Good day and thank you in advance for taking the time to read and help me with this. I'm kinda new with Postfix and dovecot SASL auth and having an issue sending. Running ISPConfig 3.0.5.3 on CentOS 6.4. Server name : cartman.hostinpowers.com I am unable to send through php mail()or shell mail command because I get authentication errors (in maillogs). Probably normal because I don't use an authenticated user (including shell : [email protected]). How can I allow [email protected] and [email protected] to send? I don't want to ask my customers to authenticate with Base64 logins when sending from vBulletin, Magento… Or me as root on local server. I tried smtpd_use_TLS=no and didn't work? ran : postconf -e mynetworks=127.0.0.1 (or private sending IP with no success) restart Postfix and still have many errors Nov 22 12:35:40 cartman postfix/master[7218]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling Nov 22 12:35:40 cartman amavis[6974]: (06974-03) (!)FWD from <[email protected]> -> <[email protected]>, 451 4.5.0 From MTA() during fwd-connect (No greeting, dt: 11.046 s): id=06974-03 Nov 22 12:35:40 cartman amavis[6974]: (06974-03) Blocked MTA-BLOCKED {TempFailedOpenRelay}, <[email protected]> -> <[email protected]>, Message-ID: <[email protected]>, mail_id: 5cQWqaR6wHEi, Hits: 1.201, size: 697, 11368 ms Nov 22 12:35:40 cartman postfix/master[7218]: warning: process /usr/libexec/postfix/smtpd pid 7235 exit status 1 Nov 22 12:35:40 cartman amavis[7162]: (07162-01) (!)FWD from <[email protected]> -> <[email protected]>, 451 4.5.0 From MTA() during fwd-connect (No greeting, dt: 11.026 s): id=07162-01 Nov 22 12:35:40 cartman amavis[7162]: (07162-01) Blocked MTA-BLOCKED {TempFailedOpenRelay}, <[email protected]> -> <[email protected]>, Message-ID: <[email protected]>, mail_id: xJ4Kixtch21o, Hits: -0.001, size: 393, 11409 ms Nov 22 12:35:40 cartman postfix/smtp[7222]: AF31E12E0B42: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=193336, delays=193325/0.04/0.01/11, dsn=4.5.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 id=06974-03 - Temporary MTA failure on relaying, From MTA() during fwd-connect (No greeting, dt: 11.046 s): id=06974-03 (in reply to end of DATA command)) Nov 22 12:35:40 cartman postfix/smtp[7224]: AB51012E0B48: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=48097, delays=48086/0.05/0.02/11, dsn=4.5.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 id=07162-01 - Temporary MTA failure on relaying, From MTA() during fwd-connect (No greeting, dt: 11.026 s): id=07162-01 (in reply to end of DATA command)) Nov 22 12:35:53 cartman dovecot: pop3-login: Error: Timeout waiting for handshake from auth server. my pid=7099, input bytes=0 Nov 22 12:35:53 cartman dovecot: pop3-login: Error: Timeout waiting for handshake from auth server. my pid=7074, input bytes=0 Nov 22 12:35:53 cartman dovecot: pop3-login: Error: Timeout waiting for handshake from auth server. my pid=6900, input bytes=0 $ postconf -n |more <pre> alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases body_checks = regexp:/etc/postfix/body_checks broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = amavis:[127.0.0.1]:10024 daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 header_checks = regexp:/etc/postfix/header_checks html_directory = no inet_interfaces = all inet_protocols = all mail_owner = postfix mailbox_size_limit = 0 mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 0 mime_header_checks = regexp:/etc/postfix/mime_header_checks mydestination = cartman.hostinpowers.com, localhost, localhost.localdomain myhostname = cartman.hostinpowers.com mynetworks = 127.0.0.1 nested_header_checks = regexp:/etc/postfix/nested_header_checks newaliases_path = /usr/bin/newaliases.postfix proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_m aps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES receive_override_options = no_address_mappings relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf relayhost = sample_directory = /usr/share/doc/postfix-2.6.6/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_client_message_rate_limit = 100 smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf smtpd_tls_cert_file = /etc/postfix/smtpd.cert smtpd_tls_key_file = /etc/postfix/smtpd.key smtpd_tls_security_level = may smtpd_use_tls = yes transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf unknown_local_recipient_reject_code = 550 virtual_alias_domains = virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf virtual_gid_maps = static:5000 virtual_mailbox_base = /var/vmail virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf virtual_transport = dovecot virtual_uid_maps = static:5000 </pre> /var/log/maillog <pre> Nov 22 13:12:01 cartman postfix/smtp[9208]: 85CC812E0E01: to=<[email protected]>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10024, conn_use=3, delay=397904, delays=397792/76/0/35, dsn=4.5.