ISPC3.0.1.1/CentOS 5.3 No SASL authentication mechanisms

[rdhir]

Hi,

I think I have installed ISPC3 correctly and have established that

I can create websites/ftp/ssh clients all ok.

postfix smtpd is giving me problems though the log looks like this

Code:

May 8 00:35:01 mayeul postfix/smtpd[5229]: warning: xsasl_cyrus_server_get_mechanism_list: no applicable SASL mechanisms
May 8 00:35:01 mayeul postfix/smtpd[5229]: fatal: no SASL authentication mechanisms
May 8 00:35:02 mayeul postfix/master[13403]: warning: process /usr/libexec/postfix/smtpd pid 5229 exit status 1
May 8 00:35:02 mayeul postfix/master[13403]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
May 8 00:36:19 mayeul postfix/smtpd[5289]: warning: xsasl_cyrus_server_get_mechanism_list: no applicable SASL mechanisms
May 8 00:36:19 mayeul postfix/smtpd[5289]: fatal: no SASL authentication mechanisms
May 8 00:36:20 mayeul postfix/master[13403]: warning: process /usr/libexec/postfix/smtpd pid 5289 exit status 1
May 8 00:36:20 mayeul postfix/master[13403]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling

All the demons started ok and during install of ISPconfig 3

I seem to be able to use SquirrelMail to look at the mailbox but obviously at the moment I am not receiving anything

main.cf is

Code:

myhostname = server.totemspace.com
mynetworks = 127.0.0.0/8
virtual_alias_domains = 
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2e
mail.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /var/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postf
ix/mysql-virtual_recipient.cf, reject_unauth_destination
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
virtual_create_maildirsize = yes
virtual_maildir_extended = yes
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = "The user you are trying to reach is over quota."
virtual_overquota_bounce = yes
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_m
aps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_
canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
maildrop_destination_concurrency_limit = 1
maildrop_destination_recipient_limit = 1
virtual_transport = maildrop
header_checks = regexp:/etc/postfix/header_checks
mime_header_checks = regexp:/etc/postfix/mime_header_checks
nested_header_checks = regexp:/etc/postfix/nested_header_checks
body_checks = regexp:/etc/postfix/body_checks
content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings
relayhost = 
mailbox_size_limit = 0
message_size_limit = 0

master.cf is

Code:

smtp      inet  n       -       n       -       -       smtpd
#submission inet n       -       n       -       -       smtpd
#  -o smtpd_enforce_tls=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps     inet  n       -       n       -       -       smtpd
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#628      inet  n       -       n       -       -       qmqpd
pickup    fifo  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       n       1000?   1       tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       n       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       n       -       -       smtp
	-o fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
discard   unix  -       -       n       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
scache	  unix	-	-	n	-	1	scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=R user=vmail argv=/usr/bin/maildrop -d ${recipient} ${extension} ${recipient} ${user} ${nexthop} ${sender}
#
# The Cyrus deliver program has changed incompatibly, multiple times.
#
old-cyrus unix  -       n       n       -       -       pipe
  flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user}
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
cyrus     unix  -       n       n       -       -       pipe
  user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient

amavis unix - - - - 2 smtp
        -o smtp_data_done_timeout=1200
        -o smtp_send_xforward_command=yes

127.0.0.1:10025 inet n - - - - smtpd
        -o content_filter=
        -o local_recipient_maps=
        -o relay_recipient_maps=
        -o smtpd_restriction_classes=
        -o smtpd_client_restrictions=
        -o smtpd_helo_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o mynetworks=127.0.0.0/8
        -o strict_rfc821_envelopes=yes
        -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
        -o smtpd_bind_address=127.0.0.1

[falko]

How exactly did you set up the server? Did you use a tutorial from HowtoForge?

[rdhir]

I used the text instructions for ISP Config 3.0/CentOS5.3 after amending the script file to allow for 5.3 rather than 5.2 on ispconfig.org for the most part. I varied them to get the postfix quota patch which is documented only in the HowToForge. The source for postfix is slightly different in 5.3 to 5.2 hence its not quite the same version, but it is the same patch. The only funny around my postfix installation was when I tried to rpm the patched version, I had already installed postfix by this stage so I got a conflict, to fix this I yum removed postfix and the rpm'ed the patched version.

