Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 22nd November 2012, 09:49
wigglez wigglez is offline
Junior Member
 
Join Date: Nov 2012
Posts: 14
Thanks: 0
Thanked 1 Time in 1 Post
Default Having an issue with postfix and sasl

Hi,

I've been following this howto
http://www.howtoforge.com/virtual-us...untu-12.04-lts

I've searched quite extensively, but nothing seemed to be the right fix.


This is the error:
Code:
Nov 22 02:59:07 host postfix/master[28492]: daemon started -- version 2.5.1, configuration 

/etc/postfix
Nov 22 03:25:16 host postfix/smtpd[21507]: warning: SASL per-process initialization failed: 

generic failure
Nov 22 03:25:16 host postfix/smtpd[21507]: fatal: SASL per-process initialization failed
Nov 22 03:25:17 host postfix/master[28492]: warning: process /usr/lib/postfix/smtpd pid 21507 exit 

status 1
Nov 22 03:25:17 host postfix/master[28492]: warning: /usr/lib/postfix/smtpd: bad command startup 

-- throttling
Telnet would just hang. When I set smtpd_sasl_auth_enable to no, it worked, I could send mail and receive it.

I then noticed that I could only receive mail that was sent with telnet and not from google. From searching I found I needed to add this:

smtpd_tls_exclude_ciphers=RC4-MD5

I could then receive mail from outside. That seems more of a patch than a fix. Any comments on this one?


Here is my main.cf file
Code:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_exclude_ciphers=RC4-MD5

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname =  domain.net
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
#myorigin = /etc/mailname
myorigin = domain.net
mydestination =
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, 

mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /home/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000

#SASL
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain=
smtpd_sasl_authenticated_header = yes

smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, warn_if_reject, 

reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_pipelining, permit

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, 

reject_unauth_destination


virtual_create_maildirsize = yes
virtual_maildir_extended = yes
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = "The user you are trying to reach is over quota."
virtual_overquota_bounce = yes
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains 

$virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains 

$canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $mynetworks 

$virtual_mailbox_limit_maps

/etc/default/saslauthd file
Code:
#
# Settings for saslauthd daemon
# Please read /usr/share/doc/sasl2-bin/README.Debian for details.
#

# Should saslauthd run automatically on startup? (default: no)
START=yes

# Description of this saslauthd instance. Recommended.
# (suggestion: SASL Authentication Daemon)
DESC="SASL Authentication Daemon"

# Short name of this saslauthd instance. Strongly recommended.
# (suggestion: saslauthd)
NAME="saslauthd"

# Which authentication mechanisms should saslauthd use? (default: pam)
#
# Available options in this Debian package:
# getpwent  -- use the getpwent() library function
# kerberos5 -- use Kerberos 5
# pam       -- use PAM
# rimap     -- use a remote IMAP server
# shadow    -- use the local shadow password file
# sasldb    -- use the local sasldb database file
# ldap      -- use LDAP (configuration is in /etc/saslauthd.conf)
#
# Only one option may be used at a time. See the saslauthd man page
# for more information.
#
# Example: MECHANISMS="pam"
MECHANISMS="pam"

# Additional options for this mechanism. (default: none)
# See the saslauthd man page for information about mech-specific options.
MECH_OPTIONS=""

# How many saslauthd processes should we run? (default: 5)
# A value of 0 will fork a new process for each connection.
THREADS=5

# Other options (default: -c -m /var/run/saslauthd)
# Note: You MUST specify the -m option or saslauthd won't run!
#
# See /usr/share/doc/sasl2-bin/README.Debian for Debian-specific information.
# See the saslauthd man page for general information about these options.
#
# Example for postfix users: "-c -m /var/spool/postfix/var/run/saslauthd"
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"

/etc/postfix/sasl/smtpd.conf
Code:
/etc/postfix/sasl/smtpd.conf

pwcheck_method: saslauthd
mech_list: plain login cram-md5 digest-md5
log_level: 7
allow plaintext: true
auxprop_plugin: mysql
sql_engine: mysql
sql_hostnames: 127.0.0.1
sql_user: mail_admin
sql_passwd: mail_admin_pass
sql_database: mail
sql_select: select password from users where email = '%u@%r'

Thanks.
Reply With Quote
Sponsored Links
  #2  
Old 23rd November 2012, 02:42
wigglez wigglez is offline
Junior Member
 
Join Date: Nov 2012
Posts: 14
Thanks: 0
Thanked 1 Time in 1 Post
Default

I figure this isn't part of it because it has to do with courier, but I'll just throw this out there to.

When trying to add one of the email addresses to thunderbird. It pops up a warning that says
"This site attempts to identify itself with invalid information."
Reply With Quote
  #3  
Old 24th November 2012, 11:57
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,743 Times in 2,577 Posts
Default

Can you put these three directives in one line each instead of multiple lines?

Code:
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, 

mysql:/etc/postfix/mysql-virtual_email2email.cf
Code:
smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, warn_if_reject, 

reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_pipelining, permit

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, 

reject_unauth_destination
Code:
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains 

$virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains 

$canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $mynetworks 

$virtual_mailbox_limit_maps
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #4  
Old 24th November 2012, 17:24
wigglez wigglez is offline
Junior Member
 
Join Date: Nov 2012
Posts: 14
Thanks: 0
Thanked 1 Time in 1 Post
Default

Sorry, probably because I didn't have terminal maximized when I copied them.

Code:
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
Code:
smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, warn_if_reject, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_pipelining, permit
Code:
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $mynetworks $virtual_mailbox_limit_maps
Reply With Quote
  #5  
Old 28th November 2012, 06:39
wigglez wigglez is offline
Junior Member
 
Join Date: Nov 2012
Posts: 14
Thanks: 0
Thanked 1 Time in 1 Post
Default

results from testsaslauthd

sudo testsaslauthd -u test -p test
connect() : No such file or directory

sudo testsaslauthd -u test -p test -f /var/spool/postfix/var/run/saslauthd/mux
0: NO "authentication failed"
Reply With Quote
  #6  
Old 30th November 2012, 07:47
wigglez wigglez is offline
Junior Member
 
Join Date: Nov 2012
Posts: 14
Thanks: 0
Thanked 1 Time in 1 Post
 
Default

I seem to have finally stumbled on to a similar issue.

The fix was to tell postfix directly the path to sasl in the main.cf file

smtpd_sasl_path = /var/spool/postfix/var/run/saslauthd

By doing that I was also able to remove the
smtpd_tls_exclude_ciphers=RC4-MD5
for google.
Reply With Quote
The Following User Says Thank You to wigglez For This Useful Post:
falko (30th November 2012)
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix Timeout after DATA from some emails treeman Server Operation 13 25th September 2013 12:51
Postfix SMTP Auth to Dovecot Not Working -- HELP! Scratchpad Server Operation 6 12th April 2011 13:29
error: File /root/rpm/SOURCES/postfix-2.3.3-vda.patch: No such file or directory mxtdn Installation/Configuration 1 25th July 2009 09:20
Postfix, Dovecot, MySQL users - issue with SASL silviap Server Operation 3 18th June 2009 14:11
Help needed error rpmbuild -ba postfix.spec mr_bo Installation/Configuration 2 15th May 2009 09:47


All times are GMT +2. The time now is 12:01.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.