FC5 - Virtual Users Howto- SASL LOGIN Auth Failed

Discussion in 'HOWTO-Related Questions' started by nsurge, Sep 15, 2006.

  1. nsurge

    nsurge New Member

    I've followed the FC5 howto:

    After a clean install, I've gotten Courier to work and check against mysql. The box will take in mail, and I can pop it sucessfully no problems, SSL or not.

    SMTP Auth however will not work. It appears to be a problem with the query to mysql, as the error message I'm getting from Outlook is "...bad username/password supplied..." The errors in the log are below:

    Sep 14 18:23:32 testpop postfix/smtpd[14120]: connect from unknown[]
    Sep 14 18:23:34 testpop postfix/smtpd[14120]: warning: unknown[]: SASL LOGIN authentication failed
    Sep 14 18:23:34 testpop postfix/smtpd[14120]: lost connection after AUTH from unknown[]
    Sep 14 18:23:34 testpop postfix/smtpd[14120]: disconnect from unknown[]

    I believe the mechanism is working correctly, but it's just not retrieveing the right data. I apologize in advance, but this is my first time dabbling into MySql and this kind of authentication. Since this is about my 6th different attempt to get SMTP Auth to work, I want to believe it's just a myth... :eek:

    Is there anyway to turn on extra level of debugging to see exactly what is going on and where it's failing? Anybody had a similar problem?


    Here is my main.cf config info:

    virtual_alias_domains =
    virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
    virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
    virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
    virtual_mailbox_base = /home/vmail
    virtual_uid_maps = static:5000
    virtual_gid_maps = static:5000
    smtpd_sasl_auth_enable = yes
    broken_sasl_auth_clients = yes
    smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
    smtpd_use_tls = yes
    smtpd_tls_cert_file = /etc/postfix/smtpd.cert
    smtpd_tls_key_file = /etc/postfix/smtpd.key
    transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
    virtual_create_maildirsize = yes
    virtual_mailbox_extended = yes
    virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
    virtual_mailbox_limit_override = yes
    virtual_maildir_limit_message = "The user you are trying to reach is over quota."
    virtual_overquota_bounce = yes
    proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
  2. falko

    falko Super Moderator ISPConfig Developer

    Did you use the correct username and password? The username is the email address.
    Also make sure the conffiguration files look exactly as shown in the tutorial. The format is important.
  3. nsurge

    nsurge New Member

    Try # 3...

    My test box was taken from me, but I have another beefier machine to test with now, so I'm going to reload once again. I'll re-do all the configs from scratch and see if maybe I miss-typed something or made a slight error on the postfix stuff.

  4. nsurge

    nsurge New Member

    I've rebuilt a new machine, FC5 x86_64:
    I had some issues with courier and the authmysqlrc script. I kept getting an Input/Output error. I finally figured out that it was from the "MYSQL_LOGIN_FIELD" settings. So I left it as:

    MYSQL_HOME_FIELD maildir

    I then created another field under the users table called "maildir" and hard coded each user’s home directory in, ie: "/home/vmail/mytestdomain/user/". This did the trick and I’m able to pop no problems with and without SSL.

    I can deliver mail just like I could with my previous instal via postfix, it accepts the mail, creates the directories, etc. However, SMTP Auth still doesn't work. I get the EXACT same error messages as I did before. (see below) :mad:

    Sep 21 15:19:51 testpop postfix/smtpd[24643]: connect from unknown[]
    Sep 21 15:19:53 testpop postfix/smtpd[24643]: warning: unknown[]: SASL LOGIN authentication failed
    Sep 21 15:19:53 testpop postfix/smtpd[24643]: lost connection after AUTH from unknown[]
    Sep 21 15:19:53 testpop postfix/smtpd[24643]: disconnect from unknown[]

    I haven’t installed any of the amavis/spamass/clam stuff. I already have proxy servers with these applications filtering our incoming mail. I have recreated all the mysql cf files in postfix and double checked them in the main.cf.

    Anybody have any suggestions as to what might be wrong with the sasl?

  5. nsurge

    nsurge New Member

    Oh yea...

    I am also using the correct username and password being: "[email protected]" and password : "xxxx".

    I have smtp auth turned on and set to use same settings and incoming mail server.
  6. nsurge

    nsurge New Member

    Found this

    I took a glance in the secure log and found this:

    Sep 21 16:26:10 testpop saslauthd[24219]: pam_unix(smtp:auth): check pass; user unknown
    Sep 21 16:26:10 testpop saslauthd[24219]: pam_unix(smtp:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=
    Sep 21 16:26:10 testpop saslauthd[24219]: pam_succeed_if(smtp:auth): error retrieving information about user nathan

    the user account i'm testing is actually ([email protected]). It appears that no information is being passed to saslauthd at all!?

    Should I have installed the pam-mysql module? I thought the authentication was being handled by courier-authlib, not saslauthd... ! :confused:

    Thanks again,
  7. nsurge

    nsurge New Member

    OMG! SMTP AUTH Solved! (for 64 bit fc5 users)

    I could HANG myself for this.............

    I found out what the problem is!!

    I had placed the smtpd.conf file into "/usr/lib/sasl2/"...

    I neglected to realize i'm running x86_64, there for the smtpd.conf was suppose to go into "/usr/lib64/sasl2/".

    Soon as I dropped the proper conf file in and restared all services, I was off and running! I only beat my head against the wall a few times, but figured it out!

    thanks for the EXCELLENT howtos falko!

    Hope this helps someone,

Share This Page