The only other failure I had was amavisd, I installed the dag wieers one and then followed the line that said the config should be /etc/amavisd/amavisd.conf. I moved /etc/amavisd.conf there, but this broke the init.d/amavisd script which used /etc/amavisd.conf. I went back to this but this broke something elses and amavisd did not start. So eventually I edited init.d/amavisd to expect the config file in /etc/amavisd/amavisd.conf. Amavisd now starts fine and the logs indicate it is working.

I double checked these commands and am pretty sure I got them right,

Here is the command history for this part. I include a command number and datestamp so you can see the sequence

As root

Code:

   48   May 07 - 12:52 system-config-securitylevel-tui
   49   May 07 - 12:56 yum install ntp httpd mysql-server php php-mysql php-mbstring rpm-build gcc mysql-devel openssl-devel cyrus-sasl-devel pkgconfig zlib-devel phpMyAdmin pcre-devel openldap-devel postgresql-devel expect libtool-ltdl-devel openldap-servers libtool gdbm-devel pam-devel gamin-devel postfix
   50   May 07 - 13:44 rpm --import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.da
   51   May 07 - 13:45 rpm --import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dat
   52   May 07 - 13:45 rpm --import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
   53   May 07 - 13:46 cd /tmp
   54   May 07 - 13:46 wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
   55   May 07 - 13:46 rpm -i rpmforge-release-0.3.6-1.el5.rf.i386.rpm
   56   May 07 - 13:46 yum update
   57   May 07 - 13:48 yum install getmail
   58   May 07 - 13:48 useradd -m -s /bin/bash compileuser
   59   May 07 - 13:48 passwd compileuser
   60   May 07 - 13:55 su compileuser
   61   May 07 - 14:00 yum install sudo
   62   May 07 - 14:01 vi sudo
   63   May 07 - 14:01 visudo
   64   May 07 - 14:02 su compileuser

Compileuser history (ignore the timestamp here)

Code:

    1   May 08 - 17:13 mkdir $HOME/rpm
    2   May 08 - 17:13 mkdir $HOME/rpm/SOURCES
    3   May 08 - 17:13 mkdir $HOME/rpm/SPECS
    4   May 08 - 17:13 mkdir $HOME/rpm/BUILD
    5   May 08 - 17:13 mkdir $HOME/rpm/SRPMS
    6   May 08 - 17:13 mkdir $HOME/rpm/RPMS
    7   May 08 - 17:13 mkdir $HOME/rpm/RPMS/i386
    8   May 08 - 17:13 mkdir $HOME/rpm/RPMS/x86_64
    9   May 08 - 17:13 echo "%_topdir $HOME/rpm" >> $HOME/.rpmmacros
   10   May 08 - 17:13 wget http://prdownloads.sourceforge.net/courier/courier-authlib-0.62.2.tar.bz
   11   May 08 - 17:13 wget http://prdownloads.sourceforge.net/courier/courier-imap-4.4.1.tar.bz2
   12   May 08 - 17:13 visudo
   13   May 08 - 17:13 yum install sudo
   14   May 08 - 17:13 sudo rpmbuild -ta courier-authlib-0.61.0.tar.bz2
   15   May 08 - 17:13 sudo rpmbuild -ta courier-authlib-0.62.2.tar.bz2
   16   May 08 - 17:13 pwd
   17   May 08 - 17:13 ls
   18   May 08 - 17:13 rm showfiles.php?group_id=5404
   19   May 08 - 17:13 ls -l
   20   May 08 - 17:13 wget http://prdownloads.sourceforge.net/courier/courier-authlib-0.62.2.tar.bz2
   21   May 08 - 17:13 wget http://prdownloads.sourceforge.net/courier/maildrop-2.0.4.tar.bz2
   22   May 08 - 17:13 ls
   23   May 08 - 17:13 sudo rpmbuild -ta courier-authlib-0.62.2.tar.bz2
   24   May 08 - 17:13 sudo rpm -ivh /home/compileuser/rpm/RPMS/i386/courier-authlib-0.62.2-1.i386.rpm
   25   May 08 - 17:13 sudo rpm -ivh /home/compileuser/rpm/RPMS/i386/courier-authlib-mysql-0.62.2-1.i386.rpm
   26   May 08 - 17:13 sudo rpm -ivh /home/compileuser/rpm/RPMS/i386/courier-authlib-devel-0.62.2-1.i386.rpm
   27   May 08 - 17:13 rpmbuild -ta courier-imap-4.4.1.tar.bz2
   28   May 08 - 17:13 sudo rpm -ivh /home/compileuser/rpm/RPMS/i386/courier-imap-4.4.1-1.i386.rpm
   29   May 08 - 17:13 sudo rpmbuild -ta maildrop-2.0.4.tar.bz2
   30   May 08 - 17:13 sudo rpm -ivh /home/compileuser/rpm/RPMS/i386/maildrop-2.0.4-1.i386.rpm

