POSTFIX - SASL Authentication not working

Discussion in 'Installation/Configuration' started by corbinsiddall, May 3, 2009.

  1. corbinsiddall

    corbinsiddall New Member

    /etc/postfix/sasl/smtpd.conf
    Code:
    pwcheck_method: saslauthd
    mech_list: plain login
    allow_plaintext: true
    auxprop_plugin: mysql
    sql_hostnames: 127.0.0.1
    sql_user: ispconfig
    sql_passwd: xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    sql_database: dbispconfig
    sql_select: select password from mail_user where email = '%u'
    /etc/default/saslauthd
    Code:
    START=yes
    DESC="SASL Authentication Daemon"
    NAME="saslauthd"
    MECHANISMS="sasldb"
    MECH_OPTIONS=""
    THREADS=5
    OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"
    /etc/postfix/main.cf
    Code:
    smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
    biff = no
    append_dot_mydomain = no
    readme_directory = no
    smtpd_tls_cert_file = /etc/postfix/ssl/myhost.crt
    smtpd_tls_key_file = /etc/postfix/ssl/myhost.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    myhostname = myhost.mydomain.net
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = /etc/mailname
    mydestination = myhost.mydomain.net, localhost.example.com, localhost.localdomain, localhost
    relayhost =
    mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
    mailbox_command = procmail -a "$EXTENSION"
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = all
    smtpd_sasl_local_domain =
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_sasl_authenticated_header = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    smtpd_tls_auth_only = no
    smtp_use_tls = yes
    smtp_tls_note_starttls_offer = yes
    smtpd_tls_CAfile = /etc/postfix/ssl/gd_bundle.crt
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom
    tail -f /var/log/mail.warn
    Code:
    May  3 09:05:02 myhost postfix/smtpd[28175]: warning: ::1: address not listed for hostname localhost
    May  3 09:09:26 myhost postfix/smtpd[28457]: warning: SASL authentication failure: Password verification failed
    May  3 09:09:26 myhost postfix/smtpd[28457]: warning: IPADDR.client.mchsi.com[IPADDR]: SASL PLAIN authentication failed: authentication failure
    May  3 09:09:26 myhost postfix/smtpd[28457]: warning: IPADDR.client.mchsi.com[IPADDR]: SASL LOGIN authentication failed: authentication failure
    May  3 09:09:29 myhostpostfix/smtpd[28457]: warning: SASL authentication failure: Password verification failed
    May  3 09:09:29 myhost postfix/smtpd[28457]: warning: IPADDR.client.mchsi.com[IPADDR]: SASL PLAIN authentication failed: authentication failure
    May  3 09:09:29 myhost postfix/smtpd[28457]: warning: IPADDR.client.mchsi.com[IPADDR]: SASL LOGIN authentication failed: authentication failure
    May  3 09:10:02 myhost postfix/smtpd[28457]: warning: ::1: address not listed for hostname localhost
    May  3 09:15:02 myhost postfix/smtpd[28818]: warning: ::1: address not listed for hostname localhost
    May  3 09:20:03 myhost postfix/smtpd[29089]: warning: ::1: address not listed for hostname localhost
    telnet localhost 25
    Code:
    Connected to localhost.
    Escape character is '^]'.
    220 myhost.mydomain.net ESMTP Postfix (Ubuntu)
    ehlo localhost
    250-myhost.mydomain.net
    250-PIPELINING
    250-SIZE 10240000
    250-VRFY
    250-ETRN
    250-STARTTLS
    250-AUTH LOGIN PLAIN
    250-AUTH=LOGIN PLAIN
    250-ENHANCEDSTATUSCODES
    250-8BITMIME
    250 DSN
    The users do have access to IMAP SSL and can recieve email just fine. Problem is just securly sending mail. It seems that I have tried everything, do you have any thoughts as to what I have missed?
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Which ISPConfig version?
    Which Linux distribution and version?
     
  3. baskin

    baskin New Member

    I resurrect this thread because i have the same issue, after upgrading an old opensuse 11.1 server to opensuse 11.2 (i have to upgraded it again i know but for the time being its ok).

    Everything works fine. Only smtp authentication stopped working.

    I have noticed that my /etc/sasl2/smtpd.conf has only these line:

    Code:
    pwcheck_method: saslauthd
    mech_list: plain login
    And i'm getting this on logs when i try to send email from a client machine:

    Code:
    connect from unknown[10.215.14.98]
    Aug 23 20:14:54 aragorn postfix/smtpd[20727]: warning: SASL authentication failure: Password verification failed
    Aug 23 20:14:54 aragorn postfix/smtpd[20727]: warning: unknown[10.215.14.98]: SASL PLAIN authentication failed: authentication failure
    Aug 23 20:14:54 aragorn postfix/smtpd[20727]: warning: unknown[10.215.14.98]: SASL LOGIN authentication failed: authentication failure
    Email from webmail is working.

    My Ispconfig is 3.0.4.6.

    Thank you in advance.
     
  4. baskin

    baskin New Member

    Found it!!!

    pam_mysql was missing from opensuse 11.2. I had to built it from source as stated on the how to.
     

Share This Page