Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 18th July 2012, 05:19
rajshardel rajshardel is offline
Junior Member
 
Join Date: Jul 2012
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default Postfix saslauthd smtp authentication relay access denied problem

We have Centos 6 os , webmin, Linux Apache, myssql, Postfix, Dovecot, squirrelmail installed.

We cannot receive mail in webmin from gmail when we insert saslauthd enable lines in webmin postfix config and cannot send or receive mail from outlook which hangs. But when we remove saslauthd enable from webmin postfix config file we can send mail to gmail or to internal users from webmin but we get relay access denied error from outlook to gmail.

outlook accepts incoming outgoing server with pop setting jobseasily.com and smtp setting jobseasily.com but rejects settings mail.jobseasily.com although my hostname is mail.jobseasily.com and MX mail server DNS record is mail.jobseasily.com and A record is mail.jobseasily.com.

My smtp port 25 is open and also pop port 110 amd IMAP 143 and IMAPS 993 and POP3S 995

Postfix , Dovecot, saslauthd restart show OK at terminal. But Clearly there is a problem in saslauthpd configuration and relay access denied as otherwise I can send and receive mail from gmail.



At teminal we get

[root@jobseasily ~]# telnet server.jobseasily.com 25
Trying 50.56.223.225...
telnet: connect to address 50.56.223.225: Connection refused
telnet: Unable to connect to remote host: Connection refused
[root@jobseasily ~]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
Connection closed by foreign host.
[root@jobseasily ~]# /etc/init.d/postfix restart
Shutting down postfix: [ OK ]
Starting postfix: ^[[A [ OK ]
[root@jobseasily ~]# /etc/init.d/dovecot restart
Stopping Dovecot Imap: [ OK ]
Starting Dovecot Imap: [ OK ]
[root@jobseasily ~]# /etc/init.d/saslauthd restart
Stopping saslauthd: [ OK ]
Starting saslauthd: [ OK ]
[root@jobseasily ~]#

________________________________

saslauthd started with great difficulty as we did not have /etc/default/saslauthd and apt-get install libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql packages could not be found. We created /etc/default/saslauthd file and inserted the following:

START=yes
PWDIR="/var/spool/postfix/var/run/saslauthd"
PARAMS="-m ${PWDIR}"
PIDFILE="${PWDIR}/saslauthd.pid"
MECHANISMS="pam"
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"

__________________________________________________ ________

We could not adduser postfix sasl from terminal so we entered postfix user in group sasl from webmin and now saslauthd process has started

__________________________________________________ _________________

#postfic configuration

myhostname = mail.jobseasily.com
mydomain = jobseasily.com
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, /etc/postfix/virtual/domains
virtual_maps = hash:/etc/postfix/virtual/addresses
mynetworks = 192.168.0.0/24, 127.0.0.0/8
relay_domains =
home_mailbox = Maildir/
mail_owner = postfix
daemon_directory = /usr/libexec/postfix
command_directory = /usr/sbin
queue_directory = /var/spool/postfix
config_directory = /usr/etc/postfix
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination permit_inet_interfaces
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = jobseasily.com
broken_sasl_auth_clients = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth

#Dovecot conf file

base_dir = /var/run/dovecot/
protocols = imap imaps pop3 pop3s
protocol imap {
listen = *
ssl_listen = *

}
protocol pop3 {
listen = *
}
listen = [::]
disable_plaintext_auth = no
ssl_disable = yes
mail_location = maildir:~/Maildir
protocol imap {
}
protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
}
protocol lda {
postmaster_address = postmaster@jobseasily.com
}
auth default {
mechanisms = plain login
passdb pam {
}
userdb passwd {
}
socket listen {
client {
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
group = postfix
}
}
}

_______________________________________________

Mail logs are as below:

