Postfix won't send emails

Discussion in 'Server Operation' started by Madrig88, Mar 16, 2016.

  1. Madrig88

    Madrig88 New Member

    I currently have 2 issues, the first is that my postfix will not send emails, it was somewhat working and then I changed some settings and now it won't send at all. I am trying to use gmail smtp to send my emails.

    ISSUE 1
    I was able to send an email but as soon as it made it to the GMAIL SMTP server it was telling me that I need to issue Starttls. in the process of figuring that out, I broke my main.cf file.

    Here is the main.cf file:
    Code:
    # See /usr/share/postfix/main.cf.dist for a commented, more complete version
    
    
    # Debian specific:  Specifying a file name will cause the first
    # line of that file to be used as the name.  The Debian default
    # is /etc/mailname.
    #myorigin = /etc/mailname
    
    smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
    biff = no
    
    # appending .domain is the MUA's job.
    append_dot_mydomain = no
    
    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h
    
    readme_directory = no
    
    # TLS parameters
    smtpd_tls_cert_file = /etc/apache2/ssl/domain.com.crt
    smtpd_tls_key_file = /etc/apache2/ssl/domain.com.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    smtpd_tls_security_level = may
    smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
    
    
    # start new test lines
    smtp_tls_loglevel = 1
    smtp_connect_timeout = 120s
    smtp_tls_note_starttls_offer = yes
    smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
    smtp_starttls_timeout = 300s
    # end new test lines
    
    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.
    
    smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated
    myhostname = hostname
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    mydomain = domain.com
    myorigin = /etc/mailname
    mydestination = domain.com, PC-NAME, localhost.localdomain, localhost
    relayhost =
    mynetworks = 127.0.0.0/8, 10.82.88.0/24, [::1]/128
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = ipv4
    home_mailbox = Maildir/
    smtp_sasl_auth_enable = yes
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd
    smtpd_sasl_type = dovecot
    smtpd_sasl_path = private/auth
    smtpd_sasl_authenticated_header = yes
    smtpd_sasl_local_domain =
    smtpd_sasl_application_name = smtpd
    broken_sasl_auth_clients = yes
    debug_peer_list=smtp.gmail.com
    debug_peer_level=3
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    smtpd_sender_restrictions = reject_unknown_sender_domain
    mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/dovecot.conf -m "${EXTENSION}"
    smtpd_tls_received_header = yes
    smtpd_tls_mandatory_protocols = SSLv3, TLSv1
    smtpd_tls_mandatory_ciphers = medium
    smtpd_tls_auth_only = no
    tls_random_source = dev:/dev/urandom
    content_filter = smtp-amavis:[127.0.0.1]:10024
    
    This is my mail.log
    Code:
    Mar 16 14:22:40 Coffee-Grounds postfix/smtpd[4756]: connect from unknown[155.133.82.84]
    Mar 16 14:22:40 Coffee-Grounds postfix/smtpd[4756]: warning: SASL: Connect to private/auth failed: Connection refused
    Mar 16 14:22:40 Coffee-Grounds postfix/smtpd[4756]: fatal: no SASL authentication mechanisms
    Mar 16 14:22:41 Coffee-Grounds postfix/master[4682]: warning: process /usr/lib/postfix/smtpd pid 4756 exit status 1
    Mar 16 14:22:41 Coffee-Grounds postfix/master[4682]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
    Mar 16 14:24:07 Coffee-Grounds postfix/smtpd[4757]: connect from unknown[155.133.82.84]
    Mar 16 14:24:07 Coffee-Grounds postfix/smtpd[4757]: warning: SASL: Connect to private/auth failed: Connection refused
    Mar 16 14:24:07 Coffee-Grounds postfix/smtpd[4757]: fatal: no SASL authentication mechanisms
    Mar 16 14:24:08 Coffee-Grounds postfix/master[4682]: warning: process /usr/lib/postfix/smtpd pid 4757 exit status 1
    Mar 16 14:24:08 Coffee-Grounds postfix/master[4682]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
    Mar 16 14:24:15 Coffee-Grounds postfix/anvil[4746]: statistics: max connection rate 1/60s for (smtp:155.133.82.84) at Mar 16 14:14:15
    Mar 16 14:24:15 Coffee-Grounds postfix/anvil[4746]: statistics: max connection count 1 for (smtp:155.133.82.84) at Mar 16 14:14:15
    Mar 16 14:24:15 Coffee-Grounds postfix/anvil[4746]: statistics: max cache size 1 at Mar 16 14:14:15
    Mar 16 14:25:36 Coffee-Grounds postfix/smtpd[4758]: connect from unknown[155.133.82.84]
    Mar 16 14:25:36 Coffee-Grounds postfix/smtpd[4758]: warning: SASL: Connect to private/auth failed: Connection refused
    Mar 16 14:25:36 Coffee-Grounds postfix/smtpd[4758]: fatal: no SASL authentication mechanisms
    Mar 16 14:25:37 Coffee-Grounds postfix/master[4682]: warning: process /usr/lib/postfix/smtpd pid 4758 exit status 1
    Mar 16 14:25:37 Coffee-Grounds postfix/master[4682]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
    Mar 16 14:27:02 Coffee-Grounds postfix/smtpd[4759]: connect from unknown[155.133.82.84]
    Mar 16 14:27:02 Coffee-Grounds postfix/smtpd[4759]: warning: SASL: Connect to private/auth failed: Connection refused
    Mar 16 14:27:02 Coffee-Grounds postfix/smtpd[4759]: fatal: no SASL authentication mechanisms
    Mar 16 14:27:03 Coffee-Grounds postfix/master[4682]: warning: process /usr/lib/postfix/smtpd pid 4759 exit status 1
    Mar 16 14:27:03 Coffee-Grounds postfix/master[4682]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
    
