Hello, I'm running postfix on FC14. Followed Falko's brilliant-as-always guide to do this. I setup 3 virtual users. I'll call them a@domain, b@domain, c@domain. I inserted them into the user table in that order, and used ENCRYPT command on the password field for all. I am using my cellphone to connect to the accounts. My phone managed to connect to both incoming (IMAP) and outgoing (SMTP, duh!) servers with a@domain's credentials. However, for b and c, it only authenticated the incoming, but responds saying User Authentication failed for outgoing. If I put a's credentials for outgoing, it works. This is also true in Thunderbird. I have to use a's credentials to login to SMTP. Maillog shows the following: Using b Code: Mar 22 23:44:21 server postfix/smtpd[6560]: warning: unknown[192.168.1.1]: SASL LOGIN authentication failed: authentication failure Using a Code: Mar 22 23:48:56 server postfix/qmgr[4119]: 2F8522C1F6F: from=<b@domain>, size=1113, nrcpt=1 (queue active) Mar 22 23:48:56 server postfix/smtpd[6584]: disconnect from unknown[127.0.0.1] Mar 22 23:48:56 server amavis[5490]: (05490-04) Passed CLEAN, MYNETS LOCAL [192.168.1.1] [192.168.1.1] <b@domain> -> <[email protected]>, Message-ID: <4D896D9A.9050503@domain>, mail_id: fPRia-+vwGsw, Hits: -1, size: 677, queued_as: 2F8522C1F6F, 6504 ms Mar 22 23:48:56 server postfix/smtp[6576]: A58952C03D6: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=6.6, delays=0.11/0.02/0.01/6.5, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=05490-04, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 2F8522C1F6F) Since a's credentials work, it would only follow that b and c should work, too; I can't see where there would be a config issue... what could be the problem?
That's strange. Do b and c's password contain any special characters? What's the output of Code: getenforce ?
Do you have the same problem for further users as well? Does it maybe have anything to do with the password length?
The password for user a is the same as the password for user c. Right now I really only have 3 users on my server. User b has a different password from a and c. Since a and c have the same password, however, I don't know why it would work for a and not c.
This is interesting, though. I turned on level2 debugging in authdaemonrc: Syslog Code: Mar 24 10:00:20 server saslauthd[1906]: do_auth : auth failure: [user=c] [service=smtp] [realm=domain] [mech=pam] [reason=PAM auth error] Maillog Code: Mar 24 10:06:34 server imapd-ssl: Connection, ip=[::ffff:174.252.166.49] Mar 24 10:06:35 server authdaemond: received auth request, service=imap, authtype=login Mar 24 10:06:35 server authdaemond: authmysql: trying this module Mar 24 10:06:35 server authdaemond: authmysqllib: connected. Versions: header 50155, client 50155, server 50155 Mar 24 10:06:35 server authdaemond: SQL query: SELECT email, password, "", 5000, 5000, "/home/vmail", CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/'), quota, "", "" FROM users WHERE email = 'c@domain' Mar 24 10:06:35 server authdaemond: password matches successfully Mar 24 10:06:35 server authdaemond: authmysql: sysusername=<null>, sysuserid=5000, sysgroupid=5000, homedir=/home/vmail, address=domain, fullname=<null>, maildir=domain/c/, quota=10485760, options=<null> Mar 24 10:06:35 server authdaemond: authmysql: clearpasswd=<null>, passwd=(shows encoded p/w as it appears in db) Mar 24 10:06:35 server authdaemond: Authenticated: sysusername=<null>, sysuserid=5000, sysgroupid=5000, homedir=/home/vmail, address=c@domain, fullname=<null>, maildir=domain/c/, quota=10485760, options=<null> Mar 24 10:06:35 server authdaemond: Authenticated: clearpasswd=(shows password in plain text), passwd=(shows p/w as it appears in p/w field of db) Mar 24 10:06:35 server imapd-ssl: LOGIN, user=c@domain, ip=[::ffff:174.252.166.49], port=[21857], protocol=IMAP Mar 24 10:14:14 server postfix/smtpd[9059]: timeout after AUTH from 49.sub-174-252-166.myvzw.com[174.252.166.49] Mar 24 10:14:14 server postfix/smtpd[9059]: warning: network_biopair_interop: error writing 37 bytes to the network: Connection reset by peer Mar 24 10:14:14 server postfix/smtpd[9059]: disconnect from 49.sub-174-252-166.myvzw.com[174.252.166.49] Mar 24 10:14:15 server postfix/smtpd[9059]: connect from 49.sub-174-252-166.myvzw.com[174.252.166.49] Mar 24 10:14:18 server postfix/smtpd[9059]: warning: SASL authentication failure: Password verification failed Mar 24 10:14:18 server postfix/smtpd[9059]: warning: 49.sub-174-252-166.myvzw.com[174.252.166.49]: SASL PLAIN authentication failed: authentication failure
NOW I'M MAD!! The server is not accepting connections from the outside for mail delivery... I can send to anyone, receive e-mails from user a>c, b>a, etc. But mails coming from say, Gmail, are not being processed and I can't find any logs that will let me know where the connection is dropping... I've tried it with firewall off, so it's not that.
Fixed the not receiving from outside... I forgot that I changed smtp in main.cf file to listen at port 465... guess what? Port 25 is still needed for mail exchange from outside world. I uncommented the smtps line in main.cf to allow port 465 connections. Reloaded postfix and now I can receive again. Now, if I could only get this authenctication thing figured out... I feel like I'm writing a novel here... lol