ISPC3.0.1.1/CentOS 5.3 No SASL authentication mechanisms

Discussion in 'Installation/Configuration' started by rdhir, May 8, 2009.

  1. rdhir

    rdhir New Member

    Hi,

    I think I have installed ISPC3 correctly and have established that

    I can create websites/ftp/ssh clients all ok.

    postfix smtpd is giving me problems though the log looks like this

    Code:
    May 8 00:35:01 mayeul postfix/smtpd[5229]: warning: xsasl_cyrus_server_get_mechanism_list: no applicable SASL mechanisms
    May 8 00:35:01 mayeul postfix/smtpd[5229]: fatal: no SASL authentication mechanisms
    May 8 00:35:02 mayeul postfix/master[13403]: warning: process /usr/libexec/postfix/smtpd pid 5229 exit status 1
    May 8 00:35:02 mayeul postfix/master[13403]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
    May 8 00:36:19 mayeul postfix/smtpd[5289]: warning: xsasl_cyrus_server_get_mechanism_list: no applicable SASL mechanisms
    May 8 00:36:19 mayeul postfix/smtpd[5289]: fatal: no SASL authentication mechanisms
    May 8 00:36:20 mayeul postfix/master[13403]: warning: process /usr/libexec/postfix/smtpd pid 5289 exit status 1
    May 8 00:36:20 mayeul postfix/master[13403]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
    
    All the demons started ok and during install of ISPconfig 3

    I seem to be able to use SquirrelMail to look at the mailbox but obviously at the moment I am not receiving anything

    main.cf is
    Code:
    myhostname = server.totemspace.com
    mynetworks = 127.0.0.0/8
    virtual_alias_domains = 
    virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2e
    mail.cf
    virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
    virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
    virtual_mailbox_base = /var/vmail
    virtual_uid_maps = static:5000
    virtual_gid_maps = static:5000
    smtpd_sasl_auth_enable = yes
    broken_sasl_auth_clients = yes
    smtpd_sasl_authenticated_header = yes
    smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postf
    ix/mysql-virtual_recipient.cf, reject_unauth_destination
    smtpd_use_tls = yes
    smtpd_tls_security_level = may
    smtpd_tls_cert_file = /etc/postfix/smtpd.cert
    smtpd_tls_key_file = /etc/postfix/smtpd.key
    transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
    relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
    virtual_create_maildirsize = yes
    virtual_maildir_extended = yes
    virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
    virtual_mailbox_limit_override = yes
    virtual_maildir_limit_message = "The user you are trying to reach is over quota."
    virtual_overquota_bounce = yes
    proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_m
    aps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_
    canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
    smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf
    smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
    maildrop_destination_concurrency_limit = 1
    maildrop_destination_recipient_limit = 1
    virtual_transport = maildrop
    header_checks = regexp:/etc/postfix/header_checks
    mime_header_checks = regexp:/etc/postfix/mime_header_checks
    nested_header_checks = regexp:/etc/postfix/nested_header_checks
    body_checks = regexp:/etc/postfix/body_checks
    content_filter = amavis:[127.0.0.1]:10024
    receive_override_options = no_address_mappings
    relayhost = 
    mailbox_size_limit = 0
    message_size_limit = 0
    
