Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #11  
Old 11th September 2012, 01:32
ansabhailte ansabhailte is offline
Junior Member
 
Join Date: Sep 2012
Posts: 28
Thanks: 0
Thanked 0 Times in 0 Posts
Default

No, nothing in the queue.

Of course, the logfile that I posted shows a lot of activity because all the addresses can successfully send/receive to each other, and can send mail to anybody (including gmail)


I don't get it. Everything works except for receiving from external hosts. And mail.log never shows anything for that; not even rejected messages. And Gmail doesnt show delay/failure notices.
Reply With Quote
Sponsored Links
  #12  
Old 11th September 2012, 06:14
ansabhailte ansabhailte is offline
Junior Member
 
Join Date: Sep 2012
Posts: 28
Thanks: 0
Thanked 0 Times in 0 Posts
Default

What should the permissions be for /var/spool/postfix/var/run/saslauthd?

saslauthd returns this:

drwx--x--- 2 root sasl 4096 Sep 10 19:46 saslauthd

and the contents return this:

-rw------- 1 root root 0 Sep 10 19:46 cache.flock
-rw------- 1 root root 945152 Sep 10 19:46 cache.mmap
srwxrwxrwx 1 root root 0 Sep 10 19:46 mux
-rw------- 1 root root 0 Sep 10 19:46 mux.accept
-rw------- 1 root root 5 Sep 10 19:46 saslauthd.pid
Reply With Quote
  #13  
Old 11th September 2012, 06:18
ansabhailte ansabhailte is offline
Junior Member
 
Join Date: Sep 2012
Posts: 28
Thanks: 0
Thanked 0 Times in 0 Posts
Default one more thing

I just ran testsaslauthd:

sudo testsaslauthd -u josh@goldenoakit.com -p *password* -f /var/spool/postfix/var/run/saslauthd/mux -s submission

(I'm running smtp on 587 not 25) and it returns:

NO "authentication failed"

auth.log shows this:

Sep 10 20:30:33 nigel saslauthd[5002]: pam_unix(submission:auth): check pass; user unknown
Sep 10 20:30:33 nigel saslauthd[5002]: pam_unix(submission:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=
Sep 10 20:30:35 nigel saslauthd[5002]: DEBUG: auth_pam: pam_authenticate failed: Authentication failure
Sep 10 20:30:35 nigel saslauthd[5002]: do_auth : auth failure: [user=josh@goldenoakit.com] [service=submission] [realm=] [mech=pam] [reason=PAM auth error]


Also, when I run:

sudo testsaslauthd -u josh@goldenoakit.com -p *password* -s submission

it returns:

connect() : No such file or directory

I'm thinking my problem lies within the SASL area... that would explain why I can receive mail from local accounts.

edit: I'm running postfix chrooted, per Falko's guide (linked at top of thread)

edit2: When I run testsaslauthd with -u josh -p *password* (being my UNIX username and password, not my MySQL email username and password) I get:

OK "Success."

Last edited by ansabhailte; 11th September 2012 at 06:36.
Reply With Quote
  #14  
Old 11th September 2012, 06:53
ansabhailte ansabhailte is offline
Junior Member
 
Join Date: Sep 2012
Posts: 28
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Ok, I've figured out the problem.

I run testsaslauthd with mail_admin as the username (the account courier should be using) and the authentication fails.

If I run it using root as the user it succeeds, and also if I use my local UNIX account (josh).

But I've configured everything to use mail_admin. Any idea why mail_admin can't authenticate?

edit: I read that Cyrus SASL doesn't support encrypted SQL passwords? Is this still true? (I read it on a forum thread from 2008) I'm not sure if it would still be true since your guide says to use encrypted passwords...

