it, but i did a bit of fiddling about using non-standard apt sources trying to get a php accelerator installed.

The first time i tried the how-to i ended up not having sasl or tls running at all, for no good reason. I amended sources.list to be just the normal entries and ran apt-get --purge remove postfix postfix-tls, then did the same for courier* and started again from scratch, leaving me where i am now.

I am a bit suspicious that it seems to be a sasl problem when it was sasl that i overlooked from the purge (as it would have taken my apache configuration with it). I'm thinking maybe i might have a non-standard version.

When I ran the how-to both times, I didn't get asked the suExec question as described in the beginning, or which webserver i would like to configure automatically. I installed Apache2 before i looked at this tutorial, which brought openssl and sasl with it, so what i was contemplating was backing up my website and apache2 config files, then purging the whole lot and starting from scratch. Would you recommend this and will the initial big apt-get command install apache2 as part of the process when i run it again?

falko
13th January 2006, 22:18
Which tutorial are you talking about? Please post the URL. I guess you mean this one: http://www.howtoforge.com/virtual_postfix_mysql_quota_courier

Which Postfix version are you running? You can find out by running postconf -d | grep mail_version

mattg
13th January 2006, 22:23
Sorry, should have mentioned the tutorial, yes it is that one. Thanks for writing it!

root@inauraa1:~# postconf -d | grep mail_version
mail_version = 2.1.5
root@inauraa1:~#

falko
13th January 2006, 22:48
The Postfix version is ok. I suggest that you compare all your configuration files with the files in the tutorial, especially /etc/pam.d/smtp.

mattg
14th January 2006, 12:40
Had another look and couldn't find any differences. Deleted /etc/pam.d/smtp and re-copied the text from the tutorial into a new file, but still no luck. I've purged the whole lot now and will see if I have any luck third time around. Thanks for the advice anyway! :)

mattg
14th January 2006, 18:34
I started again and got up to the end of page 2 but found the same problem. However at the beginning, i had trouble with mysql. The stadard mysql-server would not start:

Starting MySQL database server: mysqld...failed.
Please take a look at the syslog.
/usr/bin/mysqladmin: connect to server at 'localhost' failed
error: 'Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)'
Check that mysqld is running and that the socket: '/var/run/mysqld/mysqld.sock' exists!

so i installed mysql-common-4.1 and mysql-server-4.1 instead. Could this be the trouble? do i need to run everything again from the start with mysql-server-4.1 and mysql-client-4.1 in the apt-get command instead in order for the pam stuff to be configured correctly?

till
14th January 2006, 22:59
I started again and got up to the end of page 2 but found the same problem. However at the beginning, i had trouble with mysql. The stadard mysql-server would not start:

Starting MySQL database server: mysqld...failed.
Please take a look at the syslog.
/usr/bin/mysqladmin: connect to server at 'localhost' failed
error: 'Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)'
Check that mysqld is running and that the socket: '/var/run/mysqld/mysqld.sock' exists!

so i installed mysql-common-4.1 and mysql-server-4.1 instead. Could this be the trouble? do i need to run everything again from the start with mysql-server-4.1 and mysql-client-4.1 in the apt-get command instead in order for the pam stuff to be configured correctly?


Its not a good idea to install other packages then the ones mentioned in the howtos. Its better to try to find the errors instead. Did you get any errors in the mysql error log?

falko
15th January 2006, 18:45
Please post the output of netstat -tap and also the content of /etc/hosts.

mattg
15th January 2006, 21:52
OK, I've now messed about with mysql so that it is the right version. Seems i was getting that error because i hadn't purged the database structure when i downgraded, so i did that and rebuilt the necessary tables as per the tutorial and mysql is now running.