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 id=08795-04-3 - Temporary MTA failure on relaying, From MTA() during fwd-connect (No greeting, dt: 35.036 s): id=08795-04-3 (in reply to end of DATA command)) Nov 22 13:12:01 cartman dovecot: imap-login: Disconnected (no auth attempts): rip=::1, lip=::1, secured Nov 22 13:12:01 cartman postfix/smtpd[9283]: connect from localhost.localdomain[::1] Nov 22 13:12:01 cartman dovecot: pop3-login: Disconnected: Inactivity (no auth attempts): rip=::1, lip=::1, secured Nov 22 13:12:07 cartman postfix/smtpd[9263]: fatal: no SASL authentication mechanisms Nov 22 13:12:08 cartman postfix/master[8979]: warning: process /usr/libexec/postfix/smtpd pid 9263 exit status 1 Nov 22 13:12:08 cartman postfix/master[8979]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling Nov 22 13:12:11 cartman postfix/smtpd[9283]: fatal: no SASL authentication mechanisms Nov 22 13:12:12 cartman postfix/master[8979]: warning: process /usr/libexec/postfix/smtpd pid 9283 exit status 1 Nov 22 13:12:24 cartman dovecot: auth: Error: Can't open configuration file /etc/dovecot-sql.conf: No such file or directory Nov 22 13:12:24 cartman dovecot: log: Error: service(auth): child 9287 returned error 89 (Fatal failure) Nov 22 13:12:24 cartman dovecot: master: Error: service(auth): command startup failed, throttling Nov 22 13:12:24 cartman dovecot: pop3-login: Error: Timeout waiting for handshake from auth server. my pid=9252, input bytes=0 Nov 22 13:12:25 cartman postfix/smtpd[9288]: connect from unknown[127.0.0.1] Nov 22 13:12:25 cartman postfix/smtpd[9290]: connect from unknown[127.0.0.1] Nov 22 13:12:25 cartman postfix/smtpd[9291]: connect from unknown[127.0.0.1] Nov 22 13:12:25 cartman postfix/smtpd[9292]: connect from unknown[127.0.0.1] Nov 22 13:12:35 cartman postfix/smtpd[9288]: fatal: no SASL authentication mechanisms Nov 22 13:12:35 cartman postfix/smtpd[9290]: fatal: no SASL authentication mechanisms Nov 22 13:12:35 cartman postfix/smtpd[9291]: fatal: no SASL authentication mechanisms Nov 22 13:12:35 cartman postfix/smtpd[9292]: fatal: no SASL authentication mechanisms Nov 22 13:12:36 cartman postfix/master[8979]: warning: process /usr/libexec/postfix/smtpd pid 9288 exit status 1 Nov 22 13:12:36 cartman postfix/master[8979]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling Nov 22 13:12:36 cartman postfix/master[8979]: warning: process /usr/libexec/postfix/smtpd pid 9290 exit status 1 Nov 22 13:12:36 cartman postfix/master[8979]: warning: process /usr/libexec/postfix/smtpd pid 9291 exit status 1 Nov 22 13:12:36 cartman amavis[9092]: (09092-02-4) (!)FWD from <[email protected]> -> <[email protected]>, 451 4.5.0 From MTA() during fwd-connect (No greeting, dt: 35.019 s): id=09092-02-4 Nov 22 13:12:36 cartman amavis[9092]: (09092-02-4) Blocked MTA-BLOCKED {TempFailedInbound}, <[email protected]> -> <[email protected]>, Message-ID: <[email protected]>, mail_id: XyVpsDcO596x, Hits: -0.001, size: 524, 35527 ms Nov 22 13:12:36 cartman postfix/master[8979]: warning: process /usr/libexec/postfix/smtpd pid 9292 exit status 1 Nov 22 13:12:36 cartman amavis[8795]: (08795-04-4) (!)FWD from <[email protected]> -> <[email protected]>, 451 4.5.0 From MTA() during fwd-connect (No greeting, dt: 35.012 s): id=08795-04-4 Nov 22 13:12:36 cartman amavis[8795]: (08795-04-4) Blocked MTA-BLOCKED {TempFailedInbound}, <[email protected]> -> <[email protected]>, Message-ID: <[email protected]>, mail_id: rI70bWaTcyQa, Hits: -0.001, size: 527, 35463 ms Nov 22 13:12:36 cartman postfix/smtp[9206]: 5A23D12E09C6: to=<[email protected]>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10024, conn_use=4, delay=386353, delays=386207/111/0/36, dsn=4.5.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 id=09092-02-4 - Temporary MTA failure on relaying, From MTA() during fwd-connect (No greeting, dt: 35.019 s): id=09092-02-4 (in reply to end of DATA command)) Nov 22 13:12:36 cartman postfix/smtp[9208]: 3822D12E0DF4: to=<[email protected]>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10024, conn_use=4, delay=402617, delays=402470/111/0/35, dsn=4.5.