Last edited by ansabhailte; 11th September 2012 at 07:18.
Reply With Quote
  #15  
Old 11th September 2012, 07:26
gscales gscales is offline
Member
 
Join Date: May 2012
Posts: 34
Thanks: 1
Thanked 1 Time in 1 Post
Default

Quote:
Originally Posted by ansabhailte View Post
What should the permissions be for /var/spool/postfix/var/run/saslauthd?

saslauthd returns this:

drwx--x--- 2 root sasl 4096 Sep 10 19:46 saslauthd

and the contents return this:

-rw------- 1 root root 0 Sep 10 19:46 cache.flock
-rw------- 1 root root 945152 Sep 10 19:46 cache.mmap
srwxrwxrwx 1 root root 0 Sep 10 19:46 mux
-rw------- 1 root root 0 Sep 10 19:46 mux.accept
-rw------- 1 root root 5 Sep 10 19:46 saslauthd.pid
Just so you know ... my system is able to receive and the above looks identical on my system ...
Reply With Quote
  #16  
Old 11th September 2012, 07:29
gscales gscales is offline
Member
 
Join Date: May 2012
Posts: 34
Thanks: 1
Thanked 1 Time in 1 Post
Default

What are the contents of your /etc/postfix/sasl/smtpd.conf ?
Reply With Quote
  #17  
Old 11th September 2012, 07:38
ansabhailte ansabhailte is offline
Junior Member
 
Join Date: Sep 2012
Posts: 28
Thanks: 0
Thanked 0 Times in 0 Posts
Default

cat /etc/postfix/sasl/smtpd.conf

pwcheck_method: saslauthd
mech_list: plain login
allow_plaintext: true
auxprop_plugin: sql
sql_engine: mysql
sql_hostnames: 127.0.0.1
sql_user: mail_admin
sql_passwd: *password*
sql_database: mail
sql_select: select password from users where email = '%u@%r'
Reply With Quote
  #18  
Old 11th September 2012, 08:16
gscales gscales is offline
Member
 
Join Date: May 2012
Posts: 34
Thanks: 1
Thanked 1 Time in 1 Post
Default

Lemme grok your smtp.conf for a minute ... meanwhile ... the following two statements are missing from your main.cf as compared to mine:

maildrop_destination_recipient_limit = 1
virtual_transport = maildrop

You are specifying maildrop in your master.cf ... did you leave those out on purpose?
Reply With Quote
  #19  
Old 11th September 2012, 08:19
ansabhailte ansabhailte is offline
Junior Member
 
Join Date: Sep 2012
Posts: 28
Thanks: 0
Thanked 0 Times in 0 Posts
Default

No, I just followed the guide by Falko. He left them out.

edit: I went ahead and added those lines.

Last edited by ansabhailte; 11th September 2012 at 08:38.
Reply With Quote
  #20  
Old 11th September 2012, 08:37
gscales gscales is offline
Member
 
Join Date: May 2012
Posts: 34
Thanks: 1
Thanked 1 Time in 1 Post
 
Default

Ok, well, let's reason for a minute.

According to your main.cf, master.cf, and sasl/smtpd.conf, you are sending email to remote hosts requiring SASL authentication, sending that authentication via plain text (non-encrypted) on port 587 (submission) ... and that is working. If you were sending using encryption, you'd be using port 465 and have some more parameters set up. If you are able to successfully send an email, I'd say SASL is working, and getting the correct username and password out of MySQL. Agree?

Now ... receiving. If you can log in to read your mail, you are authenticating, correct?

I don't think there is any authentication involved in the mail transport agent (MTA) receiving mail from a remote host. I don't think there is any authentication involved either in delivering that mail to a mailbox. So, even though it may seem like authentication is involved ... to me, it doesn't seem so. Agree/disagree with my logic?
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix/courier/Centos 6 cant send email to external email servers maxtorzito Installation/Configuration 14 7th October 2011 11:56
sneaking suspicion my postfix config has gone awry mjbarfoot Installation/Configuration 7 24th August 2010 13:23
Sending emails with custom FROM email address merisor Installation/Configuration 4 8th February 2010 17:27
postfix, pop3 uvbnserved Server Operation 22 24th May 2009 22:00
Postfix won't receive external email fred!head Server Operation 2 29th June 2008 20:30


All times are GMT +2. The time now is 15:14.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.