    And just in case, this is my master.cf
    Code:
    #
    # Postfix master process configuration file.  For details on the format
    # of the file, see the master(5) manual page (command: "man 5 master" or
    # on-line: http://www.postfix.org/master.5.html).
    #
    # Do not forget to execute "postfix reload" after editing this file.
    #
    # ==========================================================================
    # service type  private unpriv  chroot  wakeup  maxproc command + args
    #               (yes)   (yes)   (yes)   (never) (100)
    # ==========================================================================
    smtp      inet  n       -       -       -       -       smtpd
    #smtp      inet  n       -       -       -       1       postscreen
    smtpd     pass  -       -       -       -       -       smtpd
    #dnsblog   unix  -       -       -       -       0       dnsblog
    #tlsproxy  unix  -       -       -       -       0       tlsproxy
    submission inet n       -       -       -       -       smtpd
      -o syslog_name=postfix/submission
      -o smtpd_tls_security_level=encrypt
      -o smtpd_sasl_auth_enable=yes
    #  -o smtpd_reject_unlisted_recipient=no
      -o smtpd_client_restrictions=$mua_client_restrictions
    #  -o smtpd_helo_restrictions=$mua_helo_restrictions
    #  -o smtpd_sender_restrictions=$mua_sender_restrictions
    #  -o smtpd_recipient_restrictions=
    #  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
    #  -o milter_macro_daemon_name=ORIGINATING
    smtps     inet  n       -       -       -       -       smtpd
    #  -o syslog_name=postfix/smtps
      -o smtpd_tls_wrappermode=yes
      -o smtpd_sasl_auth_enable=yes
    #  -o smtpd_reject_unlisted_recipient=no
      -o smtpd_client_restrictions=$mua_client_restrictions
    #  -o smtpd_helo_restrictions=$mua_helo_restrictions
    #  -o smtpd_sender_restrictions=$mua_sender_restrictions
    #  -o smtpd_recipient_restrictions=
    #  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
    #  -o milter_macro_daemon_name=ORIGINATING
    #628       inet  n       -       -       -       -       qmqpd
    pickup    unix  n       -       -       60      1       pickup
             -o content_filter=
             -o receive_override_options=no_header_body_checks
    cleanup   unix  n       -       -       -       0       cleanup
    qmgr      unix  n       -       n       300     1       qmgr
    #qmgr     unix  n       -       n       300     1       oqmgr
    tlsmgr    unix  -       -       -       1000?   1       tlsmgr
    rewrite   unix  -       -       -       -       -       trivial-rewrite
    bounce    unix  -       -       -       -       0       bounce
    defer     unix  -       -       -       -       0       bounce
    trace     unix  -       -       -       -       0       bounce
    verify    unix  -       -       -       -       1       verify
    flush     unix  n       -       -       1000?   0       flush
    proxymap  unix  -       -       n       -       -       proxymap
    proxywrite unix -       -       n       -       1       proxymap
    smtp      unix  -       -       -       -       -       smtp
    relay     unix  -       -       -       -       -       smtp
    #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
    showq     unix  n       -       -       -       -       showq
    error     unix  -       -       -       -       -       error
    retry     unix  -       -       -       -       -       error
    discard   unix  -       -       -       -       -       discard
    local     unix  -       n       n       -       -       local
    virtual   unix  -       n       n       -       -       virtual
    lmtp      unix  -       -       -       -       -       lmtp
    anvil     unix  -       -       -       -       1       anvil
    scache    unix  -       -       -       -       1       scache
    #
    # ====================================================================
    # Interfaces to non-Postfix software. Be sure to examine the manual
    # pages of the non-Postfix software to find out what options it wants.
    s_se
     