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 id=08795-04-4 - Temporary MTA failure on relaying, From MTA() during fwd-connect (No greeting, dt: 35.012 s): id=08795-04-4 (in reply to end of DATA command)) Nov 22 13:12:54 cartman dovecot: pop3-login: Error: Timeout waiting for handshake from auth server. my pid=9284, input bytes=0 Nov 22 13:12:54 cartman dovecot: pop3-login: Error: Timeout waiting for handshake from auth server. my pid=9252, input bytes=0 Nov 22 13:12:54 cartman dovecot: pop3-login: Error: Timeout waiting for handshake from auth server. my pid=9182, input bytes=0 Nov 22 13:12:54 cartman dovecot: pop3-login: Error: Timeout waiting for handshake from auth server. my pid=9162, input bytes=0 Nov 22 13:13:01 cartman dovecot: imap-login: Disconnected (no auth attempts): rip=::1, lip=::1, secured Nov 22 13:13:02 cartman dovecot: pop3-login: Disconnected: Inactivity (no auth attempts): rip=::1, lip=::1, secured Nov 22 13:13:02 cartman dovecot: pop3-login: Disconnected: Inactivity (no auth attempts): rip=::1, lip=::1, secured </pre> Thanks once again, JP
I see throughout the forum that people send the master.cf file: # # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master"). # # Do not forget to execute "postfix reload" after editing this file. # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - n - - smtpd #submission inet n - n - - smtpd # -o smtpd_tls_security_level=encrypt # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING #smtps inet n - n - - smtpd # -o smtpd_tls_wrappermode=yes # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING #628 inet n - n - - qmqpd pickup fifo n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - n 300 1 oqmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - n - - smtp # When relaying mail as backup MX, disable fallback_relay to avoid MX loops relay unix - - n - - smtp -o smtp_fallback_relay= # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 showq unix n - n - - showq error unix - - n - - error retry unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache # # ==================================================================== # Interfaces to non-Postfix software. Be sure to examine the manual # pages of the non-Postfix software to find out what options it wants. # # Many of the following services use the Postfix pipe(8) delivery # agent. See the pipe(8) man page for information about ${recipient} # and other message envelope options. # ==================================================================== # # maildrop. See the Postfix MAILDROP_README file for details. # Also specify in main.cf: maildrop_destination_recipient_limit=1 # maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} ${extension} ${recipient} ${user} ${nexthop} ${sender} # # ==================================================================== # # The Cyrus deliver program has changed incompatibly, multiple times. # #old-cyrus unix - n n - - pipe # flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user} # # ==================================================================== # # Cyrus 2.1.5 (Amos Gouaux) # Also specify in main.cf: cyrus_destination_recipient_limit=1 # #cyrus unix - n n - - pipe # user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user} # # ==================================================================== # # See the Postfix UUCP_README file for configuration details. # #uucp unix - n n - - pipe # flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) # # ==================================================================== # # Other external delivery methods. # #ifmail unix - n n - - pipe # flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) # #bsmtp unix - n n - - pipe # flags=Fq. user=bsmtp argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient # #scalemail-backend unix - n n - 2 pipe # flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store # ${nexthop} ${user} ${extension} # #mailman unix - n n - - pipe # flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py # ${nexthop} ${user} dovecot unix - n n - - pipe flags=DROhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop} amavis unix - - - - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes 127.0.0.1:10025 inet n - - - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
Fixed. You nailed it! Thanks a million. I would like to believe it was working in the past? could this be due to an upgrade of a sort? (yum or ISPConfig?) Again thanks, JP
This worked in the past Indeed. I dont know if the cause is centos or ispconfig here. I've added it already to our bugtracker as we would have to fix it in ispconfig anyway as its unlikely that centos changes or fixes that soon.