Virtual Users And Domains With Postfix, Courier And MySQL (Ubuntu 7.10) - Page 3

6 Configure Saslauthd

First run

mkdir -p /var/spool/postfix/var/run/saslauthd

Then edit /etc/default/saslauthd. Set START to yes and change the line OPTIONS="-c" to OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r":

vi /etc/default/saslauthd

# Settings for saslauthd daemon

# Should saslauthd run automatically on startup? (default: no)

# Which authentication mechanisms should saslauthd use? (default: pam)
# Available options in this Debian package:
# getpwent  -- use the getpwent() library function
# kerberos5 -- use Kerberos 5
# pam       -- use PAM
# rimap     -- use a remote IMAP server
# shadow    -- use the local shadow password file
# sasldb    -- use the local sasldb database file
# ldap      -- use LDAP (configuration is in /etc/saslauthd.conf)
# Only one option may be used at a time. See the saslauthd man page
# for more information.
# Example: MECHANISMS="pam"

# Additional options for this mechanism. (default: none)
# See the saslauthd man page for information about mech-specific options.

# How many saslauthd processes should we run? (default: 5)
# A value of 0 will fork a new process for each connection.

# Other options (default: -c)
# See the saslauthd man page for information about these options.
# Example for postfix users: "-c -m /var/spool/postfix/var/run/saslauthd"
# Note: See /usr/share/doc/sasl2-bin/README.Debian
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"

Then create the file /etc/pam.d/smtp. It should contain only the following two lines (go sure to fill in your correct database details):

vi /etc/pam.d/smtp

auth    required user=mail_admin passwd=mail_admin_password host= db=mail table=users usercolumn=email passwdcolumn=password crypt=1
account sufficient user=mail_admin passwd=mail_admin_password host= db=mail table=users usercolumn=email passwdcolumn=password crypt=1

Next create the file /etc/postfix/sasl/smtpd.conf. It should look like this:

vi /etc/postfix/sasl/smtpd.conf

pwcheck_method: saslauthd
mech_list: plain login
allow_plaintext: true
auxprop_plugin: mysql
sql_user: mail_admin
sql_passwd: mail_admin_password
sql_database: mail
sql_select: select password from users where email = '%u'

Then restart Postfix and Saslauthd:

/etc/init.d/postfix restart
/etc/init.d/saslauthd restart


7 Configure Courier

Now we have to tell Courier that it should authenticate against our MySQL database. First, edit /etc/courier/authdaemonrc and change the value of authmodulelist so that it reads:

vi /etc/courier/authdaemonrc


Then make a backup of /etc/courier/authmysqlrc and empty the old file:

cp /etc/courier/authmysqlrc /etc/courier/authmysqlrc_orig
cat /dev/null > /etc/courier/authmysqlrc

Then open /etc/courier/authmysqlrc and put the following lines into it:

vi /etc/courier/authmysqlrc

MYSQL_SERVER localhost
MYSQL_PASSWORD mail_admin_password
MYSQL_HOME_FIELD "/home/vmail"

Then restart Courier:

/etc/init.d/courier-authdaemon restart
/etc/init.d/courier-imap restart
/etc/init.d/courier-imap-ssl restart
/etc/init.d/courier-pop restart
/etc/init.d/courier-pop-ssl restart

By running

telnet localhost pop3

you can see if your POP3 server is working correctly. It should give back +OK Hello there. (Type quit to get back to the Linux shell.)

root@server1:/etc/postfix# telnet localhost pop3
Connected to localhost.localdomain.
Escape character is '^]'.
+OK Hello there.
+OK Better luck next time.
Connection closed by foreign host.


8 Modify /etc/aliases

Now we should open /etc/aliases. Make sure that postmaster points to root and root to your own username or your email address, e.g. like this:

vi /etc/aliases

postmaster: root
root: postmaster@yourdomain.tld

or like this (if administrator is your own username):

postmaster: root
root:   administrator

Whenever you modify /etc/aliases, you must run


afterwards and restart Postfix:

/etc/init.d/postfix restart

Share this page:

5 Comment(s)

Add comment


From: Miquel at: 2008-12-17 10:33:26

You should correct it if you wish that your email quotas work properly.

In Postfix configuration file you should replace




If you don't do it, maildirsize files won't be created and Courier-Imap won't be able to check email quotas.

Thanks for this great HowTo!




From: at: 2008-03-18 15:48:16

If you include your hostname in the domains table, you should use this as the first postconf setting above for mydestination:

postconf -e 'mydestination = localhost, localhost.localdomain'

In other words, if your is, do not include in that list for mydestination if it is in the domains table, otherwise /var/log/mail.warn will give you lines like this, and email to will get bounced:

warning: do not list domain in BOTH mydestination and virtual_mailbox_domains

Otherwise, I followed this tutorial line-by-line and it works perfectly on Ubuntu 7.10 - nice work! 

From: at: 2008-01-26 16:55:33


Great Howto, thank you very much for your work.

Just a comment: you don't need to set sql parameters and mysql as auxprop_plugin in /etc/postfix/sasl/smtpd.conf as you intend to use PAM for authentication.

The following /etc/postfix/sasl/smtpd.conf should suffice:

pwcheck_method: saslauthd
mech_list: plain login
allow_plaintext: true

This way, plain PAM will be used, with the options you set in /etc/pam.d/smtpd. Indeed, you don't even need to install libsasl2-modules-sql package (but you still do need libpam-mysql, of course).

Best regards,

Alberto Caso

From: at: 2008-05-01 06:58:34

on my 7.10 box i need to use 0 0 * * * root /usr/local/sbin/quota_notify &> /dev/null (note the username) or cron fails, HTH D

From: at: 2008-05-22 12:43:54

After spending quite a few hours debugging what a friend had done when following your excellent tutorial, I had a problem with loopbacks:

[QUOTE]May 22 12:34:34 odin postfix/smtp[8486]: 7499E215021A: to=<davie@*****.***>, relay=none, delay=0.06, delays=0.05/0.01/0/0, dsn=5.4.6, status=bounced (mail for localhost loops back to myself)[/QUOTE]

The problem was a result of him adding an entry in the transport table that resolved to the local machine:

[QUOTE]INSERT INTO `transport` (`domain`, `transport`) VALUES ('', '');[/QUOTE]

It might be worthwhile inserting a little note around this point to stop other people having the problem.

Thanks again for the tutorial.