root@inauraa1:~# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:imaps *:* LISTEN 9048/couriertcpd
tcp 0 0 *:pop3s *:* LISTEN 9069/couriertcpd
tcp 0 0 localhost:10024 *:* LISTEN 11260/amavisd (mast
tcp 0 0 localhost:mysql *:* LISTEN 8857/mysqld
tcp 0 0 *:pop3 *:* LISTEN 9056/couriertcpd
tcp 0 0 *:imap2 *:* LISTEN 9035/couriertcpd
tcp 0 0 *:sunrpc *:* LISTEN 11419/portmap
tcp 0 0 *:www *:* LISTEN 5069/apache2
tcp 0 0 *:ssh *:* LISTEN 1080/sshd
tcp 0 0 inauraa1.miniserve:9111 *:* LISTEN 1108/php4
tcp 0 0 *:postgresql *:* LISTEN 2145/postmaster
tcp 0 0 *:smtp *:* LISTEN 1229/master
tcp 0 0 *:12121 *:* LISTEN 20281/perl
tcp 0 0 *:https *:* LISTEN 5069/apache2
tcp 0 0 inauraa1.miniserve:9111 webcache-01.swgfl:48699 CLOSE_WAIT 1108/php4
tcp 0 0 inauraa1.miniserver:ssh host-84-9-130-65.b:1199 ESTABLISHED6972/0
tcp 0 0 inauraa1.miniserve:9111 host-84-9-129-229.:3239 CLOSE_WAIT 1108/php4
tcp 0 0 inauraa1.miniserve:9111 88-108-81-10.dynam:1395 CLOSE_WAIT 1108/php4
tcp 0 0 inauraa1.miniserve:9111 88-108-81-10.dynam:1396 CLOSE_WAIT 1108/php4
tcp 0 0 inauraa1.miniserve:9111 host-84-9-129-229.:3244 CLOSE_WAIT 1108/php4
tcp 0 0 inauraa1.miniserve:9111 webcache-16.swgfl:56470 CLOSE_WAIT 1108/php4
tcp 0 0 inauraa1.miniserve:9111 webcache-20.swgfl:50075 CLOSE_WAIT 1108/php4

/etc/hosts
127.0.0.1 localhost localhost.localdomain

# The following lines are desirable for IPv6 capable hosts
# (added automatically by netbase upgrade)

::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

(I added localhost.localdomain after reading a thread that suggested doing this in response to this problem (i think on this site) but that alone didn't work.) Anyway, now, the SASL issue appears to be gone and the logs no longer say that this is happening, but instead, I'm getting a 'relay access denied' error:

Jan 15 20:15:09 inauraa1 courierpop3login: LOGIN, user=matt at myday.to, ip=[::ffff:84.9.130.65]
Jan 15 20:15:10 inauraa1 courierpop3login: LOGOUT, user=matt at myday.to, ip=[::ffff:84.9.130.65], top=0, retr=0, time=1
Jan 15 20:15:32 inauraa1 postfix/smtpd[9078]: connect from host-84-9-130-65.bulldogdsl.com[84.9.130.65]
Jan 15 20:15:38 inauraa1 postfix/smtpd[9078]: NOQUEUE: reject: RCPT from host-84-9-130-65.bulldogdsl.com[84.9.130.65]: 554 <matt at inaura.net>: Relay access denied; from=<matt at myday.to> to=<matt at inaura.net> proto=ESMTP helo=<[127.0.0.1]>
Jan 15 20:15:38 inauraa1 postfix/smtpd[9078]: disconnect from host-84-9-130-65.bulldogdsl.com[84.9.130.65]
Jan 15 20:24:55 inauraa1 courierpop3login: Connection, ip=[::ffff:84.9.130.65]
Jan 15 20:24:55 inauraa1 courierpop3login: LOGIN, user=matt at myday.to, ip=[::ffff:84.9.130.65]
Jan 15 20:24:55 inauraa1 courierpop3login: LOGOUT, user=matt at myday.to, ip=[::ffff:84.9.130.65], top=0, retr=0, time=0
Jan 15 20:25:10 inauraa1 postfix/smtpd[9124]: connect from host-84-9-130-65.bulldogdsl.com[84.9.130.65]
Jan 15 20:25:11 inauraa1 postfix/smtpd[9124]: NOQUEUE: reject: RCPT from host-84-9-130-65.bulldogdsl.com[84.9.130.65]: 554 <upmytree at gmail.com>: Relay access denied; from=<matt at myday.to> to=<upmytree at gmail.com> proto=ESMTP helo=<[127.0.0.1]>
Jan 15 20:25:11 inauraa1 postfix/smtpd[9124]: disconnect from host-84-9-130-65.bulldogdsl.com[84.9.130.65]

the the mysql tables currently have only two entries: myday.to in domains and matt at myday.to in users.


here is main.cf:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

myhostname = mail.myday.to
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = mail.myday.to, localhost, localhost.localdomain
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
virtual_alias_domains =
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /home/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
transport_maps = mysql:/etc/postfix/mysql-virtual_transports.cf
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = "The user you are trying to reach is over quota."
virtual_overquota_bounce = yes
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps

Thanks for continuing assistance. Much appreciated.

