Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 26th June 2012, 10:31
danypd69 danypd69 is offline
Junior Member
 
Join Date: May 2012
Posts: 18
Thanks: 2
Thanked 1 Time in 1 Post
Default SMTP Authentication

Hello, I'm trying to understand how the smtp auth works in ISPConfig.
I have installed the server on centos 6.2 with this tutorial: http://www.howtoforge.com/perfect-se...e2-ispconfig-3 (so I use courier for imap/pop3)

From what I understand from it the authentication should be done using saslauthd but it's not running on my system and the smtp auth works.

Am I wrong ? or is something broken in my installation?

Last edited by danypd69; 26th June 2012 at 10:31. Reason: fixed typo
Reply With Quote
Sponsored Links
  #2  
Old 27th June 2012, 15:43
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 34,586
Thanks: 792
Thanked 4,983 Times in 3,903 Posts
Default

On courier setups, smtp authentication is handled by saslauthd. On Dovecot setups, smtp authentication is handled by dovecot.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 27th June 2012, 16:09
danypd69 danypd69 is offline
Junior Member
 
Join Date: May 2012
Posts: 18
Thanks: 2
Thanked 1 Time in 1 Post
Default

Ok, It's what I understood, but the authsasld deamon is not running in my system and the authentication works, how is it possible ?
Reply With Quote
  #4  
Old 28th June 2012, 15:34
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,711
Thanks: 1,899
Thanked 2,702 Times in 2,545 Posts
Default

http://www.howtoforge.com/forums/sho...rios+smtp-auth
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 29th June 2012, 11:30
danypd69 danypd69 is offline
Junior Member
 
Join Date: May 2012
Posts: 18
Thanks: 2
Thanked 1 Time in 1 Post
Default

Ok I saw the thread but I still have something strange

I tried to send a message from a different network that is not in mynetworks to a gmail.com address (so the recipient is not on the ispconfig server)

As said in other messages authsasld is not running but the authentication still works ok, the message is sent only if username and passwords are correct.
Reply With Quote
  #6  
Old 30th June 2012, 12:07
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,711
Thanks: 1,899
Thanked 2,702 Times in 2,545 Posts
Default

Can you post your /etc/postfix/main.cf? What's the output of
Code:
ps aux | grep -i saslauthd
?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #7  
Old 30th June 2012, 12:20
danypd69 danypd69 is offline
Junior Member
 
Join Date: May 2012
Posts: 18
Thanks: 2
Thanked 1 Time in 1 Post
Default

Code:
[daniele@hosting ~]$ ps aux|grep -i saslauthd
daniele   1490  0.0  0.0 103232   812 pts/0    S+   12:11   0:00 grep -i saslauthd
[daniele@hosting ~]$
main.cf (with comments removed)
Code:
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
inet_interfaces = all
inet_protocols = all
mydestination = [server-hostname], localhost, localhost.localdomain
unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
debug_peer_level = 2
debugger_command =
	 PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
	 ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.6.6/samples
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
virtual_alias_domains = 
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /var/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
maildrop_destination_concurrency_limit = 1
maildrop_destination_recipient_limit = 1
virtual_transport = maildrop
header_checks = regexp:/etc/postfix/header_checks
mime_header_checks = regexp:/etc/postfix/mime_header_checks
nested_header_checks = regexp:/etc/postfix/nested_header_checks
body_checks = regexp:/etc/postfix/body_checks
myhostname = [server-hostname]
mynetworks = 127.0.0.0/8 [::1]/128
content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings
relayhost = 
mailbox_size_limit = 0
message_size_limit = 0
/etc/sasl2/smtpd.conf

Code:
pwcheck_method: saslauthd
mech_list: plain login
I have also /usr/lib64/sasl2/smtpd.conf with this content

Code:
pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/var/spool/authdaemon/socket

Last edited by danypd69; 30th June 2012 at 12:23. Reason: Added sasl configuration
Reply With Quote
  #8  
Old 3rd July 2012, 16:07
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,711
Thanks: 1,899
Thanked 2,702 Times in 2,545 Posts
Default

Strange. Have you tried to check if your server is an open relay?

http://www.spamhelp.org/shopenrelay/
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #9  
Old 4th July 2012, 09:11
danypd69 danypd69 is offline
Junior Member
 
Join Date: May 2012
Posts: 18
Thanks: 2
Thanked 1 Time in 1 Post
Default

I tried with http://www.checkor.com/ and everything is ok.

Code:
Checking [hostname]:

220 [hostname] ESMTP Postfix
HELO ortest.checkor.com
250 [hostname]
RSET
250 2.0.0 Ok
MAIL FROM: test@checkor.com
250 2.1.0 Ok
RCPT TO: test1@checkor.com
554 5.7.1 : Relay access denied

RSET
250 2.0.0 Ok
MAIL FROM:
501 5.5.4 Syntax: MAIL FROM:

RCPT TO: test1@checkor.com
503 5.5.1 Error: need MAIL command

RSET
250 2.0.0 Ok
MAIL FROM: spam@[hostname]
250 2.1.0 Ok
RCPT TO: test1@checkor.com
554 5.7.1 : Relay access denied

RSET
250 2.0.0 Ok
MAIL FROM: spam@[hostname]
250 2.1.0 Ok
RCPT TO: test1@checkor.com
554 5.7.1 : Relay access denied

RSET
250 2.0.0 Ok
MAIL FROM: spam@[hostname]
250 2.1.0 Ok
RCPT TO: test1@[hostname]
550 5.1.1 : Recipient address rejected: User unknown in local recipient table

RSET
250 2.0.0 Ok
MAIL FROM: spam@[hostname]
250 2.1.0 Ok
RCPT TO: "test1@test.com"@[hostname]
554 5.7.1 : Relay access denied

RSET
250 2.0.0 Ok
MAIL FROM: spam@[hostname]
250 2.1.0 Ok
RCPT TO: @[hostname]:spamtest@checkor.com
554 5.7.1 : Relay access denied

http://www.spamhelp.org/shopenrelay says that it cannot connect to the server.
Reply With Quote
  #10  
Old 5th July 2012, 15:33
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,711
Thanks: 1,899
Thanked 2,702 Times in 2,545 Posts
 
Default

Can you post the output of
Code:
netstat -tap
? I want to go sure that it is Postfix that is running on port 25 and not some other MTA (sendmail, etc.).
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
SASL LOGIN authentication failed Captain Installation/Configuration 4 13th March 2012 20:07
Mail hold in Q fisherofer Installation/Configuration 1 5th February 2012 13:29
Need help with ISPConfig Mail and Squirrelmail m.xander Installation/Configuration 109 3rd February 2012 00:15
strange fail2ban behaviour > doesn't ban specific IP Djamu Server Operation 2 13th January 2012 02:29
Centos 4.4 32bit Hangs, High Server load 3cwired_com Server Operation 11 16th November 2006 15:47


All times are GMT +2. The time now is 14:46.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.