Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 26th September 2010, 15:57
donix donix is offline
Junior Member
 
Join Date: Sep 2009
Posts: 28
Thanks: 1
Thanked 1 Time in 1 Post
Default SASL authentication failure

Hello,

I'm running a ISPConfig 3 server on xen debian lenny. Everything works perfect except sending emails remotely from eg. Thunderbird. I'm using the same login details as for imap. However authhentication fails.

Post of /var/log/mail.log:
Code:
Sep 26 14:42:02 xtra postfix/smtpd[7230]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 26 14:42:02 xtra postfix/smtpd[7230]: warning: SASL authentication failure: Password verification failed
Sep 26 14:42:02 xtra postfix/smtpd[7230]: warning: xx.rev.stofanet.dk[xx]: SASL PLAIN authentication failed: generic failure
Sep 26 14:42:02 xtra postfix/smtpd[7230]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 26 14:42:02 xtra postfix/smtpd[7230]: warning: xx.rev.stofanet.dk[xx]: SASL LOGIN authentication failed: generic failure
I think the problem is similar to http://www.howtoforge.com/forums/showthread.php?t=8242 but the softlink solution mentioned doesn't do any difference.
Reply With Quote
Sponsored Links
  #2  
Old 26th September 2010, 16:09
donix donix is offline
Junior Member
 
Join Date: Sep 2009
Posts: 28
Thanks: 1
Thanked 1 Time in 1 Post
Default

Output of "ps aux|grep sasl":
Code:
root      7096  0.0  0.1  53036   896 ?        Ss   14:35   0:00 /usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/var/run/saslauthd -r -n 5
root      7097  0.0  0.1  53036   628 ?        S    14:35   0:00 /usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/var/run/saslauthd -r -n 5
root      7099  0.0  0.0  53036   512 ?        S    14:35   0:00 /usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/var/run/saslauthd -r -n 5
root      7100  0.0  0.0  53036   512 ?        S    14:35   0:00 /usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/var/run/saslauthd -r -n 5
root      7101  0.0  0.0  53036   512 ?        S    14:35   0:00 /usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/var/run/saslauthd -r -n 5
root      7440  0.0  0.1   5600   712 pts/0    S+   14:58   0:00 grep sasl
Output of "cat /etc/default/saslauthd":
Code:
#
# Settings for saslauthd daemon
# Please read /usr/share/doc/sasl2-bin/README.Debian for details.
#

# Should saslauthd run automatically on startup? (default: no)
START=yes

# Description of this saslauthd instance. Recommended.
# (suggestion: SASL Authentication Daemon)
DESC="SASL Authentication Daemon"

# Short name of this saslauthd instance. Strongly recommended.
# (suggestion: saslauthd)
NAME="saslauthd"

# Which authentication mechanisms should saslauthd use? (default: pam)
#
# Available options in this Debian package:
# getpwent  -- use the getpwent() library function
# kerberos5 -- use Kerberos 5
# pam       -- use PAM
# rimap     -- use a remote IMAP server
# shadow    -- use the local shadow password file
# sasldb    -- use the local sasldb database file
# ldap      -- use LDAP (configuration is in /etc/saslauthd.conf)
#
# Only one option may be used at a time. See the saslauthd man page
# for more information.
#
# Example: MECHANISMS="pam"
MECHANISMS="pam"

# Additional options for this mechanism. (default: none)
# See the saslauthd man page for information about mech-specific options.
MECH_OPTIONS=""

# How many saslauthd processes should we run? (default: 5)
# A value of 0 will fork a new process for each connection.
THREADS=5

