View Single Post
Old 18th December 2009, 02:50
keyslapper keyslapper is offline
Junior Member
Join Date: Dec 2009
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Default Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (Ubuntu 9.10)

Hello Ubuntu Nation ...

I used the "Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (Ubuntu 9.10)" HowTo to try to correct my postfix config when it suddenly stopped working. Now, I'm not doing virtual users or quotas, but everything else is in there. Here's the rundown of where things stand:

What does work:
Incoming mail to my users is handled properly
Reading IMAP mail, either through Squirrelmail or an external client works
Sending mail out through Squirrelmail works

Note that Courier-IMAP is configured to authenticate through the MySQL DB, as is Apache for some directories.

What does not work:
Sending email through external clients times out on the connection attempt. This is configured (badly, it would seem) to authenticate to the same mysql database as Courier and Apache via saslauthd and the pam_mysql plugin.

Note that I did have this working at one time. Unfortunately, an upgrade made it go wrong (I think), and since I couldn't see the problem (I seem to have been kept in the cache longer than any of the other users) I've been sitting on this for some time.

Here's my
soft_bounce = no
biff = yesappend_dot_mydomain = yes
readme_directory = /usr/share/doc/postfix
data_directory = /var/lib/postfix
mydomain =
myhostname =
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination =,,
local_recipient_maps = unix:passwd.byname $alias_maps
relay_domains = $mydestination
relayhost = 
mynetworks_style = subnet
mynetworks = [::ffff:]/104 [::1]/128
mailbox_size_limit = 1000000000
recipient_delimiter = +
inet_interfaces = all
unknown_local_recipient_reject_code = 550
unknown_address_reject_code = 554
unknown_hostname_reject_code = 554
unknown_client_reject_code = 554
home_mailbox = .Maildir/
disable_vrfy_command = yes
strict_rfc821_envelopes = yes
mailbox_command = /usr/bin/procmail -a "$EXTENSION"
header_checks = regexp:/etc/postfix/header_checks
smtpd_helo_required = yes
smtpd_sender_restrictions =    permit_mynetworks,
smtpd_recipient_restrictions =  permit_mynetworks,
tls_random_source = dev:/dev/urandom
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_tls_key_file = /etc/ssl/courier-imap/
smtpd_tls_cert_file = /etc/ssl/courier-imap/
smtpd_tls_CAfile = /etc/ssl/courier-imap/cert.crt
smtpd_tls_loglevel = 3
smtp_use_tls = yes
smtp_tls_loglevel = 3
smtp_tls_note_starttls_offer = yes
smtpd_sasl_type = cyrus
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
broken_sasl_auth_clients = yes
smtpd_sasl_path = smtpd
smtpd_sasl_authenticated_header = yes
smtpd_sasl_security_options = noanonymous
html_directory = /usr/share/doc/postfix/html
And my /usr/lib/sasl2/smtpd.conf:
pwcheck_method: saslauthd
mech_list: plain login cram-md5 digest-md5
allow_plaintext: true
auxprop_plugin: mysql
sql_user: mailuser
sql_passwd: mypasswd
sql_database: passwords
sql_select: select clear from passwd where id = '%u'
This is symlinked to /etc/postfix/sasl/smtpd.conf

I know the relayhost is empty. This is intentional, and does not seem to be causing issues with mail sent via Squirrelmail.

The problem is that when trying to connect to postfix with a mail client like Thunderbird, Apple Mail, Outlook, etc. the connection times out. Same with telnetting in to port 25. I have verified that port 25 is open in the firewall and that the port is listening. When trying to connect, I can even see the SYN_RECV state on the server, but nothing whatsoever shows in any of the logfiles.

When I telnet in to port 25 from the server, I see this:
# telnet localhost 25
Connected to localhost.
Escape character is '^]'.
220 ESMTP Postfix
ehlo localhost
250-SIZE 10240000
250 DSN
When I telnet in from an outside host, I get a timeout. I wouldn't be so confused if I weren't getting the SYN_RECV on the host. I'm pretty much reaching the end of my rope with this, so any suggestions on how to resolve this would be greatly appreciated.
Reply With Quote
Sponsored Links