perfect server Ubuntu 7.10: I'm missing 250-AUTH ....

Discussion in 'Installation/Configuration' started by dmpstr2000, Nov 9, 2007.

  1. dmpstr2000

    dmpstr2000 New Member

    I've been following the guide
    The Perfect Server - Ubuntu Gutsy Gibbon
    and while doing a 'telnet localhost 25'
    I don't see the two lines

    I've followed everything in the guide up to page 5 and everything else
    works as described.
    In the postfix config page (page 5) I followed the steps described
    and only deviated in the /etc/postfix/ in one line:

    with this line
    myorigin = /etc/mailname
    when I start the postfix service, it complains that such a file doesn't exist.
    whereas with this line commented out (as is originally commented out in the
    file) the service comes up fine.

    My main question is why don't I see the 250-AUTH messages even though I see
    ehlo localhost
    250-SIZE 10240000
    250 DSN

    Here are the contents of my /etc/postfix/
    # See /usr/share/postfix/ for a commented, more complete version

    # Debian specific: Specifying a file name will cause the first
    # line of that file to be used as the name. The Debian default
    # is /etc/mailname.
    #myorigin = /etc/mailname

    smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
    biff = no

    # appending .domain is the MUA's job.
    append_dot_mydomain = no

    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h

    # TLS parameters
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.

    myhostname = rethymno-ubuntu
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    mydestination = rethymno-ubuntu, localhost.localdomain, localhost
    relayhost =
    mynetworks =
    mailbox_command = procmail -a "$EXTENSION"
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = all
    smptd_sasl_local_domain =
    smptd_sasl_auth_enable = yes
    smptd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smptd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    smtpd_tls_auth_only = no
    smtp_use_tls = yes
    smtp_tls_note_starttls_offer = yes
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom

    and here are the contents of my /etc/default/sasldauthd

    # Settings for saslauthd daemon

    # Should saslauthd run automatically on startup? (default: no)

    # Which authentication mechanisms should saslauthd use? (default: pam)
    # Available options in this Debian package:
    # getpwent -- use the getpwent() library function
    # kerberos5 -- use Kerberos 5
    # pam -- use PAM
    # rimap -- use a remote IMAP server
    # shadow -- use the local shadow password file
    # sasldb -- use the local sasldb database file
    # ldap -- use LDAP (configuration is in /etc/saslauthd.conf)
    # Only one option may be used at a time. See the saslauthd man page
    # for more information.
    # Example: MECHANISMS="pam"

    # Additional options for this mechanism. (default: none)
    # See the saslauthd man page for information about mech-specific options.

    # How many saslauthd processes should we run? (default: 5)
    # A value of 0 will fork a new process for each connection.

    # Other options (default: -c)
    # See the saslauthd man page for information about these options.
    # Example for postfix users: "-c -m /var/spool/postfix/var/run/saslauthd"
    # Note: See /usr/share/doc/sasl2-bin/README.Debian
    OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"

    Any help greatly appreciated.
  2. dmpstr2000

    dmpstr2000 New Member

    In other postings I've seen people asking for this
    so I'm including it here. this may be useful...

    [email protected]:/etc/postfix/ssl# netstat -tap
    Active Internet connections (servers and established)
    Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
    tcp 0 0 *:mysql *:* LISTEN 6850/mysqld
    tcp 0 0 rethymno-ubuntu:domain *:* LISTEN 6146/named
    tcp 0 0 localhost:domain *:* LISTEN 6146/named
    tcp 0 0 localhost:ipp *:* LISTEN 4632/cupsd
    tcp 0 0 *:smtp *:* LISTEN 8121/master
    tcp 0 0 localhost:953 *:* LISTEN 6146/named
    tcp 0 104 rethymno-ubuntu:59501 webcs11.msg.re3.ya:mmcc ESTABLISHED5323/firefox-bin
    tcp 0 0 rethymno-ubuntu:37880 a209-253-130-40.dep:www ESTABLISHED5323/firefox-bin
    tcp6 0 0 *:domain *:* LISTEN 6146/named
    tcp6 0 0 *:ssh *:* LISTEN 4589/sshd
    tcp6 0 0 *:smtp *:* LISTEN 8121/master
    tcp6 0 0 ip6-localhost:953 *:* LISTEN 6146/named
    tcp6 0 0 rethymno-ubuntu:ssh Chania-2.client.p:53372 ESTABLISHED7942/sshd: axon [pr
  3. falko

    falko Super Moderator ISPConfig Developer

    Any errors in your mail log?
  4. dmpstr2000

    dmpstr2000 New Member

    There was an error recorded inside /var/log/mail.log

    Nov 8 19:05:04 rethymno-ubuntu postfix/smtpd[8128]: warning: cannot get certificate from file /etc/postfix/ssl/smtpd.crt
    Nov 8 19:05:04 rethymno-ubuntu postfix/smtpd[8128]: warning: TLS library problem: 8128:error:02001002:system library:fopen:No such file or directory:bss_file.c:352:fopen('/etc/postfix/ssl/smtpd.crt','r'):
    Nov 8 19:05:04 rethymno-ubuntu postfix/smtpd[8128]: warning: TLS library problem: 8128:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:354:
    Nov 8 19:05:04 rethymno-ubuntu postfix/smtpd[8128]: warning: TLS library problem: 8128:error:140DC002:SSL routines:SSL_CTX_use_certificate_chain_file:system lib:ssl_rsa.c:720:

    I checked inside /etc/postfix/ssl/ and indeed the file was missing. I must
    have mistyped some command...

    I deleted the directory /etc/postfix/ssl/ and copy pasted the commands
    for recreating the contents of it. Now I had all the files
    needed (although the permissions for some of them
    are world readable and they contain private keys...I don't know much about security or TLS though)

    Now I restarted postfix and saslauthd and I still don't get the AUTH messages
    even though I don't get any errors/warnings either inside mail.YYYY log files.
    No errors in syslog either.

    Any other ideas?


    ps two other things that I have no idea if they are related are:
    1) during certificate creation, I gave empty challenge question (pressed enter twice in the last two question)
    2) I didn't give my host a fully qualified name (I'm experimenting with a local
    lan at home)
  5. falko

    falko Super Moderator ISPConfig Developer

    I think this is the problem.
    Did you add your hostname to /etc/hosts? What's in /etc/postfix/
  6. dmpstr2000

    dmpstr2000 New Member

    My /etc/hosts contains an entry: rethymno-ubuntu

    and the file /etc/postfix/ contains:
    myhostname = rethymno-ubuntu
    mydestination = rethymno-ubuntu, localhost.localdomain, localhost

    maybe the dash is confusing it? but also the 'localhost.localdomain'???
  7. falko

    falko Super Moderator ISPConfig Developer

    Please try
    postconf -e 'smtp_host_lookup = native'
    /etc/init.d/postfix restart

Share This Page