# Other options (default: -c -m /var/run/saslauthd)
# Note: You MUST specify the -m option or saslauthd won't run!
#
# WARNING: DO NOT SPECIFY THE -d OPTION.
# The -d option will cause saslauthd to run in the foreground instead of as
# a daemon. This will PREVENT YOUR SYSTEM FROM BOOTING PROPERLY. If you wish
# to run saslauthd in debug mode, please run it by hand to be safe.
#
# See /usr/share/doc/sasl2-bin/README.Debian for Debian-specific information.
# See the saslauthd man page and the output of 'saslauthd -h' for general
# information about these options.
#
# Example for postfix users: "-c -m /var/spool/postfix/var/run/saslauthd"
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"
Content of "/etc/init.d/saslauthd":
Code:
#! /bin/sh
### BEGIN INIT INFO
# Provides:          saslauthd
# Required-Start:    $local_fs $remote_fs
# Required-Stop:     $local_fs $remote_fs
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: saslauthd startup script
# Description:       This script starts the saslauthd daemon. It is
#                    configured using the file /etc/default/saslauthd.
### END INIT INFO

# Author: Fabian Fagerholm <fabbe@debian.org>

# Do NOT "set -e"

# PATH should only include /usr/* if it runs after the mountnfs.sh script
PATH=/sbin:/usr/sbin:/bin:/usr/bin

# Global variables
DAEMON=/usr/sbin/saslauthd
DEFAULT_FILES=`find /etc/default -regex '/etc/default/saslauthd[_a-zA-Z0-9\-]*$' -print | sort`

# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0

# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh

# Define LSB log_* functions.
# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
. /lib/lsb/init-functions

# Function that starts all saslauthd instances
# Parameters: none
# Return value: none
do_startall()
{
    for instance in $DEFAULT_FILES
    do
        start_instance $instance
    done
}

# Function that stops all saslauthd instances
# Parameters: none
# Return value: none
do_stopall()
{
    for instance in $DEFAULT_FILES
    do
        stop_instance $instance
    done
}

# Function that sends a SIGHUP to all saslauthd instances
# Parameters: none
# Return value: none
do_reloadall()
{
    for instance in $DEFAULT_FILES
    do
        reload_instance $instance
    done
}

# Function that starts a single saslauthd instance
# Parameters:
#    $1 = path of default file for this instance
# Return value:
#    0 on success (does not mean the instance started)
#    1 on failure
start_instance()
{
    # Load defaults file for this instance.
    . $1

    # If the daemon is not enabled, give the user a warning and stop.
    if [ "$START" != "yes" ]; then
        log_warning_msg "To enable $NAME, edit $1 and set START=yes"
        return 0
    fi

    # If the short name of this instance is undefined, warn the user
    # but choose a default name.
    if [ -z "$NAME" ]; then
        log_warning_msg "Short name (NAME) undefined in $1, using default"
        NAME=default
    fi

    log_daemon_msg "Starting $DESC" "$NAME"

    # Determine run directory and pid file location by looking
    # for an -m option.
    RUN_DIR=`echo "$OPTIONS" | xargs -n 1 echo | sed -n '/^-m$/{n;p}'`
    if [ -z "$RUN_DIR" ]; then
        # No run directory defined in defaults file, fail.
        log_failure_msg "No run directory defined for $NAME, not starting"
        return 1
    fi
    PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"

    # If no mechanisms are defined, fail.
    if [ -z "$MECHANISMS" ]; then
        log_failure_msg "No mechanisms defined in $1, not starting $NAME"
        return 1
    fi

    # If there are mechanism options defined, prepare them for use with
    # the -O flag.
    if [ -n "$MECH_OPTIONS" ]; then
        MECH_OPTIONS="-O $MECH_OPTIONS"
    fi

    # If there is a threads option defined, prepare it for use with
    # the -n flag.
    if [ -n "$THREADS" ]; then
        THREAD_OPTIONS="-n $THREADS"
    fi

    # Construct argument string.
    DAEMON_ARGS="-a $MECHANISMS $MECH_OPTIONS $OPTIONS $THREAD_OPTIONS"

    # If there is a statoverride for the run directory, then pull
    # permission and ownership information from it and create the directory.
    # Otherwise, we create the directory with default permissions and
    # ownership (root:sasl, 710).
    if dpkg-statoverride --list $RUN_DIR > /dev/null; then
        createdir `dpkg-statoverride --list $RUN_DIR`
    else
        createdir root sasl 710 $RUN_DIR
    fi