    master.cf is
    Code:
    smtp      inet  n       -       n       -       -       smtpd
    #submission inet n       -       n       -       -       smtpd
    #  -o smtpd_enforce_tls=yes
    #  -o smtpd_sasl_auth_enable=yes
    #  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    #smtps     inet  n       -       n       -       -       smtpd
    #  -o smtpd_tls_wrappermode=yes
    #  -o smtpd_sasl_auth_enable=yes
    #  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    #628      inet  n       -       n       -       -       qmqpd
    pickup    fifo  n       -       n       60      1       pickup
    cleanup   unix  n       -       n       -       0       cleanup
    qmgr      fifo  n       -       n       300     1       qmgr
    #qmgr     fifo  n       -       n       300     1       oqmgr
    tlsmgr    unix  -       -       n       1000?   1       tlsmgr
    rewrite   unix  -       -       n       -       -       trivial-rewrite
    bounce    unix  -       -       n       -       0       bounce
    defer     unix  -       -       n       -       0       bounce
    trace     unix  -       -       n       -       0       bounce
    verify    unix  -       -       n       -       1       verify
    flush     unix  n       -       n       1000?   0       flush
    proxymap  unix  -       -       n       -       -       proxymap
    smtp      unix  -       -       n       -       -       smtp
    # When relaying mail as backup MX, disable fallback_relay to avoid MX loops
    relay     unix  -       -       n       -       -       smtp
    	-o fallback_relay=
    #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
    showq     unix  n       -       n       -       -       showq
    error     unix  -       -       n       -       -       error
    discard   unix  -       -       n       -       -       discard
    local     unix  -       n       n       -       -       local
    virtual   unix  -       n       n       -       -       virtual
    lmtp      unix  -       -       n       -       -       lmtp
    anvil     unix  -       -       n       -       1       anvil
    scache	  unix	-	-	n	-	1	scache
    #
    # ====================================================================
    # Interfaces to non-Postfix software. Be sure to examine the manual
    # pages of the non-Postfix software to find out what options it wants.
    #
    # Many of the following services use the Postfix pipe(8) delivery
    # agent.  See the pipe(8) man page for information about ${recipient}
    # and other message envelope options.
    # ====================================================================
    #
    # maildrop. See the Postfix MAILDROP_README file for details.
    # Also specify in main.cf: maildrop_destination_recipient_limit=1
    #
    maildrop  unix  -       n       n       -       -       pipe
      flags=R user=vmail argv=/usr/bin/maildrop -d ${recipient} ${extension} ${recipient} ${user} ${nexthop} ${sender}
    #
    # The Cyrus deliver program has changed incompatibly, multiple times.
    #
    old-cyrus unix  -       n       n       -       -       pipe
      flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user}
    # Cyrus 2.1.5 (Amos Gouaux)
    # Also specify in main.cf: cyrus_destination_recipient_limit=1
    cyrus     unix  -       n       n       -       -       pipe
      user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}
    #
    # See the Postfix UUCP_README file for configuration details.
    #
    uucp      unix  -       n       n       -       -       pipe
      flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
    #
    # Other external delivery methods.
    #
    ifmail    unix  -       n       n       -       -       pipe
      flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
    bsmtp     unix  -       n       n       -       -       pipe
      flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
    
    amavis unix - - - - 2 smtp
            -o smtp_data_done_timeout=1200
            -o smtp_send_xforward_command=yes
    
    127.0.0.1:10025 inet n - - - - smtpd
            -o content_filter=
            -o local_recipient_maps=
            -o relay_recipient_maps=
            -o smtpd_restriction_classes=
            -o smtpd_client_restrictions=
            -o smtpd_helo_restrictions=
            -o smtpd_sender_restrictions=
            -o smtpd_recipient_restrictions=permit_mynetworks,reject
            -o mynetworks=127.0.0.0/8
            -o strict_rfc821_envelopes=yes
            -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
            -o smtpd_bind_address=127.0.0.1
    
    
     
  2. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    How exactly did you set up the server? Did you use a tutorial from HowtoForge?
     
  3. rdhir

    rdhir New Member

    I used the text instructions for ISP Config 3.0/CentOS5.3 after amending the script file to allow for 5.3 rather than 5.2 on ispconfig.org for the most part. I varied them to get the postfix quota patch which is documented only in the HowToForge. The source for postfix is slightly different in 5.3 to 5.2 hence its not quite the same version, but it is the same patch. The only funny around my postfix installation was when I tried to rpm the patched version, I had already installed postfix by this stage so I got a conflict, to fix this I yum removed postfix and the rpm'ed the patched version.

