Hi, having had our email server running fine for over a month now I suddenly had an insident today where smtp mail appeared to stop with an authentication error. Looking in the logs there were numerous logs relating to postfix but the ones that stuck out were as follows: 1. postfix/smtpd[15288]: warning: unknown[aa.bb.cc.dd]: SASL LOGIN authentication failed: authentication failure 2. postfix/smtpd[5840]: warning: database /etc/aliases.db is older than source file /etc/aliases 3. postfix/submission/smtpd[11740]: warning: SASL authentication failure: Password verification failed I have hopefully fixed number 2 with a newaliases command followed by postfix reload but am unsure if this would cause the problem experienced. Whilst there were issues sending mail from remote accounts I did try logging in via webmail and sending a quick test from there which worked without issue. I can post more detailed logs if you can advise which would be most useful. I'd be grateful if anyone could point me in the right direction of where to look if this issue happens again. This time I tried restarting postfix then saslauthd and finally did a full server restart. Is there a particular command or log I could have looked at to see if it was a resource / database issue or at least get an idea as to why authentications were failing. My system is Debian Wheezy, ISPConfig 3.0.5.3, Courier based on the latest perfect server build
Hi Refer this thread. Follow this link & use sasl packages from the Debian Wheezy repositories, not from Ubuntu. Br// Srijan
Hi Srijan, Thanks for your help on this point. It turns out fail2ban was not running correctly on my server as in the links from Chain INPUT (policy DROP) to the individual fail2ban chains were not being entered because it looks like I don't have multiport enabled: root@srv:~# cat /proc/net/ip_tables_matches state conntrack conntrack conntrack rpfilter ah icmp policy ttl ecn udplite udp tcp Can you tell me how to get multiport running or should I be configuring it in a different way? EDIT - I have just seen I can set banaction = iptables rather than banaction = iptables-multiport which looks to fix the issue but I'm still interested as to why multiports wouldn't already be included and how to include it. - EDIT Rgds, James
