Perfect Setup Ubuntu Feisty Fawn 7.04 - Problem to login with IMAP and POP3 (failed)

Discussion in 'HOWTO-Related Questions' started by gbo, Apr 8, 2008.

  1. gbo

    gbo New Member

    Hello,

    First I want to thank you for your site that I consult very often and that is really of great help.

    I installed a server in following The Perfect Setup - Ubuntu Feisty Fawn (Ubuntu 7.04) + ISPconfig + Roundcube. But I currently have a problem, I can't login with either POP3 or IMAP4, server responds but then rejects my password

    /etc/postfix/main.cf

    # See /usr/share/postfix/main.cf.dist for a commented, more complete version
    # Debian specific: Specifying a file name will cause the first
    # line of that file to be used as the name. The Debian default
    # is /etc/mailname.
    #myorigin = /etc/mailname

    smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
    biff = no

    # appending .domain is the MUA's job.
    append_dot_mydomain = no

    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h
    # TLS parameters
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.

    myhostname = keros.fontismedia.com
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = /etc/mailname
    #mydestination = keros.fontismedia.com, localhost.fontismedia.com, , localhost
    relayhost =
    mynetworks = 127.0.0.0/8
    mailbox_command = procmail -a "$EXTENSION"
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = all
    smtpd_sasl_local_domain =
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    smtpd_tls_auth_only = no
    smtp_use_tls = yes
    smtp_tls_note_starttls_offer = yes
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom
    #home_mailbox = Maildir/

    virtual_maps = hash:/etc/postfix/virtusertable
    mydestination = keros.fontismedia.com,localhost.fontismedia.com,localhost.localdomain,localhost


    /var/log/mail.log

    Apr 7 23:41:30 keros imapd: LOGIN FAILED, user=web2_gbourgeo, ip=[::ffff:127.0.0.1]
    Apr 7 23:45:44 keros imapd: Connection, ip=[::ffff:127.0.0.1]
    Apr 7 23:45:51 keros imapd: LOGIN FAILED, user=web2_gbourgeo, ip=[::ffff:127.0.0.1]
    Apr 7 23:46:47 keros imapd: Connection, ip=[::ffff:127.0.0.1]
    Apr 7 23:47:11 keros imapd: LOGIN FAILED, user=web1_gbourgeo, ip=[::ffff:127.0.0.1]


    root@keros:/etc/courier# ll /etc/postfix/ssl/
    total 20
    -rw-r--r-- 1 root root 997 2008-04-07 22:50 cacert.pem
    -rw-r--r-- 1 root root 963 2008-04-07 22:50 cakey.pem
    -rw-r--r-- 1 root root 1001 2008-04-07 22:48 smtpd.crt
    -rw-r--r-- 1 root root 729 2008-03-31 15:55 smtpd.csr
    -rw-r--r-- 1 root root 887 2008-04-07 22:49 smtpd.key


    telnet localhost imap
    Trying 127.0.0.1...
    Connected to localhost.localdomain.
    Escape character is '^]'.
    * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2005 Double Precision, Inc. See COPYING for distribution information.
    AB LOGIN "user" "password"
    AB NO Login failed.


    cat /etc/courier/authdaemonrc
    ##VERSION: $Id: authdaemonrc.in,v 1.13 2005/10/05 00:07:32 mrsam Exp $
    #
    # Copyright 2000-2005 Double Precision, Inc. See COPYING for
    # distribution information.
    #
    # authdaemonrc created from authdaemonrc.dist by sysconftool
    #
    # Do not alter lines that begin with ##, they are used when upgrading
    # this configuration.
    #
    # This file configures authdaemond, the resident authentication daemon.
    #
    # Comments in this file are ignored. Although this file is intended to
    # be sourced as a shell script, authdaemond parses it manually, so
    # the acceptable syntax is a bit limited. Multiline variable contents,
    # with the \ continuation character, are not allowed. Everything must
    # fit on one line. Do not use any additional whitespace for indentation,
    # or anything else.