    The only other failure I had was amavisd, I installed the dag wieers one and then followed the line that said the config should be /etc/amavisd/amavisd.conf. I moved /etc/amavisd.conf there, but this broke the init.d/amavisd script which used /etc/amavisd.conf. I went back to this but this broke something elses and amavisd did not start. So eventually I edited init.d/amavisd to expect the config file in /etc/amavisd/amavisd.conf. Amavisd now starts fine and the logs indicate it is working.

    I double checked these commands and am pretty sure I got them right,

    Here is the command history for this part. I include a command number and datestamp so you can see the sequence

    As root
    Code:
       48   May 07 - 12:52 system-config-securitylevel-tui
       49   May 07 - 12:56 yum install ntp httpd mysql-server php php-mysql php-mbstring rpm-build gcc mysql-devel openssl-devel cyrus-sasl-devel pkgconfig zlib-devel phpMyAdmin pcre-devel openldap-devel postgresql-devel expect libtool-ltdl-devel openldap-servers libtool gdbm-devel pam-devel gamin-devel postfix
       50   May 07 - 13:44 rpm --import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.da
       51   May 07 - 13:45 rpm --import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dat
       52   May 07 - 13:45 rpm --import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
       53   May 07 - 13:46 cd /tmp
       54   May 07 - 13:46 wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
       55   May 07 - 13:46 rpm -i rpmforge-release-0.3.6-1.el5.rf.i386.rpm
       56   May 07 - 13:46 yum update
       57   May 07 - 13:48 yum install getmail
       58   May 07 - 13:48 useradd -m -s /bin/bash compileuser
       59   May 07 - 13:48 passwd compileuser
       60   May 07 - 13:55 su compileuser
       61   May 07 - 14:00 yum install sudo
       62   May 07 - 14:01 vi sudo
       63   May 07 - 14:01 visudo
       64   May 07 - 14:02 su compileuser
     
    Compileuser history (ignore the timestamp here)
    Code:
        1   May 08 - 17:13 mkdir $HOME/rpm
        2   May 08 - 17:13 mkdir $HOME/rpm/SOURCES
        3   May 08 - 17:13 mkdir $HOME/rpm/SPECS
        4   May 08 - 17:13 mkdir $HOME/rpm/BUILD
        5   May 08 - 17:13 mkdir $HOME/rpm/SRPMS
        6   May 08 - 17:13 mkdir $HOME/rpm/RPMS
        7   May 08 - 17:13 mkdir $HOME/rpm/RPMS/i386
        8   May 08 - 17:13 mkdir $HOME/rpm/RPMS/x86_64
        9   May 08 - 17:13 echo "%_topdir $HOME/rpm" >> $HOME/.rpmmacros
       10   May 08 - 17:13 wget http://prdownloads.sourceforge.net/courier/courier-authlib-0.62.2.tar.bz
       11   May 08 - 17:13 wget http://prdownloads.sourceforge.net/courier/courier-imap-4.4.1.tar.bz2
       12   May 08 - 17:13 visudo
       13   May 08 - 17:13 yum install sudo
       14   May 08 - 17:13 sudo rpmbuild -ta courier-authlib-0.61.0.tar.bz2
       15   May 08 - 17:13 sudo rpmbuild -ta courier-authlib-0.62.2.tar.bz2
       16   May 08 - 17:13 pwd
       17   May 08 - 17:13 ls
       18   May 08 - 17:13 rm showfiles.php?group_id=5404
       19   May 08 - 17:13 ls -l
       20   May 08 - 17:13 wget http://prdownloads.sourceforge.net/courier/courier-authlib-0.62.2.tar.bz2
       21   May 08 - 17:13 wget http://prdownloads.sourceforge.net/courier/maildrop-2.0.4.tar.bz2
       22   May 08 - 17:13 ls
       23   May 08 - 17:13 sudo rpmbuild -ta courier-authlib-0.62.2.tar.bz2
       24   May 08 - 17:13 sudo rpm -ivh /home/compileuser/rpm/RPMS/i386/courier-authlib-0.62.2-1.i386.rpm
       25   May 08 - 17:13 sudo rpm -ivh /home/compileuser/rpm/RPMS/i386/courier-authlib-mysql-0.62.2-1.i386.rpm
       26   May 08 - 17:13 sudo rpm -ivh /home/compileuser/rpm/RPMS/i386/courier-authlib-devel-0.62.2-1.i386.rpm
       27   May 08 - 17:13 rpmbuild -ta courier-imap-4.4.1.tar.bz2
       28   May 08 - 17:13 sudo rpm -ivh /home/compileuser/rpm/RPMS/i386/courier-imap-4.4.1-1.i386.rpm
       29   May 08 - 17:13 sudo rpmbuild -ta maildrop-2.0.4.tar.bz2
       30   May 08 - 17:13 sudo rpm -ivh /home/compileuser/rpm/RPMS/i386/maildrop-2.0.4-1.i386.rpm
    
