Yes to both. The domain is listed in the domains table and the user address ([email protected]) is listed in the email field of the users table. I hope I haven't stumped you. I do feel it is an SASL issue since my previous setup had permit_mynetworks before permit_sasl_authenticated in the smtpd_senders configuration variable. It is currently blank. That is just a theory right now though I plan on testing that this evening.
What happens if you add Code: smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_pipelining, permit to your main.cf?
I implemented the changes to the smtpd_sender restrictions and restarted Postfix. I tried sending mail from the client two different ways. When "Outgoing Server Requires Authentication" was checked on the client, the client was unable to connect at all. When "Outgoing Server Requires Authentication" was unchecked on the client, a connection was made but the outgoing message was returned undeliverable. The server mail log shows the same relay access denied message. My prior setup, before the rebuild, had permit_mynetworks before permit_sasl_authenticated. I believe this is why I never noticed a problem before. Would you like me to switch the order temporarily to verify that to be the case?
Falko, I tried that yesterday and received an error as well. I happened to pop into my auth.log file today for another reason and saw the following block of error statements. Code: May 1 14:00:14 server saslauthd[7234]: pam_mysql - MySQL error (Access denied for user 'dbuser'@'localhost' (using password: NO)) May 1 14:00:14 server saslauthd[7234]: DEBUG: auth_pam: pam_authenticate failed: Authentication service cannot retrieve authentication info May 1 14:00:14 server saslauthd[7234]: do_auth : auth failure: [[email protected]] [service=smtp] [realm=domain1.com] [mech=pam] [reason=PAM auth error] May 1 14:00:16 server saslauthd[7234]: pam_mysql - MySQL error (Access denied for user 'dbuser'@'localhost' (using password: NO)) May 1 14:00:16 server saslauthd[7234]: DEBUG: auth_pam: pam_authenticate failed: Authentication service cannot retrieve authentication info May 1 14:00:16 server saslauthd[7234]: do_auth : auth failure: [[email protected]] [service=smtp] [realm=domain1.com] [mech=pam] [reason=PAM auth error] This makes me believe that I have a permissions issue with my database user. Would you agree? Thanks.
Can you log in to MySQL like this? Code: mysql -u dbuser -p Or like this: Code: mysql -u dbuser What's in /etc/pam.d/smtp?
Here are the results of the latest test. Using the first MySQL login command (mysql -u dbuser -p), I was able to adequately access MySQL. Using the second MySQL login command (mysql -u dbuser), I received an error message very similar to the errors being logged to my auth.log file. Code: ERROR 1045 (28000): Access denied for user 'dbuser'@'localhost' (using password: NO) Here is the output of /etc/pam.d/smtp. I have sanitized the database name, login, and password information. I have checked those and know that they are indeed correct though. Code: auth required pam_mysql.so user=dbuser password=mailpassword host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1 account sufficient pam_mysql.so user=dbuser password=mailpassword host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1 Thanks.
Does the password contain special characters? Do you use the right database login in the mysql*.cf files?
Sorry I haven't been more responsive. My baby daughter was born on Saturday. I just want to say that I really do appreciate your willingness to help me solve this problem. The password for the MySQL database user does not contain any special characters. It is a strong password, but only comprised of letters and numbers. I have double and even triple checked the mysql*.conf files to ensure that my login information is correct. Here are some brainstorming ideas/questions I have. Is there a way to ratchet up the error logging to become more verbose? Perhaps more information will help pinpoint the problem. I noticed that in the mysql*.conf files, the host is defined as 127.0.0.1. However, the log indicates the connection is being made on localhost. The hosts file does resolve 127.0.0.1 to localhost, but I also know that MySQL is bound to listen on 127.0.0.1. Does this make any difference? What privileges should the MySQL database user have on the database? I believe it is all (i.e. GRANT ALL ON maildatabase.*), but I could double check. Thanks.
Bump... Is there a way to increase the amount of information being logged or make it more verbose so that I can pinpoint the problem better?
Not sure... But did you double-check your configuration and compared it with the one from the tutorial? Maybe you made a typo somewhere.