  2. ztk.me

    ztk.me Well-Known Member HowtoForge Supporter

    master.cf put # before smtpd to make it look like
    Code:
    #smtpd     pass  -       -       -       -       -       smtpd
    
    Check your main.cf to make it look like
    Code:
    relayhost = [smtp.gmail.com]:587
    smtp_sasl_auth_enable = yes
    smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd
    smtp_sasl_security_options = noanonymous
    smtp_tls_CAfile = /etc/letsencrypt/live/{domain}/chain.pem
    
    smtpd_tls_cert_file = /etc/letsencrypt/live/{domain}/fullchain.pem
    smtpd_tls_key_file = /etc/letsencrypt/live/{domain}/privkey.pem
    
    smtp_tls_cert_file = /etc/letsencrypt/live/{domain}/fullchain.pem
    smtp_tls_key_file = /etc/letsencrypt/live/{domain}/privkey.pem
    
    smtp_use_tls = yes
    
    
    I created the SSL files using lets encrypt services
    Code:
    
    apt-get install git;
    git clone https://github.com/letsencrypt/letsencrypt
    cd letsencrypt/
    ./letsencrypt-auto certonly
    ( ./letsencrypt-auto certonly --rsa-key-size 4096 -d domain.tld -d www.domain.tld )
    

    Check permissions of your sasl_passwd and make sure it's postmapped

    Code:
    
    chmod 400 /etc/postfix/sasl/sasl_passwd
    postmap /etc/postfix/sasl/sasl_passwd
    

    In addition to that,
    Code:
       # Minimal recommended settings.  Whenever the built-in defaults are
       # sufficient, let the built-in defaults stand by deleting any explicit
       # overrides.  The default mandatory TLS protocols have never included
       # SSLv2, check to make sure you have not inadvertently enabled it.
       #
       smtpd_tls_protocols = !SSLv2, !SSLv3
       smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
       tlsproxy_tls_protocols = $smtpd_tls_protocols
       tlsproxy_tls_mandatory_protocols = $smtpd_tls_mandatory_protocols
    
       smtp_tls_protocols = !SSLv2, !SSLv3
       smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
       lmtp_tls_protocols = !SSLv2, !SSLv3
       lmtp_tls_mandatory_protocols = !SSLv2, !SSLv3
    
       smtpd_tls_ciphers = medium
       smtp_tls_ciphers = medium
    
       # Other best practices
    
       # Strongly recommended:
       # http://www.postfix.org/FORWARD_SECRECY_README.html#server_fs
       #
       smtpd_tls_dh1024_param_file=${config_directory}/dh2048.pem
       smtpd_tls_eecdh_grade = strong
    
       # Suggested, not strictly needed:
       #
       smtpd_tls_exclude_ciphers =
            EXPORT, LOW, MD5, SEED, IDEA, RC2
       smtp_tls_exclude_ciphers =
            EXPORT, LOW, MD5, aDSS, kECDHe, kECDHr, kDHd, kDHr, SEED, IDEA, RC2
    
    https://www.openssl.org/blog/blog/2016/03/01/an-openssl-users-guide-to-drown/
    EDH Server support (Postfix ≥ 2.2, all supported OpenSSL versions)

    http://www.postfix.org/FORWARD_SECRECY_README.html#server_fs
     
    Last edited: Mar 16, 2016
  3. Madrig88

    Madrig88 New Member

    Thank you for such a quick reply! I am still having a few issues.
    I have roundcube for webmail if that matters however, now I can't even log into roundcube.