and again as root

Code:

  65   May 07 - 14:29 history
   66   May 07 - 14:29 su compileuser
   67   May 07 - 14:31 chkconfig --levels 235 courier-authlib on
   68   May 07 - 14:31 /etc/init.d/courier-authlib start
   69   May 07 - 14:31 chkconfig --levels 235 sendmail off
   70   May 07 - 14:31 chkconfig --levels 235 postfix on
   71   May 07 - 14:31 chkconfig --levels 235 saslauthd on
   72   May 07 - 14:31 /etc/init.d/sendmail stop
   73   May 07 - 14:31 /etc/init.d/postfix start
   74   May 07 - 14:31 /etc/init.d/saslauthd start
   75   May 07 - 14:31 chkconfig --levels 235 courier-imap on
   76   May 07 - 14:31 /etc/init.d/courier-authlib restart
   77   May 07 - 14:31 /etc/init.d/courier-imap restart

Then postfix again as root

Code:

  114   May 07 - 14:48 yum list postfix
  115   May 07 - 14:50 rm postfix-2.3.3-2.src.rpm 
  116   May 07 - 14:50 wget http://ftp-stud.fht-esslingen.de/pub/Mirrors/centos/5.2/os/SRPMS/postfix-2.3.3-2.src.rpm
  117   May 07 - 14:50 l
  118   May 07 - 14:50 ls
  119   May 07 - 14:51 rm po*
  120   May 07 - 14:51 wget http://ftp-stud.fht-esslingen.de/pub/Mirrors/centos/5.3/os/SRPMS/postfix-2.3.3-2.1.el5_2.src.rpm
  121   May 07 - 14:51 rpm -ivh postfix-2.3.3-2.1.el5_2.src.rpm 
  122   May 07 - 14:51 cd /usr/src/redhat/SOURCES/
  123   May 07 - 14:53 wget http://vda.sourceforge.net/VDA/postfix-2.3.3-vda.patch.gz
  124   May 07 - 14:53 cd /usr/src/redhat/SPECS/
  125   May 07 - 14:53 vi postfix.spec 
  126   May 07 - 14:55 rpmbuild -ba postfix.spec
  127   May 07 - 14:56 cd ..
  128   May 07 - 14:56 ls
  129   May 07 - 14:56 cd SOURCES/
  130   May 07 - 14:56 ls
  131   May 07 - 14:56 gunzip postfix-2.3.3-vda.patch.gz
  132   May 07 - 14:56 cd ../SPECS/
  133   May 07 - 14:56 rpmbuild -ba postfix.spec
  134   May 07 - 14:57 yum install ed
  135   May 07 - 14:57 rpmbuild -ba postfix.spec
  136   May 07 - 14:59 cd ../RPMS/i386/
  137   May 07 - 14:59 ls
  138   May 07 - 14:59 ls -l
  139   May 07 - 14:59 rpm -ivh postfix-2.3.3-2.i386.rpm
  140   May 07 - 14:59 rpm -ivh postfix-2.3.3-2.1.i386.rpm 
  141   May 07 - 15:00 service postfix stop
  142   May 07 - 15:00 yum remove postfix
  143   May 07 - 15:01 rpm -ivh postfix-2.3.3-2.1.i386.rpm 
  144   May 07 - 15:01 service postfix on
  145   May 07 - 15:01 service postfix start

Thanks again for the help. There's nothing worse than someone who finds a new way to get it wrong!