Matt

edit: removed @ to stop spam bots

till
15th January 2006, 23:21
I guess you mixed something up. Did you use the virtual mysql howto together with ISPConfig? ISPConfig does not support postfix + mySQL.

The postfix main.cf is completely incompatible with ISPConfig, you will have to use one of the perfect setup howtos listed on the ISPConfig documentation page:

http://www.ispconfig.org/documentation.htm

mattg
16th January 2006, 00:19
P.S.
auth.log says this:

Jan 15 23:17:35 inauraa1 postfix/smtpd[10386]: sql_select option missing
Jan 15 23:17:35 inauraa1 postfix/smtpd[10386]: auxpropfunc error no mechanism available
Jan 15 23:17:35 inauraa1 postfix/smtpd[10386]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

mattg
16th January 2006, 00:26
I'm not using ISPConfig. should I be? I use webmin for some things as the ISP supplied it. There's a limit to how far i can follow the perfect setup tutorial as I'm administering a remote miniserver and can't reinstall from scratch. Can you recommend a way to get the server to that state using SSH so i can start from scratch?

falko
16th January 2006, 09:28
I'm not using ISPConfig. should I be?

We were thinking this because you posted this in the ISPConfig Installation/Configuration forum and therefore led us on the completely wrong track... I'll move it to the normal Installation/Configuration forum now.

I use webmin for some things as the ISP supplied it. There's a limit to how far i can follow the perfect setup tutorial as I'm administering a remote miniserver and can't reinstall from scratch. Can you recommend a way to get the server to that state using SSH so i can start from scratch?
Ok, you're using this tutorial: http://www.howtoforge.com/virtual_postfix_mysql_quota_courier
I suggest you compare all the configuration files from the tutorial with your own ones, I guess there's a typo or something like that in one of them.
Also have a look here:
http://www.howtoforge.com/forums/showthread.php?t=2011
http://www.howtoforge.com/forums/showthread.php?t=861

mattg
16th January 2006, 14:25
OK, I've checked the files again using vi on an FC4 box and found a couple of ^M characters at the end of lines, which I've removed. still no luck though. testsaslauthd -u <account> -p <password> gives me this :

connect() : No such file or directory

ps waux | grep saslauthd gives me:

root 12237 0.0 0.2 1616 464 pts/0 S+ 13:12 0:00 grep saslauthd

I don't think saslauthd is running properly, but not sure how to get it going again. saslauthd start gives me this:

saslauthd start
saslauthd[12238] :main : no authentication mechanism specified
usage: saslauthd [options]

option information:
-a <authmech> Selects the authentication mechanism to use.
-c Enable credential caching.
-d Debugging (don't detach from tty, implies -V)
-r Combine the realm with the login before passing to authentication mechanism
Ex. login: "foo" realm: "bar" will get passed as login: "foo@bar"
The realm name is passed untouched.
-O <option> Optional argument to pass to the authentication
mechanism.
-l Disable accept() locking. Increases performance, but
may not be compatible with some operating systems.
-m <path> Alternate path for the saslauthd working directory,
must be absolute.
-n <procs> Number of worker processes to create.
-s <kilobytes> Size of the credential cache (in kilobytes)
-t <seconds> Timeout for items in the credential cache (in seconds)
-v Display version information and available mechs
-V Enable verbose logging
-h Display this message.

saslauthd 2.1.19
authentication mechanisms: sasldb getpwent kerberos4 kerberos5 pam rimap shadow ldap

seems not possible to restart it

mattg
16th January 2006, 18:09
Also, I tried the instructions in the threads you mentioned, but no luck - my pam.d/smtp file is exactly as it should be. I found a load more of the ^M characters in all of the mysql-virtual* files after the passwords and stuff and got rid of them, but still the same error except now with this added:

inauraa1 postfix/smtpd[17805]: sql_select option missing
Jan 16 16:56:47 inauraa1 postfix/smtpd[17805]: auxpropfunc error no mechanism available
Jan 16 16:56:47 inauraa1 postfix/smtpd[17805]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql
Jan 16 16:58:34 inauraa1 saslauthd[17721]: (pam_unix) check pass; user unknown
Jan 16 16:58:35 inauraa1 saslauthd[17721]: (pam_unix) authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=
Jan 16 16:58:37 inauraa1 saslauthd[17721]: DEBUG: auth_pam: pam_authenticate failed: User not known to the underlying authentication module
Jan 16 16:58:37 inauraa1 saslauthd[17721]: do_auth : auth failure: [user=matt at myday.to] [service=imap] [realm=] [mech=pam] [reason=PAM auth error]

falko
16th January 2006, 19:00
You're using Fedora Core 4, but the tutorial was written for Debian Sarge.
The problem is that some of the paths differ on FC4. You could run updatedb and then use locate <file> to find out where the searched file is on FC4.