    Here is the main.cf with the changes you suggested, they aren't in the same order unless that matters:

    Code:
    # See /usr/share/postfix/main.cf.dist for a commented, more complete version
    
    
    # Debian specific:  Specifying a file name will cause the first
    # line of that file to be used as the name.  The Debian default
    # is /etc/mailname.
    #myorigin = /etc/mailname
    
    smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
    biff = no
    
    # appending .domain is the MUA's job.
    append_dot_mydomain = no
    
    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h
    
    readme_directory = no
    
    # TLS parameters
    smtpd_tls_cert_file = /etc/letsencrypt/live/spiritbearstudios.com/fullchain.pem
    smtpd_tls_key_file = /etc/letsencrypt/live/spiritbearstudios.com/privkey.pem
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    smtpd_tls_security_level = may
    smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
    
    
    # start new test lines
    smtp_tls_loglevel = 1
    smtp_connect_timeout = 120s
    smtp_tls_note_starttls_offer = yes
    smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
    smtp_starttls_timeout = 300s
    # end new test lines
    
    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.
    
    smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated
    myhostname = Coffee-Grounds
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    mydomain = spiritbearstudios.com
    myorigin = /etc/mailname
    mydestination = spiritbearstudios.com, Coffee-Grounds, localhost.localdomain, localhost
    relayhost = [smtp.gmail.com]:587
    mynetworks = 127.0.0.0/8, 10.82.88.0/24, [::1]/128
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = ipv4
    home_mailbox = Maildir/
    smtp_sasl_auth_enable = yes
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd
    smtpd_sasl_type = dovecot
    smtpd_sasl_path = private/auth
    smtpd_sasl_authenticated_header = yes
    smtpd_sasl_local_domain =
    smtpd_sasl_application_name = smtpd
    broken_sasl_auth_clients = yes
    debug_peer_list=smtp.gmail.com
    debug_peer_level=4
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    smtpd_sender_restrictions = reject_unknown_sender_domain
    mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/dovecot.conf -m "${EXTENSION}"
    smtpd_tls_received_header = yes
    smtpd_tls_mandatory_protocols = SSLv3, TLSv1
    smtpd_tls_mandatory_ciphers = medium
    smtpd_tls_auth_only = no
    tls_random_source = dev:/dev/urandom
    content_filter = smtp-amavis:[127.0.0.1]:10024
    This is the new mail.log:
    Code:
    Mar 16 15:12:25 Coffee-Grounds postfix/smtpd[5005]: warning: TLS library problem: error:140DC002:SSL routines:SSL_CTX_use_certificate_chain_file:system lib:ssl_rsa.c:682:
    Mar 16 15:12:25 Coffee-Grounds postfix/smtpd[5005]: connect from localhost[127.0.0.1]
    Mar 16 15:12:25 Coffee-Grounds postfix/smtpd[5005]: warning: SASL: Connect to private/auth failed: Connection refused
    Mar 16 15:12:25 Coffee-Grounds postfix/smtpd[5005]: fatal: no SASL authentication mechanisms
    Mar 16 15:12:26 Coffee-Grounds amavis[1618]: (01618-06) (!)FWD from <[email protected]> -> <[email protected]>, 451 4.5.0 From MTA() during fwd-connect (Negative gre$
    Mar 16 15:12:26 Coffee-Grounds postfix/master[4682]: warning: process /usr/lib/postfix/smtpd pid 5005 exit status 1
    Mar 16 15:12:26 Coffee-Grounds postfix/master[4682]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
    Mar 16 15:12:26 Coffee-Grounds amavis[1618]: (01618-06) Blocked MTA-BLOCKED {TempFailedOutbound}, LOCAL [127.0.0.1]:46454 [127.0.0.1] <[email protected]> -> <wdunha$
    Mar 16 15:12:26 Coffee-Grounds postfix/smtp[5000]: 5747B40063: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=17460, delays=17446/0.05/0/14, dsn=4.5.0, status=d$
    Mar 16 15:13:10 Coffee-Grounds postfix/smtpd[6906]: warning: cannot get RSA certificate from file /etc/letsencrypt/live/spiritbearstudios.com/fullchain.pem: disabling TLS suppo$
    Mar 16 15:13:10 Coffee-Grounds postfix/smtpd[6906]: warning: TLS library problem: error:02001002:system library:fopen:No such file or directory:bss_file.c:391:fopen('/etc/letse$
