Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > HOWTO-Related Questions

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 1st April 2009, 19:23
CyD CyD is offline
Junior Member
 
Join Date: Feb 2009
Posts: 9
Thanks: 0
Thanked 3 Times in 2 Posts
Default Group-office howto, problems with remote smtp-auth [solved using Dovecot delivery]

I was really hoping I wouldn't have to post, but I think I better try before I dig myself too much deeper

Short description, I setup a mail server via the Groupware Server With Group-Office, Postfix, Dovecot And SpamAssassin On Debian Lenny (5.0) tutorial. All has been great within Group-Office, I can send/receive, so that leads me to believe the postfix/dovecot MySQL setup is good, and I can receive mail via third-party IMAP client (Evolution), but sending mail is not working from a mail client, authentication problems. Now, I do not believe this ability was included in the group-office howto, so I went to the Ubuntu postfix/sasl/etc 8.04 tutorial to fill in the blanks (I am running 8.04 LTS server). I know, this is probably not a great idea! But I'm so close.

Currently the error appearing in auth.log when using Evolution to send mail (using TLS, PLAIN auth):

Code:
Apr  1 11:54:00 mail03 postfix/smtpd[9712]: sql_select option missing
Apr  1 11:54:00 mail03 postfix/smtpd[9712]: auxpropfunc error no mechanism available 
Apr  1 11:54:00 mail03 postfix/smtpd[9712]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql
I've spent hours looking for a good reason for the 'sql_select option missing', can't seem to find one..

I've also been testing with testsaslauthd:

Code:
 testsaslauthd -u support -p *** -f /var/spool/postfix/var/run/saslauthd/mux -s smtp -r sentryblue.com
0: NO "authentication failed"
or

Code:
 testsaslauthd -u support@example.com -p *** -f /var/spool/postfix/var/run/saslauthd/mux -s smtp
0: NO "authentication failed"
auth.log:

Code:
Apr  1 11:15:06 mail03 saslauthd[9357]: DEBUG: auth_pam: pam_authenticate failed: Authentication failure
Apr  1 11:15:06 mail03 saslauthd[9357]: do_auth         : auth failure: [user=support@example.com] [service=smtp] [realm=example.com] [mech=pam] [reason=PAM auth error]
Some relevant configs I believe:

/etc/pam.d/smtp:
Code:
auth    required   pam_mysql.so user=groupoffice passwd=*** host=192.168.50.110 db=groupoffice table=pa_mailboxes usercolumn=username passwdcolumn=password crypt=1
account sufficient pam_mysql.so user=groupoffice passwd=*** host=192.168.50.110 db=groupoffice table=pa_mailboxes usercolumn=username passwdcolumn=password crypt=1
/etc/postfix/sasl/smtpd.conf

Code:
pwcheck_method: saslauthd
auxprop_plugin: mysql
mech_list: login plain
allow_plaintext: true
sql_hostnames: 192.168.50.110
sql_user: groupoffice
sql_passwd: groupoffice
sql_database: ***
sql_select: SELECT password FROM pa_mailboxes WHERE username = '%u'
/etc/postfix/main.cf:

Code:
#myorigin = /etc/mailname

myhostname = example.com

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

smtpd_sasl_auth_enable = yes
#smtpd_sasl_type = dovecot
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes

smtpd_sasl_path = /etc/postfix/sasl:/usr/lib/sasl2
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain =

# TLS parameters
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
#smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
#smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_pipelining, permit

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = example.com
mydestination = $myhostname, localhost, locahost.localdomain
#mynetworks = 127.0.0.0/8
mailbox_size_limit = 0
recipient_delimiter = +
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
message_size_limit = 52428800
virtual_mailbox_limit = 0
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:$config_directory/mysql_virtual_alias_maps.cf
virtual_mailbox_domains = proxy:mysql:$config_directory/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = proxy:mysql:$config_directory/mysql_virtual_mailbox_maps.cf
virtual_mailbox_base = /vmail
virtual_minimum_uid = 150
virtual_uid_maps = static:150
virtual_gid_maps = static:8
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = "The user you are trying to reach has exceeded their quota."
virtual_overquota_bounce = yes
transport_maps = proxy:mysql:/etc/postfix/mysql_virtual_transports.cf
relay_domains = proxy:mysql:/etc/postfix/mysql_relay_domains_maps.cf
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
smtpd_data_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_pipelining, reject_multi_recipient_bounce, permit
vacation_destination_recipient_limit = 1
/etc/postfix/master.cf:

Code:
smtp      inet  n       -       n       -       -       smtpd -v
        -o content_filter=spamassassin
spamassassin unix -     n       n       -       -       pipe
        user=spamd argv=/usr/bin/spamc -f -e
        /usr/sbin/sendmail -oi -f ${sender} ${recipient}
dovecot   unix  -       n       n       -       -       pipe
    flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/deliver -d ${recipient}
submission inet n       -       n       -       -       smtpd
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING
smtps     inet  n       -       n       -       -       smtpd
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING
#628      inet  n       -       -       -       -       qmqpd
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       -       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       -       -       -       smtp
        -o smtp_fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
vacation    unix  -       n       n       -       -       pipe
  flags=Rq user=vacation argv=/var/spool/vacation/vacation.pl -f ${sender} -- ${recipient}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -       n       n       -       2       pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}
I did make changes to master.cf that were not detailed in the Ubuntu 8.04 mail howto: in reading some docs on the postfix site, I told smtpd to not chroot (I read about it not being able to see mysql socket) but I suppose this doesn't matter since I can authenticate users from within groupoffice.

Another thing that worries me is the group-office howto sets up dovecot to do sending I think? I've tried removing the mail_transport config option from main.cf with no further result.

I might try building the server first with the Ubuntu guide, then putting group-office on top, but I'd like to use dovecot, which would just hack up the howto again. I do have 3 mail servers (failover later on), so I have some boxes to play with.

One last thing to mention, hopefully not relevant, I am connecting to the server through Evolution using IP address. This domain is currently hosted elsewhere with active users, and I need this tested working before I can move it over, so I have no real domain for it right now.

Last but not least, you may say 'just ditch Group-Office for now?'. I really like the professional look, these are high profile clients, they won't be using webmail much (a few less important users will), but I am fearful of giving them squirrelmail!

Last edited by CyD; 1st April 2009 at 20:45. Reason: Changed title to solved
Reply With Quote
Sponsored Links
  #2  
Old 1st April 2009, 20:44
CyD CyD is offline
Junior Member
 
Join Date: Feb 2009
Posts: 9
Thanks: 0
Thanked 3 Times in 2 Posts
 
Default

Success! It was probably good I posted, probably helped me sort out the mess. However, I used the following info: http://howtoforge.com/forums/showthr...d=1#post179090.

Using dovecot now properly for auth and mail sending.

Thanks much for everything howtoforge folks you're the best :-D
Reply With Quote
The Following User Says Thank You to CyD For This Useful Post:
falko (2nd April 2009)
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
freebsd 7, samba 3, domain controller alexdimarco Suggest HOWTO 6 5th November 2010 16:54
proFTPd passive mode problems bisbell Server Operation 8 6th August 2008 21:12
Postfix, smtp auth problems fish HOWTO-Related Questions 9 27th September 2007 18:34
SMTP Auth problems in Debian Etch w/ISPConfig fish3232 Installation/Configuration 11 30th March 2007 19:56
Centos 4.4 32bit Hangs, High Server load 3cwired_com Server Operation 11 16th November 2006 15:47


All times are GMT +2. The time now is 10:27.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.