warning: SASL authentication failure: Password verification failed

Discussion in 'HOWTO-Related Questions' started by NoobOnTour, Feb 21, 2012.

  1. NoobOnTour

    NoobOnTour New Member

    Hello!

    First of: I know there are several threads with the exact same title, but none have worked for me so far...

    I installed postfix, dovecot, and procmail using this guide: http://www.howtoforge.com/setting-u...ver-the-somewhat-alternate-way-debian-squeezeHERE

    I updated some files, because I use dovecot 2.0 instead of the version 1.x that was used in the guide.

    Additionally I installed a browser based webmailer (roundcube). In roundcube everything works just fine.

    When I try to send mails via Thunderbird, however, I get errors sending. Receiving via imap is not a problem.

    I check the mail.log and got the above error:
    Code:
    warning: SASL authentication failure: Password verification failed
    warning: blabla.net[x.x.x.x]: SASL PLAIN authentication failed: authentication failure
    warning: blabla.net[x.x.x.x]: SASL PLAIN authentication failed: authentication failure
    I pretty much tried everything I could find on the internet, without success.

    I ran
    Code:
    telnet localhost 587
    and here is the output:
    Code:
    220 domain.tld ESMTP Postfix (Debian/GNU)
    ehlo me
    250-domain.tld
    250-PIPELINING
    250-SIZE 10240000
    250-VRFY
    250-ETRN
    250-STARTTLS
    250-AUTH PLAIN LOGIN
    250-AUTH=PLAIN LOGIN
    250-ENHANCEDSTATUSCODES
    250-8BITMIME
    250 DSN
    When I tried AUTH PLAIN <username+password in base64> I also get the password failure. Therefore I assume it's some problem with saslauthd. However I don't have a clue where the exact problem lies.

    My main.cf:

    Code:
      1 # See /usr/share/postfix/main.cf.dist for a commented, more complete version
      2 
      3 
      4 # Debian specific:  Specifying a file name will cause the first
      5 # line of that file to be used as the name.  The Debian default
      6 # is /etc/mailname.
      7 #myorigin = /etc/mailname
      8 
      9 smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
     10 biff = no
     11 
     12 # appending .domain is the MUA's job.
     13 append_dot_mydomain = no
     14 
     15 # Uncomment the next line to generate "delayed mail" warnings
     16 #delay_warning_time = 4h
     17 
     18 readme_directory = no
     19 
     20 # TLS parameters
     21 smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
     22 smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
     23 smtpd_use_tls = yes
     24 smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
     25 smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
     26 
     27 # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
     28 # information on enabling SSL in the smtp client.
     29 
     30 myhostname = domain.tld
     31 alias_maps = hash:/etc/aliases
     32 alias_database = hash:/etc/aliases
     33 mydestination = localdomain, localhost, localhost.localdomain, localhost, domain.tld
     34 mynetworks = 127.0.0.0/8, x.x.x.x
     35 mailbox_size_limit = 0
     36 recipient_delimiter = +
     37 inet_interfaces = all
     38 smtpd_sasl_local_domain = $myhostname
     39 smtpd_sasl_auth_enable = yes
     40 smtpd_sasl_security_options = noanonymous
     41 broken_sasl_auth_clients = yes
     42 smtpd_sasl_authenticated_header = yes
     43 smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
     44 smtpd_tls_auth_only = no
     45 smtp_use_tls = yes
     46 smtp_tls_note_starttls_offer = yes
     47 smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
     48 smtpd_tls_loglevel = 1
     49 smtpd_tls_received_header = yes
     50 smtpd_tls_session_cache_timeout = 3600s
     51 tls_random_source = dev:/dev/urandom
     52 myorigin = /etc/mailname
     53 relayhost =
     54 mailbox_command = /usr/bin/procmail -a "$EXTENSION" DEFAULT=$HOME/Maildir/ MAILDIR=$HOME/Maildir
     55 inet_protocols = all
     56 home_mailbox = Maildir/
     57 virtual_maps = hash:/etc/postfix/virtual
    
    My master.cf:

    Code:
      1 #
      2 # Postfix master process configuration file.  For details on the format
      3 # of the file, see the master(5) manual page (command: "man 5 master").
      4 #
      5 # Do not forget to execute "postfix reload" after editing this file.
      6 #
      7 # ==========================================================================
      8 # service type  private unpriv  chroot  wakeup  maxproc command + args
      9 #               (yes)   (yes)   (yes)   (never) (100)
     10 # ==========================================================================
     11 smtp      inet  n       -       -       -       -       smtpd
     12 587       inet  n       -       -       -       -       smtpd
     13 #submission inet n       -       -       -       -       smtpd
     14 #  -o smtpd_tls_security_level=encrypt
     15 #  -o smtpd_sasl_auth_enable=yes
     16 #  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
     17 #  -o milter_macro_daemon_name=ORIGINATING
     18 smtps   inet n   -   n   - - smtpd
     19       -o smtpd_sasl_auth_enable=yes
     20       -o smtpd_reject_unlisted_sender=yes
     21       -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
     22       -o broken_sasl_auth_clients=yes
     23 
     24 #smtps     inet  n       -       -       -       -       smtpd
     25 #  -o smtpd_tls_wrappermode=yes
     26 #  -o smtpd_sasl_auth_enable=yes
     27 #  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
     28 #  -o milter_macro_daemon_name=ORIGINATING
     29 #628       inet  n       -       -       -       -       qmqpd
     30 pickup    fifo  n       -       -       60      1       pickup
     31 cleanup   unix  n       -       -       -       0       cleanup
     32 qmgr      fifo  n       -       n       300     1       qmgr
     33 #qmgr     fifo  n       -       -       300     1       oqmgr
     34 tlsmgr    unix  -       -       -       1000?   1       tlsmgr
     35 rewrite   unix  -       -       -       -       -       trivial-rewrite
     36 bounce    unix  -       -       -       -       0       bounce
     37 defer     unix  -       -       -       -       0       bounce
     38 trace     unix  -       -       -       -       0       bounce
     39 verify    unix  -       -       -       -       1       verify
     40 flush     unix  n       -       -       1000?   0       flush
     41 proxymap  unix  -       -       n       -       -       proxymap
     42 proxywrite unix -       -       n       -       1       proxymap
     43 smtp      unix  -       -       -       -       -       smtp
     44 # When relaying mail as backup MX, disable fallback_relay to avoid MX loops
     45 relay     unix  -       -       -       -       -       smtp
     46         -o smtp_fallback_relay=
     47 #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
     48 showq     unix  n       -       -       -       -       showq
     49 error     unix  -       -       -       -       -       error
     50 retry     unix  -       -       -       -       -       error
     51 discard   unix  -       -       -       -       -       discard
     52 local     unix  -       n       n       -       -       local
     53 virtual   unix  -       n       n       -       -       virtual
     54 lmtp      unix  -       -       -       -       -       lmtp
     55 anvil     unix  -       -       -       -       1       anvil
     56 scache    unix  -       -       -       -       1       scache
     57 #
     58 # ====================================================================
     59 # Interfaces to non-Postfix software. Be sure to examine the manual
     60 # pages of the non-Postfix software to find out what options it wants.
     61 #
     62 # Many of the following services use the Postfix pipe(8) delivery
     63 # agent.  See the pipe(8) man page for information about ${recipient}
     64 # and other message envelope options.
     65 # ====================================================================
     66 #
     67 # maildrop. See the Postfix MAILDROP_README file for details.
     68 # Also specify in main.cf: maildrop_destination_recipient_limit=1
     69 #
     70 maildrop  unix  -       n       n       -       -       pipe
      flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
     72 #
     73 # ====================================================================
     74 #
     75 # Recent Cyrus versions can use the existing "lmtp" master.cf entry.
     76 #
     77 # Specify in cyrus.conf:
     78 #   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
     79 #
     80 # Specify in main.cf one or more of the following:
     81 #  mailbox_transport = lmtp:inet:localhost
     82 #  virtual_transport = lmtp:inet:localhost
     83 #
     84 # ====================================================================
     85 #
     86 # Cyrus 2.1.5 (Amos Gouaux)
     87 # Also specify in main.cf: cyrus_destination_recipient_limit=1
     88 #
     89 #cyrus     unix  -       n       n       -       -       pipe
     90 #  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
     91 #
     92 # ====================================================================
     93 # Old example of delivery via Cyrus.
     94 #
     95 #old-cyrus unix  -       n       n       -       -       pipe
     96 #  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
     97 #
     98 # ====================================================================
     99 #
    100 # See the Postfix UUCP_README file for configuration details.
    101 #
    102 uucp      unix  -       n       n       -       -       pipe
    103   flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
    104 #
    105 # Other external delivery methods.
    106 #
    107 ifmail    unix  -       n       n       -       -       pipe
    108   flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
    109 bsmtp     unix  -       n       n       -       -       pipe
    110   flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
    111 scalemail-backend unix  -       n       n       -       2       pipe
    112   flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
    113 mailman   unix  -       n       n       -       -       pipe
    114   flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
    115   ${nexthop} ${user}
    
    Do you need any more output?
    I would be extremely happy, if you could help me out here, because I am really lost...

    And I was wondering: Isn't the webmailer (roundcube) using the smtp port or how does it send the mails?

    Oh my Thunderbird smtp config:

    Code:
    Port: 587
    User Name: myusername (I tried with and without @domain.tld
    Authentication method: Normal Password
    Connection Security: STARTTLS
    EDIT: Forgot to mention: I am running Debian Wheezy with 'Linux 2.6.32-028stab094.3 x86_64' kernel

    Thanks in advance!
     
    Last edited: Feb 21, 2012
  2. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

  3. NoobOnTour

    NoobOnTour New Member

    @falko

    Thanks that you are taking on this problem.
    Before I start trying the guide you sent me: Are these the same error message?

    I just skimmed the guide.

    I mean, I don't get the "no mechanism available" error. I just said that password verification failed.

    Oh well, I just might well try it out...

    EDIT:
    Ok, I just tried and restarted all services (postfix, dovecot, sasauthd). I still get the same error.
     
    Last edited: Feb 21, 2012
  4. NoobOnTour

    NoobOnTour New Member

    Wow! It works!

    Anyone following that guide:

    There is an error on page two, step (5), when you setup postfix.

    In the guide is says
    Code:
    OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"
    I don't know what the parameter '-r' is for, but that's what ruined it for me. Removing that character and restarting sasauthld fixed everything.

    Great!

    Ubuntu guide helped me: https://help.ubuntu.com/community/Postfix

    Ok, you guys couldn't have found the error, because I didn't post my settings for sasauthld.
     

Share This Page