Sasl not installed??

Discussion in 'General' started by zicguy, Nov 10, 2012.

  1. zicguy

    zicguy Member

    Hi everyone,

    I have a debian squeeze / ispconfig 3 installation on my server. I actually have an issue on mail server and particularly with SASL. On mail log, I have the following:

    SASL LOGIN authentication failed

    I followed the main tutorial to my installation, but a strange thing, we never installed the "sasl2-bin" package. For example, I don't have any file "/etc/default/saslauth". I think that's why I get this error but not sure.

    Can you confirm me it is? and how do I install saslauth? Is there a precise configuration to do?

    Many thanks to all!
  2. falko

    falko Super Moderator ISPConfig Developer

    Which tutorial exactly (URL) did you follow?
  3. zicguy

    zicguy Member

    Last edited: Nov 11, 2012
  4. falko

    falko Super Moderator ISPConfig Developer

    Did you modify /etc/postfix/ somehow? Can you post it?

    On the Advanced tab on the email account settings you can select POP3S (port 995) and TLS for SMTP (port 25).
  5. zicguy

    zicguy Member

    I didn't modify as far as I know, just followed your (great :)) tutorial.
    Here you can find my /etc/postfix/

    # See /usr/share/postfix/ for a commented, more complete version

    # Debian specific: Specifying a file name will cause the first
    # line of that file to be used as the name. The Debian default
    # is /etc/mailname.
    #myorigin = /etc/mailname

    smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
    biff = no

    # appending .domain is the MUA's job.
    append_dot_mydomain = no

    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h

    readme_directory = /usr/share/doc/postfix

    # TLS parameters
    smtpd_tls_cert_file = /etc/postfix/smtpd.cert
    smtpd_tls_key_file = /etc/postfix/smtpd.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.

    myhostname =
    alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
    alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
    myorigin = /etc/mailname
    mydestination = localhost, localhost.localdomain
    relayhost =
    mynetworks = [::1]/128
    mailbox_command = procmail -a "$EXTENSION"
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    html_directory = /usr/share/doc/postfix/html
    virtual_alias_domains =
    virtual_alias_maps = proxy:mysql:/etc/postfix/, proxy:mysql:/etc/postfix/, hash:/var/lib/mailman/data/virtual-mailman
    virtual_mailbox_domains = proxy:mysql:/etc/postfix/
    virtual_mailbox_maps = proxy:mysql:/etc/postfix/
    virtual_mailbox_base = /var/vmail
    virtual_uid_maps = static:5000
    virtual_gid_maps = static:5000
    smtpd_sasl_auth_enable = yes
    broken_sasl_auth_clients = yes
    smtpd_sasl_authenticated_header = yes
    smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/, reject_unauth_destination
    smtpd_tls_security_level = may
    transport_maps = proxy:mysql:/etc/postfix/
    relay_domains = mysql:/etc/postfix/
    relay_recipient_maps = mysql:/etc/postfix/
    proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
    smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/
    smtpd_client_restrictions = check_client_access mysql:/etc/postfix/
    smtpd_client_message_rate_limit = 100
    maildrop_destination_concurrency_limit = 1
    maildrop_destination_recipient_limit = 1
    virtual_transport = dovecot
    header_checks = regexp:/etc/postfix/header_checks
    mime_header_checks = regexp:/etc/postfix/mime_header_checks
    nested_header_checks = regexp:/etc/postfix/nested_header_checks
    body_checks = regexp:/etc/postfix/body_checks
    owner_request_special = no
    dovecot_destination_recipient_limit = 1
    smtpd_sasl_type = dovecot
    smtpd_sasl_path = private/auth
    content_filter = amavis:[]:10024
    receive_override_options = no_address_mappings
    message_size_limit = 0

    Many thanks for your help!
  6. falko

    falko Super Moderator ISPConfig Developer

    Seems to be ok. Are there any other errors in your mail log?
  7. zicguy

    zicguy Member

    Maybe the following can help. Sometimes I also have (don't know if it's related or not):

    dovecot: imap-login: Aborted login (no auth attempts): rip=, lip=, TLS

    But sometimes I also have:

    dovecot: imap-login: Disconnected (no auth attempts): rip=, lip=, secured

    What do you think about that?
    Maybe, if you guide me, I can make a few test on Outlook?
    Last edited: Nov 13, 2012
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    These lines are from the system monitor, they are not related to your issue.
  9. zicguy

    zicguy Member

    Ok Till, thanks for your reply.
    I just tested a secured connection on Outlook with TLS, and it seems works fine. So, I don't understand why I had these errors in log files...I think it should works now.
    Just to understand, I used "courier" before "dovecot" (by following your tutorial on ubuntu). Courier used SSL for secured connection instead of TLS with Dovecot right?

    I'm not very fine with mail servers and I want to check if all is good.
    So, I have another question. I often have this kind of messages in warn.log:

    postfix/smtpd[15051]: warning: hostname verification failed: Name or service not known

    What does it means? Does the email sent to the address can fail?

    Many thanks to both of you :)
  10. till

    till Super Moderator Staff Member ISPConfig Developer

    TLS is SSL for imap connections,so courier and dovecot offer both the same encrypted and unencrypted connection methods to ecxernal mail clients.

    This means that this hostname does not exist. If you send something to a address that does not exist, it will never arrive there. Just like in real live :)
  11. zicguy

    zicguy Member

    Understood. I asked that cause with Outlook when you create an account it detects the server configuration, and since I used Dovecot detection fails on secured connection. But I can configure it manually... So, I think the problem is Outlook?

    So, it is not on my side, right? or can I do something to solve that?

Share This Page