    
    and again as root
    Code:
      65   May 07 - 14:29 history
       66   May 07 - 14:29 su compileuser
       67   May 07 - 14:31 chkconfig --levels 235 courier-authlib on
       68   May 07 - 14:31 /etc/init.d/courier-authlib start
       69   May 07 - 14:31 chkconfig --levels 235 sendmail off
       70   May 07 - 14:31 chkconfig --levels 235 postfix on
       71   May 07 - 14:31 chkconfig --levels 235 saslauthd on
       72   May 07 - 14:31 /etc/init.d/sendmail stop
       73   May 07 - 14:31 /etc/init.d/postfix start
       74   May 07 - 14:31 /etc/init.d/saslauthd start
       75   May 07 - 14:31 chkconfig --levels 235 courier-imap on
       76   May 07 - 14:31 /etc/init.d/courier-authlib restart
       77   May 07 - 14:31 /etc/init.d/courier-imap restart
     
    
    Then postfix again as root

    Code:
      114   May 07 - 14:48 yum list postfix
      115   May 07 - 14:50 rm postfix-2.3.3-2.src.rpm 
      116   May 07 - 14:50 wget http://ftp-stud.fht-esslingen.de/pub/Mirrors/centos/5.2/os/SRPMS/postfix-2.3.3-2.src.rpm
      117   May 07 - 14:50 l
      118   May 07 - 14:50 ls
      119   May 07 - 14:51 rm po*
      120   May 07 - 14:51 wget http://ftp-stud.fht-esslingen.de/pub/Mirrors/centos/5.3/os/SRPMS/postfix-2.3.3-2.1.el5_2.src.rpm
      121   May 07 - 14:51 rpm -ivh postfix-2.3.3-2.1.el5_2.src.rpm 
      122   May 07 - 14:51 cd /usr/src/redhat/SOURCES/
      123   May 07 - 14:53 wget http://vda.sourceforge.net/VDA/postfix-2.3.3-vda.patch.gz
      124   May 07 - 14:53 cd /usr/src/redhat/SPECS/
      125   May 07 - 14:53 vi postfix.spec 
      126   May 07 - 14:55 rpmbuild -ba postfix.spec
      127   May 07 - 14:56 cd ..
      128   May 07 - 14:56 ls
      129   May 07 - 14:56 cd SOURCES/
      130   May 07 - 14:56 ls
      131   May 07 - 14:56 gunzip postfix-2.3.3-vda.patch.gz
      132   May 07 - 14:56 cd ../SPECS/
      133   May 07 - 14:56 rpmbuild -ba postfix.spec
      134   May 07 - 14:57 yum install ed
      135   May 07 - 14:57 rpmbuild -ba postfix.spec
      136   May 07 - 14:59 cd ../RPMS/i386/
      137   May 07 - 14:59 ls
      138   May 07 - 14:59 ls -l
      139   May 07 - 14:59 rpm -ivh postfix-2.3.3-2.i386.rpm
      140   May 07 - 14:59 rpm -ivh postfix-2.3.3-2.1.i386.rpm 
      141   May 07 - 15:00 service postfix stop
      142   May 07 - 15:00 yum remove postfix
      143   May 07 - 15:01 rpm -ivh postfix-2.3.3-2.1.i386.rpm 
      144   May 07 - 15:01 service postfix on
      145   May 07 - 15:01 service postfix start
     
    
    Thanks again for the help. There's nothing worse than someone who finds a new way to get it wrong!

