SMTP Auth not working

[newz2000]

Hello, I'm having a problem with smtp auth. I'm not able to use it. I'm using the perfect setup for Ubuntu 6.06 (Dapper).

When I telnet to my host on port 25 and do EHLO I see that AUTH LOGIN and PLAIN are supported but when I try to use it I continually get an error that the password is wrong. I've tried with and without TLS, no change.

There's a very good chance I don't know how to use this. I'm using the same login information that I use for pop3. Do I instead need to use a different format such as username@domain.com, and if so what should domain.com be? (I've tried a few things without success)

Should failed logins be logged somewhere? If so, where should I look? Any help is appreciated.

I've confirmed that saslauthd is running. Here's what it says:

Code:

# This needs to be uncommented before saslauthd will be run automatically
START=yes

PARAMS="-m /var/spool/postfix/var/run/saslauthd -r"

# You must specify the authentication mechanisms you wish to use.
# This defaults to "pam" for PAM support, but may also include
# "shadow" or "sasldb", like this:
# MECHANISMS="pam shadow"

MECHANISMS="pam"

postconf -n says:

Code:

postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
inet_interfaces = all
inet_protocols = ipv4
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
mydestination = /etc/postfix/local-host-names
myhostname = mydomain.net
mynetworks = 127.0.0.0/8 192.168.99.0/24
myorigin = /etc/mailname
recipient_delimiter = +
relayhost = 
smtp_tls_note_starttls_offer = yes
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = 
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom

[till]

Please restart postfix. then look at the end of the file /var/log/mail.log and see if there are any errors.

[newz2000]

No errors unfortunately. :-(

When I restart these show up in the logs:

Code:

Apr  7 21:51:15 hosting postfix/master[30554]: terminating on signal 15
Apr  7 21:51:16 hosting postfix/master[30857]: daemon started -- version 2.2.10, configuration /etc/postfix

Immediately afterwards I simply see normal log messages. When I try to login I get a message like this in the log:

Code:

Apr  7 21:55:00 hosting postfix/smtpd[31067]: warning: hostname[75.170.xxx.xxx]: SASL LOGIN authentication failed

[falko]

What's in /etc/init.d/saslauthd and /etc/postfix/sasl/smtpd.conf?

[newz2000]

Thanks for helping, here are the two files:

Code:

cat /etc/postfix/sasl/smtpd.conf 
pwcheck_method: saslauthd
mech_list: plain login

Code:

cat /etc/init.d/saslauthd 
#!/bin/sh -e

NAME=saslauthd
DAEMON="/usr/sbin/${NAME}"
DESC="SASL Authentication Daemon"
DEFAULTS=/etc/default/saslauthd
PWDIR=/var/run/saslauthd
PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"

createdir() {
# $1 = user
# $2 = group
# $3 = permissions (octal)
# $4 = path to directory
        [ -d "$4" ] || mkdir -p "$4"
        chown -c -h "$1:$2" "$4"
        chmod -c "$3" "$4"
}

test -f "${DAEMON}" || exit 0

# Source defaults file; edit that file to configure this script.
if [ -e "${DEFAULTS}" ]; then
    . "${DEFAULTS}"
fi

# If we're not to start the daemon, simply exit
if [ "${START}" != "yes" ]; then
    exit 0
fi

# If we have no mechanisms defined
if [ "x${MECHANISMS}" = "x" ]; then
    echo "You need to configure ${DEFAULTS} with mechanisms to be used"
    exit 0
fi

# Add our mechanimsms with the necessary flag
PARAMS="${PARAMS} -a ${MECHANISMS}"

START="--start --quiet --pidfile ${PIDFILE} --startas ${DAEMON} --name ${NAME} -- ${PARAMS}"

# Consider our options
case "${1}" in
  start)
        echo -n "Starting ${DESC}: "
	dir=`dpkg-statoverride --list $PWDIR`
	test -z "$dir" || createdir $dir
	if start-stop-daemon ${START} >/dev/null 2>&1 ; then
		echo "${NAME}."
	else
		if start-stop-daemon --test ${START} >/dev/null 2>&1; then
			echo "(failed)."
			exit 1
		else
			echo "${DAEMON} already running."
			exit 0
		fi
	fi
        ;;
  stop)
        echo -n "Stopping ${DESC}: "
        if start-stop-daemon --stop --quiet --pidfile "${PIDFILE}" \
		--startas ${DAEMON} --retry 10 --name ${NAME} \
		>/dev/null 2>&1 ; then
			echo "${NAME}."
	else
		if start-stop-daemon --test ${START} >/dev/null 2>&1; then
			echo "(not running)."
			exit 0
		else
			echo "(failed)."
			exit 1
		fi
	fi
        ;;
  restart|force-reload)
  	$0 stop
	exec $0 start
        ;;
  *)
        echo "Usage: /etc/init.d/${NAME} {start|stop|restart|force-reload}" >&2
        exit 1
        ;;
esac

exit 0

[falko]

Please run

Code:

postconf -e 'smtpd_sasl_local_domain ='
postconf -e 'smtpd_sasl_auth_enable = yes'
postconf -e 'smtpd_sasl_security_options = noanonymous'
postconf -e 'broken_sasl_auth_clients = yes'
/etc/init.d/postfix restart

and try again.

[newz2000]

it works! thanks.

Can you explain to me what we did here?

[falko]

I guess you're using Outlook or Outlook Express. There's a bug in these programs, therefore we need

Code:

broken_sasl_auth_clients = yes

in the main.cf.

[newz2000]

Actually I was testing with Evolution 2.22.1 (From Ubuntu Hardy). Maybe the list of broken imap clients is a bit bigger than expected. But either way, it makes sense to do anything necessary to allow Outlook and OE to work since so many people use them. Thanks again.

[wuptydu]

I tried the same changes as above and no help.

No errors when restarting postfix.