    ##NAME: authmodulelist:2
    #
    # The authentication modules that are linked into authdaemond. The
    # default list is installed. You may selectively disable modules simply
    # by removing them from the following list. The available modules you
    # can use are: authuserdb authpam authpgsql authldap authmysql authcustom authpipe

    #ADD BY GBO 04 avr. 2008 03:42
    authmodulelist="authpam"
    #authmodulelist=""
    #authmodulelist="authvchkpw"

    ##NAME: authmodulelistorig:3
    #
    # This setting is used by Courier's webadmin module, and should be left
    # alone

    authmodulelistorig="authuserdb authpam authpgsql authldap authmysql authcustom authpipe"

    ##NAME: daemons:0
    #
    # The number of daemon processes that are started. authdaemon is typically
    # installed where authentication modules are relatively expensive: such
    # as authldap, or authmysql, so it's better to have a number of them running.
    # PLEASE NOTE: Some platforms may experience a problem if there's more than
    # one daemon. Specifically, SystemV derived platforms that use TLI with
    # socket emulation. I'm suspicious of TLI's ability to handle multiple
    # processes accepting connections on the same filesystem domain socket.
    #
    # You may need to increase daemons if as your system load increases. Symptoms
    # include sporadic authentication failures. If you start getting
    # authentication failures, increase daemons. However, the default of 5
    # SHOULD be sufficient. Bumping up daemon count is only a short-term
    # solution. The permanent solution is to add more resources: RAM, faster
    # disks, faster CPUs...

    daemons=5

    ##NAME: authdaemonvar:2
    #
    # authdaemonvar is here, but is not used directly by authdaemond. It's
    # used by various configuration and build scripts, so don't touch it!

    authdaemonvar=/var/run/courier/authdaemon

    ##NAME: DEBUG_LOGIN:0
    #
    # Dump additional diagnostics to syslog
    #
    # DEBUG_LOGIN=0 - turn off debugging
    # DEBUG_LOGIN=1 - turn on debugging
    # DEBUG_LOGIN=2 - turn on debugging + log passwords too
    #
    # ** YES ** - DEBUG_LOGIN=2 places passwords into syslog.
    #
    # Note that most information is sent to syslog at level 'debug', so
    # you may need to modify your /etc/syslog.conf to be able to see it.

    DEBUG_LOGIN=0

    ##NAME: DEFAULTOPTIONS:0
    #
    # A comma-separated list of option=value pairs. Each option is applied
    # to an account if the account does not have its own specific value for
    # that option. So for example, you can set
    # DEFAULTOPTIONS="disablewebmail=1,disableimap=1"
    # and then enable webmail and/or imap on individual accounts by setting
    # disablewebmail=0 and/or disableimap=0 on the account.

    DEFAULTOPTIONS=""

    ##NAME: LOGGEROPTS:0
    #
    # courierlogger(1) options, e.g. to set syslog facility
    #

    LOGGEROPTS=""

    ##NAME: LDAP_TLS_OPTIONS:0
    #
    # Options documented in ldap.conf(5) can be set here, prefixed with 'LDAP'.
    # Examples:
    #
    #LDAPTLS_CACERT=/path/to/cacert.pem
    #LDAPTLS_REQCERT=demand
    #LDAPTLS_CERT=/path/to/clientcert.pem
    #LDAPTLS_KEY=/path/to/clientkey.pem

    I am able to send and receive emails using UNIX 'mail' application for example.

    I suspect something wrong with the authentication modules but I have no clue what I can try

    Thanks for any suggestions

    Gil
     
  2. gbo

    gbo New Member

    I tried to find a solution all the day without success, I reinstalled all the part with imap and pop in following the tuto but still get the same result. The worst of this story is that it was working a few days ago.

    Has someone a clue about what could cause (POP and IMAP failed to login), because I am able to login with the username password with shell access.

    Could this file be responsible of that

    /etc/default/saslauthd ?


    Thanks for future answers

    Gil
     
  3. falko

    falko Super Moderator ISPConfig Developer

    No, that has nothing to do with Courier. Usually Courier is working out of the box. Did you modify any of the Courier configuration files?
     
  4. gbo

    gbo New Member

    Thanks Falko for the answer, at long last I succeeded to make it works.

    I remove all courier stuff

    apt-get remove courier-authdaemon courier-base courier-imap courier-imap-ssl courier-pop courier-pop-ssl courier-ssl gamin libgamin0 libglib2.0-0

    I check if some entries were still existing
    updatedb
    locate courier-imap

    and deleted all the entries manually, and reinstall with

    apt-get install courier-authdaemon courier-base courier-imap courier-imap-ssl courier-pop courier-pop-ssl courier-ssl gamin libgamin0 libglib2.0-0

    but some files were missing in
    /etc/init.d/

    and

    /etc/courier

    so I took them from another server and after that it was still necessary to reboot the server.

    I don't know what was wrong but everything is working again.

    Gil
     

Share This Page