Perfect Setup - Debian Squeeze - SASL

Discussion in 'Installation/Configuration' started by d-signet, Mar 9, 2012.

  1. d-signet

    d-signet New Member

    i've folllowed the 'perfect server' guide for debian squeeze.

    Server is fully up and running (great job) but I couldn't get the server to ask for authentication before sending. If i remember correctly from my old ISPCONFIG2 server - this is SASL's job?

    i re-read the guide and found that step 10 on page 4 ( http://www.howtoforge.com/perfect-server-debian-squeeze-with-bind-and-dovecot-ispconfig-3-p4 ) says :

    We can install Postfix, Dovecot, Saslauthd, MySQL, phpMyAdmin, rkhunter, and binutils with a single command:

    Code:
    apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server openssl getmail4 rkhunter binutils dovecot-imapd dovecot-pop3d sudo
    am i wrong, or is sasl not getting installed there?

    is it too late to install it now? or did it get done automatically without specifying it?

    if it's NOT getting installed, can i just do an apt-get at this late stage (server fully up and running) or will i need to do more configuration (presumably postfix needs be told to talk to it somehow, maybe the rest of the ispconfig system too?)

    alternatively - am i on totally the wrong track, can i just add a line to postfix configuration. It's been a while since i had to do any of this and my head is a little rusty :)
     
    Last edited: Mar 9, 2012
  2. till

    till Super Moderator

    ISPConfig 2 and 3 use a totally different mail setup. In the setup you used to install ISPCOnfig 3, smtp authentication is handled by dovecot and not sasl, so sasl must and may not be installed.

    If you have a problem with smtp authentication, then please post the exact error messages from the mail log file. A common error for users that used ispconfig 2 before is that they use a wrong username for email. In ISPConfig 3, the email username is the fulle email address and not just the part in front of the @ sign.
     
  3. d-signet

    d-signet New Member

    Thanks for your prompt reply

    I'm not getting an error ... i'm just not getting prompted for authentication.

    I telnetted into the machine and sent an email and postfix didn't ask for any username or password.
     
  4. till

    till Super Moderator

    Did you try to send to a internal or external domain name? SMTP auth is only required on a mailserver when you send a email to a domain that is not on the local server (e.g. to gmail). Email to local domains never need smtp auth (thats the case on ispconfig 2 and 3 and any other mailserver) as it would be impossible to send a email to alocal domain if it would require auth for that. Another option where smtp auth is not used is inside local networks that are defined in mynetworks in postfix main.cf file.
     
  5. d-signet

    d-signet New Member

    Ah, that explains a lot, sorry for being a numpty :)

    One more thing though, i have auth error on POP

    logs show the line :

    Code:
    dovecot: auth(default): userdb([my username],[my external ip address]): user not found from any userdbs
    any ideas where to start looking?
     
  6. till

    till Super Moderator

    Please post the line as it appears in the log and replace just the IP with e.g. 192.168.0.1 biut dont replace the username part, the way you replaced things in the error line makes it impossible to determine if you setup the mail client correctly :)
     
  7. d-signet

    d-signet New Member

    this server is going to replace an old ispconfig2 server - so in order to minimise disruption to clients i've manually enabled the login's for each account with the 'Allow custom login name' option

    each user has the old-style web[x]_[username] style of login.

    i've replaced the external ip address with : 99.99.99.99 - becuase there ARE some connections showing there from local networking (192.168 range addresses) and i wanted it to be clear which are external POP-retrieval connections.