Jul 18 06:26:41 jobseasily postfix/qmgr[559]: 759C76A3F4: from=<rajeev@jobseasily.com>, size=592, nrcpt=1 (queue active)
Jul 18 06:26:42 jobseasily postfix/smtp[1022]: connect to gmailcom.jobseasily.com[50.56.223.225]: Connection refused (port 25)
Jul 18 06:26:42 jobseasily postfix/smtp[1022]: 759C76A3F4: to=<rajshardel@gmailcom.jobseasily.com>, orig_to=<rajshardel@gmailcom>, relay=none, delay=306035, delays=306034/0.02/1.1/0, dsn=4.4.1, status=deferred (connect to gmailcom.jobseasily.com[50.56.223.225]: Connection refused)
Jul 18 07:16:41 jobseasily postfix/qmgr[559]: 8ED7E6A3A4: from=<rajeev@jobseasily.com>, size=579, nrcpt=1 (queue active)
Jul 18 07:16:41 jobseasily postfix/smtp[1580]: connect to jobseasiy.com[50.56.223.225]: Connection refused (port 25)
Jul 18 07:16:41 jobseasily postfix/smtp[1580]: 8ED7E6A3A4: to=<rajeev@jobseasiy.com>, relay=none, delay=320038, delays=320037/0.02/0.6/0, dsn=4.4.1, status=deferred (connect to jobseasiy.com[50.56.223.225]: Connection refused)
Jul 18 07:33:21 jobseasily postfix/qmgr[559]: 759C76A3F4: from=<rajeev@jobseasily.com>, size=592, nrcpt=1 (queue active)
Jul 18 07:33:22 jobseasily postfix/smtp[1784]: connect to gmailcom.jobseasily.com[50.56.223.225]: Connection refused (port 25)
Jul 18 07:33:22 jobseasily postfix/smtp[1784]: 759C76A3F4: to=<rajshardel@gmailcom.jobseasily.com>, orig_to=<rajshardel@gmailcom>, relay=none, delay=310035, delays=310034/0.02/0.74/0, dsn=4.4.1, status=deferred (connect to gmailcom.jobseasily.com[50.56.223.225]: Connection refused)
__________________________________________________ ______________

output of netstat -tap?

[root@jobseasily ~]# netstat -tap?
usage: netstat [-veenNcCF] [<Af>] -r netstat {-V|--version|-h|--help}
netstat [-vnNcaeol] [<Socket> ...]
netstat { [-veenNac] -I[<Iface>] | [-veenNac] -i | [-cnNe] -M | -s } [delay]

-r, --route display routing table
-I, --interfaces=[<Iface>] display interface table for <Iface>
-i, --interfaces display interface table
-g, --groups display multicast group memberships
-s, --statistics display networking statistics (like SNMP)
-M, --masquerade display masqueraded connections

-v, --verbose be verbose
-n, --numeric don't resolve names
--numeric-hosts don't resolve host names
--numeric-ports don't resolve port names
--numeric-users don't resolve user names
-N, --symbolic resolve hardware names
-e, --extend display other/more information
-p, --programs display PID/Program name for sockets
-c, --continuous continuous listing

-l, --listening display listening server sockets
-a, --all, --listening display all sockets (default: connected)
-o, --timers display timers
-F, --fib display Forwarding Information Base (default)
-C, --cache display routing cache instead of FIB
-T, --notrim stop trimming long addresses
-Z, --context display SELinux security context for sockets

<Iface>: Name of interface to monitor/list.
<Socket>={-t|--tcp} {-u|--udp} {-S|--sctp} {-w|--raw} {-x|--unix} --ax25 --ipx --netrom
<AF>=Use '-A <af>' or '--<af>'; default: inet
List of possible address families (which support routing):
inet (DARPA Internet) inet6 (IPv6) ax25 (AMPR AX.25)
netrom (AMPR NET/ROM) ipx (Novell IPX) ddp (Appletalk DDP)
x25 (CCITT X.25)
[root@jobseasily ~]#

__________________________________________________ _____________________



Can someone help

Rajeev
Reply With Quote
Sponsored Links
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix Timeout after DATA from some emails treeman Server Operation 13 25th September 2013 12:51
Fail2ban configuration Captain Installation/Configuration 2 28th June 2011 19:48
Postfix doesn't have Nolan Installation/Configuration 5 13th April 2011 05:00
MySQL Error Nolan Installation/Configuration 12 16th February 2011 02:15
CentoS doesn't send the emails vaio1 Installation/Configuration 18 5th November 2008 17:51


All times are GMT +2. The time now is 04:48.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.