    Mar 16 15:13:10 Coffee-Grounds postfix/smtpd[6906]: warning: TLS library problem: error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:393:
    Mar 16 15:13:10 Coffee-Grounds postfix/smtpd[6906]: warning: TLS library problem: error:140DC002:SSL routines:SSL_CTX_use_certificate_chain_file:system lib:ssl_rsa.c:682:
    Mar 16 15:13:10 Coffee-Grounds postfix/smtpd[6906]: connect from unknown[155.133.82.84]
    Mar 16 15:13:10 Coffee-Grounds postfix/smtpd[6906]: warning: SASL: Connect to private/auth failed: Connection refused
    Mar 16 15:13:10 Coffee-Grounds postfix/smtpd[6906]: fatal: no SASL authentication mechanisms
    Mar 16 15:13:11 Coffee-Grounds postfix/master[4682]: warning: process /usr/lib/postfix/smtpd pid 6906 exit status 1
    Mar 16 15:13:11 Coffee-Grounds postfix/master[4682]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
    Mar 16 15:14:15 Coffee-Grounds postfix/anvil[4746]: statistics: max connection rate 1/60s for (smtp:155.133.82.84) at Mar 16 15:04:16
    Mar 16 15:14:15 Coffee-Grounds postfix/anvil[4746]: statistics: max connection count 1 for (smtp:155.133.82.84) at Mar 16 15:04:16
    Mar 16 15:14:15 Coffee-Grounds postfix/anvil[4746]: statistics: max cache size 1 at Mar 16 15:04:16
    Mar 16 15:14:52 Coffee-Grounds postfix/smtpd[7104]: warning: cannot get RSA certificate from file /etc/letsencrypt/live/spiritbearstudios.com/fullchain.pem: disabling TLS suppo$
    Mar 16 15:14:52 Coffee-Grounds postfix/smtpd[7104]: warning: TLS library problem: error:02001002:system library:fopen:No such file or directory:bss_file.c:391:fopen('/etc/letse$
    Mar 16 15:14:52 Coffee-Grounds postfix/smtpd[7104]: warning: TLS library problem: error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:393:
    Mar 16 15:14:52 Coffee-Grounds postfix/smtpd[7104]: warning: TLS library problem: error:140DC002:SSL routines:SSL_CTX_use_certificate_chain_file:system lib:ssl_rsa.c:682:
    Mar 16 15:14:52 Coffee-Grounds postfix/smtpd[7104]: connect from unknown[155.133.82.84]
    Mar 16 15:14:52 Coffee-Grounds postfix/smtpd[7104]: warning: SASL: Connect to private/auth failed: Connection refused
    Mar 16 15:14:52 Coffee-Grounds postfix/smtpd[7104]: fatal: no SASL authentication mechanisms
    Mar 16 15:14:53 Coffee-Grounds postfix/master[4682]: warning: process /usr/lib/postfix/smtpd pid 7104 exit status 1
    Mar 16 15:14:53 Coffee-Grounds postfix/master[4682]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
    Mar 16 15:16:22 Coffee-Grounds postfix/smtpd[7140]: connect from unknown[155.133.82.84]
    Mar 16 15:16:22 Coffee-Grounds postfix/smtpd[7140]: warning: SASL: Connect to private/auth failed: Connection refused
    Mar 16 15:16:22 Coffee-Grounds postfix/smtpd[7140]: fatal: no SASL authentication mechanisms
    Mar 16 15:16:23 Coffee-Grounds postfix/master[4682]: warning: process /usr/lib/postfix/smtpd pid 7140 exit status 1
    Mar 16 15:16:23 Coffee-Grounds postfix/master[4682]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
    Mar 16 15:17:38 Coffee-Grounds postfix/master[4682]: reload -- version 2.11.3, configuration /etc/postfix
    Mar 16 15:17:38 Coffee-Grounds postfix/anvil[7106]: statistics: max connection rate 1/60s for (smtp:155.133.82.84) at Mar 16 15:14:52
    Mar 16 15:17:38 Coffee-Grounds postfix/anvil[7106]: statistics: max connection count 1 for (smtp:155.133.82.84) at Mar 16 15:14:52
    Mar 16 15:17:38 Coffee-Grounds postfix/anvil[7106]: statistics: max cache size 1 at Mar 16 15:14:52
    Mar 16 15:17:53 Coffee-Grounds postfix/smtpd[7171]: connect from unknown[155.133.82.84]
    Mar 16 15:17:53 Coffee-Grounds postfix/smtpd[7171]: warning: SASL: Connect to private/auth failed: Connection refused
    Mar 16 15:17:53 Coffee-Grounds postfix/smtpd[7171]: fatal: no SASL authentication mechanisms
    Mar 16 15:17:54 Coffee-Grounds postfix/master[4682]: warning: process /usr/lib/postfix/smtpd pid 7171 exit status 1
    Mar 16 15:17:54 Coffee-Grounds postfix/master[4682]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
    Mar 16 15:19:00 Coffee-Grounds dovecot: master: Error: service(auth): unlink(/var/spool/postfix/private/auth) failed: Is a directory
    Mar 16 15:19:00 Coffee-Grounds dovecot: master: Fatal: Failed to start listeners
     