    Code:
    Mar 9 10:52:06 alpha dovecot: pop3-login: Disconnected (no auth attempts): rip=99.99.99.99, lip=192.168.1.30
    Mar 9 10:52:15 alpha dovecot: pop3-login: Disconnected (no auth attempts): rip=99.99.99.99, lip=192.168.1.30
    Mar 9 10:52:54 alpha dovecot: auth(default): userdb(web1_jim,99.99.99.99): user not found from any userdbs
    Mar 9 10:52:54 alpha dovecot: pop3-login: Internal login failure (auth failed, 1 attempts): user=, method=PLAIN, rip=99.99.99.99, lip=192.168.1.30
    Mar 9 10:53:01 alpha dovecot: auth(default): userdb(web1_jim,99.99.99.99): user not found from any userdbs
    Mar 9 10:53:01 alpha dovecot: pop3-login: Internal login failure (auth failed, 1 attempts): user=, method=PLAIN, rip=99.99.99.99, lip=192.168.1.30
    Mar 9 10:53:15 alpha dovecot: auth(default): userdb(web1_jim,99.99.99.99): user not found from any userdbs
    Mar 9 10:53:15 alpha dovecot: pop3-login: Internal login failure (auth failed, 1 attempts): user=, method=PLAIN, rip=99.99.99.99, lip=192.168.1.30
    Mar 9 10:55:01 alpha dovecot: pop3-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
    Mar 9 10:55:01 alpha dovecot: imap-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
    Mar 9 10:55:02 alpha postfix/smtpd[32503]: connect from localhost.localdomain[127.0.0.1]
    Mar 9 10:55:02 alpha postfix/smtpd[32503]: lost connection after CONNECT from localhost.localdomain[127.0.0.1]
    Mar 9 10:55:02 alpha postfix/smtpd[32503]: disconnect from localhost.localdomain[127.0.0.1]
    Mar 9 11:00:02 alpha dovecot: pop3-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
    Mar 9 11:00:02 alpha dovecot: imap-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
    Mar 9 11:00:02 alpha postfix/smtpd[32584]: connect from localhost.localdomain[127.0.0.1]
    Mar 9 11:00:02 alpha postfix/smtpd[32584]: lost connection after CONNECT from localhost.localdomain[127.0.0.1]
    Mar 9 11:00:02 alpha postfix/smtpd[32584]: disconnect from localhost.localdomain[127.0.0.1]
    Mar 9 11:01:45 alpha dovecot: auth(default): userdb(web1_jim,99.99.99.99): user not found from any userdbs
    Mar 9 11:01:45 alpha dovecot: pop3-login: Internal login failure (auth failed, 1 attempts): user=, method=PLAIN, rip=99.99.99.99, lip=192.168.1.30
    Mar 9 11:01:52 alpha dovecot: auth(default): userdb(web1_jim,99.99.99.99): user not found from any userdbs
    Mar 9 11:01:52 alpha dovecot: pop3-login: Internal login failure (auth failed, 1 attempts): user=, method=PLAIN, rip=99.99.99.99, lip=192.168.1.30
    Mar 9 11:02:27 alpha dovecot: auth(default): userdb(web1_jim,99.99.99.99): user not found from any userdbs
    Mar 9 11:02:27 alpha dovecot: pop3-login: Internal login failure (auth failed, 1 attempts): user=, method=PLAIN, rip=99.99.99.99, lip=192.168.1.30
    Mar 9 11:02:38 alpha dovecot: auth(default): userdb(web1_jim,99.99.99.99): user not found from any userdbs
    Mar 9 11:02:38 alpha dovecot: pop3-login: Internal login failure (auth failed, 1 attempts): user=, method=PLAIN, rip=99.99.99.99, lip=192.168.1.30
    Mar 9 11:02:39 alpha dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=, method=PLAIN, rip=99.99.99.99, lip=192.168.1.30
    Mar 9 11:05:01 alpha dovecot: imap-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
    Mar 9 11:05:01 alpha dovecot: pop3-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
    
     
  8. till

    till Super Moderator

    Which ISPConfig version do you use?
    And please post the output of:

    grep web1_jim /etc/passwd

    and post the dovecot-sql.conf file (replace the oassword that is inside the file).
     