    # Start the daemon, phase 1: see if it is already running.
    start-stop-daemon --start --quiet --pidfile $PIDFILE --name $NAME \
        --exec $DAEMON --test > /dev/null
    if [ "$?" != 0 ]; then
        log_progress_msg "(already running)"
        log_end_msg 0
        return 0
    fi

    # Start the daemon, phase 2: it was not running, so actually start it now.
    start-stop-daemon --start --quiet --pidfile $PIDFILE --name $NAME \
        --exec $DAEMON -- $DAEMON_ARGS
    if [ "$?" -ne 0 ]; then
        log_end_msg 1
        return 1
    fi

    # Started successfully.
    log_end_msg 0
    return 0
}

# Function that stops a single saslauthd instance
# Parameters:
#    $1 = path of default file for this instance
# Return value:
#    0 on success (daemon was stopped)
#    1 if the daemon was already stopped
#    2 if the daemon could not be stopped
stop_instance()
{
    # Load defaults file for this instance.
    . $1

    # If the short name of this instance is undefined, warn the user
    # but choose a default name.
    if [ -z "$NAME" ]; then
        log_warning_msg "Short name (NAME) undefined in $1, using default"
        NAME=default
    fi

    # Determine run directory and pid file location by looking
    # for an -m option.
    RUN_DIR=`echo "$OPTIONS" | xargs -n 1 echo | sed -n '/^-m$/{n;p}'`
    if [ -z "$RUN_DIR" ]; then
        # No run directory defined in defaults file, fail.
        log_failure_msg "No run directory defined for $NAME, cannot stop"
        return 2
    fi
    PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"

    log_daemon_msg "Stopping $DESC" "$NAME"

    start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 \
        --pidfile $PIDFILE --exec $DAEMON

    if [ "$?" -eq 2 ]; then
        # Failed to stop.
        log_end_msg 1
        return 2
    fi

    if [ "$?" -eq 1 ]; then
        # Already stopped.
        log_progress_msg "(not running)"
    fi

    # Many daemons don't delete their pidfiles when they exit.
    rm -f $PIDFILE

    # Stopped successfully.
    log_end_msg 0
    return $RETVAL
}

# Function that sends a SIGHUP to a single saslauthd instance
# Parameters:
#    $1 = path of default file for this instance
# Return value:
#    0 on success (does not mean the daemon was reloaded)
#    other values on failure
reload_instance()
{
    # Load defaults file for this instance.
    . $1

    # If the short name of this instance is undefined, warn the user
    # but choose a default name.
    if [ -z "$NAME" ]; then
        log_warning_msg "Short name (NAME) undefined in $1, using default"
        NAME=default
    fi

    # Determine run directory and pid file location by looking
    # for an -m option.
    RUN_DIR=`echo "$OPTIONS" | xargs -n 1 echo | sed -n '/^-m$/{n;p}'`
    if [ -z "$RUN_DIR" ]; then
        # No run directory defined in defaults file, fail.
        log_failure_msg "No run directory defined for $NAME, cannot reload"
        return 2
    fi
    PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"

    log_daemon_msg "Reloading $DESC" "$NAME"

    # Reload the daemon. First, see if it is already running.
    start-stop-daemon --start --quiet --pidfile $PIDFILE \
        --exec $DAEMON --test > /dev/null

    if [ "$?" -eq 0 ]; then
        # Not running, signal this and stop.
        log_progress_msg "(not running)"
        log_end_msg 0
        return 0
    fi

    start-stop-daemon --stop --signal 1 \
        --pidfile $PIDFILE --exec $DAEMON
    log_end_msg $?
}

# Function that creates a directory with the specified
# ownership and permissions
# Parameters:
#    $1 = user
#    $2 = group
#    $3 = permissions (octal)
#    $4 = path to directory
# Return value: none
createdir()
{
    # In the future, use -P/-Z to have SE Linux enhancement
    install -d --group="$2" --mode="$3" --owner="$1" "$4"
}