KCPoole
5th April 2006, 07:29
The Postfix version is ok. I suggest that you compare all your configuration files with the files in the tutorial, especially /etc/pam.d/smtp.


After looking at the posts here to find out why mine does not work I have found I am Missing /etc/pam.d/smtp completely :-)

I am following the howto "The Perfect Setup - Debian Sarge (3.1)" an have built the box from scratch I have been able to log in with an IMAP Client, but cannot send email

Where can i get this file, or what is in it so I can create it anew?

Thanks

KenP

falko
5th April 2006, 23:53
You can copy the file from the tutorial: http://www.howtoforge.com/virtual_postfix_mysql_quota_courier_p2

Odysseus
7th April 2006, 14:43
I experiance the same problems: Mails can bei read and be sent to the server, but they can't be sent from my Computer and my Outlook program to the server; the authentification will fail.

I set up a completely new server with Debian 3.1 and after setup I immediately started with the "Perfect Debian Sarge Setup" by Falko. Also, I installed ISPconfig.

This is my main.cf:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

myhostname = titania.kriegshammer.info
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
#mydestination = titania.kriegshammer.info, localhost.kriegshammer.info, localhost
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject _unauth_destination
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

virtual_maps = hash:/etc/postfix/virtusertable

mydestination = /etc/postfix/local-host-names


This is my /etc/default/saslauthd:

# This needs to be uncommented before saslauthd will be run automatically
START=yes

PARAMS="-m /var/spool/postfix/var/run/saslauthd -r"

# You must specify the authentication mechanisms you wish to use.
# This defaults to "pam" for PAM support, but may also include
# "shadow" or "sasldb", like this:
# MECHANISMS="pam shadow"

MECHANISMS="pam"


/etc/init.d/saslauthd restart --> it says, the sasl demon is not running:
Stopping SASL Authentication Daemon: (not running).
Starting SASL Authentication Daemon: (failed).


But ps aux | grep sasl --> it says, that saslauth IS running:

titania:/etc/postfix# ps aux | grep sasl
root 2073 0.0 0.1 34900 2396 ? Ss Apr06 0:00 /usr/sbin/saslauthd -m /var/spool/postfix/var/run/saslauthd -r -a pam
root 2074 0.0 0.1 34900 2392 ? S Apr06 0:00 /usr/sbin/saslauthd -m /var/spool/postfix/var/run/saslauthd -r -a pam
root 2075 0.0 0.1 34900 2396 ? S Apr06 0:00 /usr/sbin/saslauthd -m /var/spool/postfix/var/run/saslauthd -r -a pam
root 2076 0.0 0.1 34900 2396 ? S Apr06 0:00 /usr/sbin/saslauthd -m /var/spool/postfix/var/run/saslauthd -r -a pam
root 2078 0.0 0.1 34900 2416 ? S Apr06 0:00 /usr/sbin/saslauthd -m /var/spool/postfix/var/run/saslauthd -r -a pam
root 29646 0.0 0.0 2900 608 pts/0 R+ 14:36 0:00 grep sasl
titania:/etc/postfix#

So, I guess, that sasld dows not work properly.
Also, there is no /etc/pam.d/smpt included in the "perfect debian 3.1 setup guide"... you can't simply copy the one from the other tutorial, because it uses mysql auth, and this one doesn't.

I have no clue how to solve this ... :confused:
Maybe it would be good to use shadow instead of pam, but I don't know how to do this...

Can you help us with this issue please, falko? :)

falko
7th April 2006, 19:22
So I guess you're talking about the Debian Sarge "Perfect Setup" and not about virtual hosting with Postfix and MySQL (that's what the other guy had problems with)? Both tutorials handle mail totally different and are not comaptible with each other!

What's in your mail log when you try to send a mail from Outlook? Did you enable "Server requires authentication." in your email client?