  9. d-signet

    d-signet New Member

    ispconfig v : 3.0.4.3

    grep web1_jim /etc/passwd shows nothing

    none of the email accounts have entries in there

    all of the dovecot-sql.conf file is commented out except :

    Code:
    driver = mysql
    connect = host=localhost dbname=dbispconfig user=ispconfig password=[redacted]
    default_pass_scheme = CRYPT
    
    password_query = SELECT password FROM mail_user WHERE login = '%u' AND disable%Ls = 'n'
    # user_query = SELECT email AS user, maildir AS home, CONCAT('*:storage=', quota , 'B') AS quota_rule FROM mai
    l_user WHERE login = '%u' AND disable%Ls = 'n'
    user_query = SELECT email as user, maildir as home, CONCAT('maildir:', maildir, '/Maildir') as mail, uid, gid,
     CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE emai
    l = '%u' AND disable%Ls = 'n'
    
     
  10. d-signet

    d-signet New Member

    i should probably add that the server was built yesterday - there have been no configuration changes or updates on the system other than those i've already mentioned. So everything installed should be most recent available.

    It's a fresh install from the 'perfect server' guide for debian squeeze.

    All i've altered from that guide is the usual ip address/username/password parts, checked the 'allow custom login' box, and added my domains and users.
     
  11. till

    till Super Moderator

    Pleasecange the line:

    Code:
    user_query = SELECT email as user, maildir as home, CONCAT('maildir:', maildir, '/Maildir') as mail, uid, gid,
     CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE emai
    l = '%u' AND disable%Ls = 'n'
    to:

    Code:
    user_query = SELECT login as user, maildir as home, CONCAT('maildir:', maildir, '/Maildir') as mail, uid, gid,
     CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE emai
    l = '%u' AND disable%Ls = 'n'
    and restart dovecot and try to login with pop again.
     
  12. d-signet

    d-signet New Member

    no luck, exactly the same error messages (rebooted the whole server too - just in case)

    Code:
    Mar 9 11:56:49 alpha postfix/master[2480]: daemon started -- version 2.7.1, configuration /etc/postfix
    Mar 9 12:00:03 alpha dovecot: pop3-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
    Mar 9 12:00:03 alpha dovecot: imap-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
    Mar 9 12:00:04 alpha postfix/smtpd[2559]: connect from localhost.localdomain[127.0.0.1]
    Mar 9 12:00:04 alpha postfix/smtpd[2559]: lost connection after CONNECT from localhost.localdomain[127.0.0.1]
    Mar 9 12:00:04 alpha postfix/smtpd[2559]: disconnect from localhost.localdomain[127.0.0.1]
    Mar 9 12:03:11 alpha dovecot: auth(default): userdb(web1_jim,99.99.99.99): user not found from any userdbs
    Mar 9 12:03:11 alpha dovecot: pop3-login: Internal login failure (auth failed, 1 attempts): user=, method=PLAIN, rip=99.99.99.99, lip=192.168.1.30
    Mar 9 12:03:28 alpha dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=, method=PLAIN, rip=99.99.99.99, lip=192.168.1.30
    Mar 9 12:03:48 alpha dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=, method=PLAIN, rip=99.99.99.99, lip=192.168.1.30
    Mar 9 12:03:49 alpha dovecot: auth(default): userdb(web1_jim,99.99.99.99): user not found from any userdbs
    Mar 9 12:03:49 alpha dovecot: pop3-login: Internal login failure (auth failed, 1 attempts): user=, method=PLAIN, rip=99.99.99.99, lip=192.168.1.30
    Mar 9 12:03:56 alpha dovecot: auth(default): userdb(web1_jim,99.99.99.99): user not found from any userdbs
    Mar 9 12:03:56 alpha dovecot: pop3-login: Internal login failure (auth failed, 1 attempts): user=, method=PLAIN, rip=99.99.99.99, lip=192.168.1.30
    Mar 9 12:05:01 alpha dovecot: pop3-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
    Mar 9 12:05:01 alpha dovecot: imap-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
     
  13. till

    till Super Moderator

    I made a mistake in the sql query, pleasetry this one:

    Code:
    user_query = SELECT email as user, maildir as home, CONCAT('maildir:', maildir, '/Maildir') as mail, uid, gid, CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE login = '%u' AND disable%Ls = 'n'
     
  14. d-signet

    d-signet New Member

    you are a god amongst men...that worked, thanks :)
     

Share This Page