# Action switch
case "$1" in
    start)
        do_startall
        ;;
    stop)
        do_stopall
        ;;
    reload|force-reload)
        do_reloadall
        ;;
    restart)
        do_stopall
        do_startall
        ;;
    start-instance)
        if [ -f /etc/default/$2 ]; then
            start_instance /etc/default/$2
        else
            log_failure_msg "Instance $2 does not exist."
        fi
        ;;
    stop-instance)
        if [ -f /etc/default/$2 ]; then
            stop_instance /etc/default/$2
        else
            log_failure_msg "Instance $2 does not exist."
        fi
        ;;
    reload-instance|force-reload-instance)
        if [ -f /etc/default/$2 ]; then
            reload_instance /etc/default/$2
        else
            log_failure_msg "Instance $2 does not exist."
        fi
        ;;
    restart-instance)
        if [ -f /etc/default/$2 ]; then
            stop_instance /etc/default/$2
            start_instance /etc/default/$2
        else
            log_failure_msg "Instance $2 does not exist."
        fi
        ;;
    *)
        SCRIPTNAME=$0
        echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
        echo "       or {start-instance|stop-instance|restart-instance|" >&2
        echo "          reload-instance|force-reload-instance} " \
             "<instance name>" >&2
        exit 3
        ;;
esac

:
Output of "ls -la /var/spool/postfix/var/run":
Code:
total 12
drwxr-xr-x 3 root root 4096 2010-09-17 18:46 .
drwxr-xr-x 3 root root 4096 2010-09-17 18:46 ..
drwx--x--- 2 root sasl 4096 2010-09-26 14:35 saslauthd
Output of "/etc/init.d/saslauthd start":
Code:
Starting SASL Authentication Daemon: saslauthd (already running)
Reply With Quote
  #3  
Old 26th September 2010, 16:17
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 37,015
Thanks: 840
Thanked 5,651 Times in 4,461 Posts
Default

Which tutorial did you use to install the server?
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #4  
Old 26th September 2010, 16:34
donix donix is offline
Junior Member
 
Join Date: Sep 2009
Posts: 28
Thanks: 1
Thanked 1 Time in 1 Post
Default

This one: http://www.howtoforge.com/perfect-se...nny-ispconfig3
Reply With Quote
  #5  
Old 26th September 2010, 17:08
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 37,015
Thanks: 840
Thanked 5,651 Times in 4,461 Posts
Default

Please change the options line in /etc/default/saslauthd to:

OPTIONS="-m /var/spool/postfix/var/run/saslauthd -r"

then restart saslauth.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #6  
Old 26th September 2010, 17:19
donix donix is offline
Junior Member
 
Join Date: Sep 2009
Posts: 28
Thanks: 1
Thanked 1 Time in 1 Post
Default

Still the same
Reply With Quote
  #7  
Old 27th September 2010, 14:26
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,749 Times in 2,579 Posts
Default

Please reboot the server.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #8  
Old 27th September 2010, 17:25
donix donix is offline
Junior Member
 
Join Date: Sep 2009
Posts: 28
Thanks: 1
Thanked 1 Time in 1 Post
Default

Thanks for your reply falko. Unfortunately after rebooting it still doesn't work and I'm getting the same errormessages in mail.log
Reply With Quote
  #9  
Old 27th September 2010, 17:30
donix donix is offline
Junior Member
 
Join Date: Sep 2009
Posts: 28
Thanks: 1
Thanked 1 Time in 1 Post
Default

I forgot to tell my ISP blocks port 25 and therefore I added:

Code:
587       inet  n       -       n       -       -       smtpd
to /etc/postfix/master.cf. Does that make a difference to saslauth?
Reply With Quote
  #10  
Old 28th September 2010, 14:18
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,749 Times in 2,579 Posts
 
Default

Do you still get the same errors?

Can you post your main.cf and your master.cf?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Need some Hints to "The Perfect Server - Debian Lenny (Debian 5.0) [ISPConfig 3]" wahid HOWTO-Related Questions 10 25th August 2010 16:18
Attacks on MTA dclardy Installation/Configuration 4 29th September 2009 17:50
Random Questions dclardy General 9 4th September 2009 00:39
Mail server attack princebenin Server Operation 1 19th November 2007 15:02


All times are GMT +2. The time now is 01:13.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.