Cheers

Rajiv

[falko]

I think you should use the CentOS 5.2 guide: http://www.howtoforge.com/perfect-se....2-ispconfig-3

[rdhir]

ahh you mean burn it down and start again with the HowToForge guide, rather than the text guide?

Is there any way of getting ISPconfig to reapply postfix configuration. I was wondering if I should try

rpm -e postfix...
yum install postfix
- force reconfigure of postfix for ISPConfig

Cheers

Rajiv

[falko]

I'm not sure if this will work.

[rdhir]

Sorry, did a reimage and a fresh install from the How To Forge 5.2/ISPConfig 3 and still no joy
I checked maillog for errors earlier in the build, right after installing postfix and there were no such errors.


/var/log/maillog looks like this

Code:

May 12 12:32:33 mayeul authdaemond: stopping authdaemond children
May 12 12:32:33 mayeul authdaemond: modules="authmysql", daemons=5
May 12 12:32:33 mayeul authdaemond: Installing libauthmysql
May 12 12:32:33 mayeul authdaemond: Installation complete: authmysql
May 12 12:35:01 mayeul pop3d: Connection, ip=[::ffff:127.0.0.1]
May 12 12:35:01 mayeul pop3d: Disconnected, ip=[::ffff:127.0.0.1]
May 12 12:35:01 mayeul imapd: Connection, ip=[::ffff:127.0.0.1]
May 12 12:35:01 mayeul imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
May 12 12:35:01 mayeul postfix/smtpd[12165]: warning: xsasl_cyrus_server_get_mechanism_list: no applicable SASL mechanisms
May 12 12:35:01 mayeul postfix/smtpd[12165]: fatal: no SASL authentication mechanisms
May 12 12:35:02 mayeul postfix/master[11870]: warning: process /usr/libexec/postfix/smtpd pid 12165 exit status 1
May 12 12:35:02 mayeul postfix/master[11870]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
May 12 12:38:38 mayeul sendmail[12295]: n4CGcc7R012295: from=apache, size=290, class=0, nrcpts=1, msgid=<200905121638.n4CGcc7R012295@server.totemspace.com>, relay=apache@localhost
May 12 12:38:38 mayeul postfix/smtpd[12296]: warning: xsasl_cyrus_server_get_mechanism_list: no applicable SASL mechanisms
May 12 12:38:38 mayeul postfix/smtpd[12296]: fatal: no SASL authentication mechanisms
May 12 12:38:39 mayeul sendmail[12295]: n4CGcc7R012295: to=rajiv@dhirs.org.uk, ctladdr=apache (48/48), delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=30290, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection reset by [127.0.0.1]
May 12 12:38:39 mayeul postfix/master[11870]: warning: process /usr/libexec/postfix/smtpd pid 12296 exit status 1
May 12 12:38:39 mayeul postfix/master[11870]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttli

I followed 5.2 exactly. The only variations were latest version of suphp, the 2.3.3-2.1 version of postfix to match CentOS 5.3, courier-imap 0.62.2

Cheers

Rajiv

[rdhir]

FIXED FIXED FIXED

Yaay.

At the bottom of the thread, I suddenly noticed the bulletin board system listed a related thread which I'd missed on searching because it was in the general HOWTO and was for Centos 4.4...

I think I was too specific when I searched

and the thread is...

http://howtoforge.com/forums/showthread.php?t=12844

what I did was

Code:

yum install cyrus-sasl-plain
service saslauthd stop
service postfix stop
service saslauthd start
service postfix start

Now receiving mail!!!!

Perhaps you could modify the HowTo and make sure that
cyrus-sasl-plain is included in section 11.

Cheers

Rajiv