    Cheers

    Rajiv
     
  4. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

  5. rdhir

    rdhir New Member

    ahh you mean burn it down and start again with the HowToForge guide, rather than the text guide?

    Is there any way of getting ISPconfig to reapply postfix configuration. I was wondering if I should try

    rpm -e postfix...
    yum install postfix
    - force reconfigure of postfix for ISPConfig

    Cheers

    Rajiv
     
  6. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    I'm not sure if this will work.
     
  7. rdhir

    rdhir New Member

    Sorry, did a reimage and a fresh install from the How To Forge 5.2/ISPConfig 3 and still no joy
    I checked maillog for errors earlier in the build, right after installing postfix and there were no such errors.


    /var/log/maillog looks like this

    Code:
    May 12 12:32:33 mayeul authdaemond: stopping authdaemond children
    May 12 12:32:33 mayeul authdaemond: modules="authmysql", daemons=5
    May 12 12:32:33 mayeul authdaemond: Installing libauthmysql
    May 12 12:32:33 mayeul authdaemond: Installation complete: authmysql
    May 12 12:35:01 mayeul pop3d: Connection, ip=[::ffff:127.0.0.1]
    May 12 12:35:01 mayeul pop3d: Disconnected, ip=[::ffff:127.0.0.1]
    May 12 12:35:01 mayeul imapd: Connection, ip=[::ffff:127.0.0.1]
    May 12 12:35:01 mayeul imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
    May 12 12:35:01 mayeul postfix/smtpd[12165]: warning: xsasl_cyrus_server_get_mechanism_list: no applicable SASL mechanisms
    May 12 12:35:01 mayeul postfix/smtpd[12165]: fatal: no SASL authentication mechanisms
    May 12 12:35:02 mayeul postfix/master[11870]: warning: process /usr/libexec/postfix/smtpd pid 12165 exit status 1
    May 12 12:35:02 mayeul postfix/master[11870]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
    May 12 12:38:38 mayeul sendmail[12295]: n4CGcc7R012295: from=apache, size=290, class=0, nrcpts=1, msgid=<200905121638.n4CGcc7R012295@server.totemspace.com>, relay=apache@localhost
    May 12 12:38:38 mayeul postfix/smtpd[12296]: warning: xsasl_cyrus_server_get_mechanism_list: no applicable SASL mechanisms
    May 12 12:38:38 mayeul postfix/smtpd[12296]: fatal: no SASL authentication mechanisms
    May 12 12:38:39 mayeul sendmail[12295]: n4CGcc7R012295: to=rajiv@dhirs.org.uk, ctladdr=apache (48/48), delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=30290, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection reset by [127.0.0.1]
    May 12 12:38:39 mayeul postfix/master[11870]: warning: process /usr/libexec/postfix/smtpd pid 12296 exit status 1
    May 12 12:38:39 mayeul postfix/master[11870]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttli
    
    I followed 5.2 exactly. The only variations were latest version of suphp, the 2.3.3-2.1 version of postfix to match CentOS 5.3, courier-imap 0.62.2

    Cheers

    Rajiv
     
  8. rdhir

    rdhir New Member

    FIXED FIXED FIXED :D

    Yaay.

    At the bottom of the thread, I suddenly noticed the bulletin board system listed a related thread which I'd missed on searching because it was in the general HOWTO and was for Centos 4.4...

    I think I was too specific when I searched

    and the thread is...

    http://howtoforge.com/forums/showthread.php?t=12844

    what I did was

    Code:
    yum install cyrus-sasl-plain
    service saslauthd stop
    service postfix stop
    service saslauthd start
    service postfix start
    
    Now receiving mail!!!!

    Perhaps you could modify the HowTo and make sure that
    cyrus-sasl-plain is included in section 11.

    Cheers

    Rajiv
     
: 5.3, centos, postfix, sasl

Share This Page