  4. ztk.me

    ztk.me Well-Known Member HowtoForge Supporter

    You're still missing smtp_tls_cert_file and smtp_tls_key_file
     
  5. Madrig88

    Madrig88 New Member

    I inserted the lines from both of your posts, however I still cannot login through roundcube, its stating "Connection to storage server failed." I have attempted and I also cannot telnet to localhost 25
    Is this the way you were having me set this up? I have created a backup just in case.
    Code:
    # See /usr/share/postfix/main.cf.dist for a commented, more complete version
    
    smtpd_tls_protocols = !SSLv2, !SSLv3
    smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
    tlsproxy_tls_protocols = $smtpd_tls_protocols
    tlsproxy_tls_mandatory_protocols = $smtpd_tls_mandatory_protocols
    
    smtp_tls_protocols = !SSLv2, !SSLv3
    smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
    lmtp_tls_protocols = !SSLv2, !SSLv3
    lmtp_tls_mandatory_protocols = !SSLv2, !SSLv3
    
    smtpd_tls_ciphers = medium
    smtp_tls_ciphers = medium
    
    smtpd_tls_dh1024_param_file=${config_directory}/dh2048.pem
    smtpd_tls_eecdh_grade = strong
    
    smtpd_tls_exclude_ciphers = EXPORT, LOW, MD5, SEED, IDEA, RC2
    smtp_tls_exclude_ciphers = EXPORT, LOW, MD5, aDSS, kECDHe, kECDHr, kDHd, kDHr, SEED, IDEA, RC2
    
    smtpd_tls_dh1024_param_file = ${config_directory}/dh2048.pem
    smtpd_tls_dh512_param_file = ${config_directory}/dh512.pem
    
    # Debian specific:  Specifying a file name will cause the first
    # line of that file to be used as the name.  The Debian default
    # is /etc/mailname.
    #myorigin = /etc/mailname
    
    smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
    biff = no
    
    # appending .domain is the MUA's job.
    append_dot_mydomain = no
    
    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h
    
    readme_directory = no
    
    # TLS parameters
    smtpd_tls_cert_file = /etc/letsencrypt/live/spiritbearstudios.com/fullchain.pem
    smtpd_tls_key_file = /etc/letsencrypt/live/spiritbearstudios.com/privkey.pem
    smtp_tls_cert_file = /etc/letsencrypt/live/spiritbearstudios.com/fullchain.pem
    smtp_tls_key_file = /etc/letsencrypt/live/spiritbearstudios.com/privkey.pem
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    smtpd_tls_security_level = may
    smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
    
    
    # start new test lines
    smtp_tls_loglevel = 1
    smtp_connect_timeout = 120s
    smtp_tls_note_starttls_offer = yes
    smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
    smtp_starttls_timeout = 300s
    # end new test lines
    
    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.
    
    smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated
    myhostname = Coffee-Grounds
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    mydomain = spiritbearstudios.com
    myorigin = /etc/mailname
    mydestination = spiritbearstudios.com, Coffee-Grounds, localhost.localdomain, localhost
    relayhost = [smtp.gmail.com]:587
    mynetworks = 127.0.0.0/8, 10.82.88.0/24, [::1]/128
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = ipv4
    home_mailbox = Maildir/
    smtp_sasl_auth_enable = yes
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd
    smtpd_sasl_type = dovecot
    smtpd_sasl_path = private/auth
    smtpd_sasl_authenticated_header = yes
    smtpd_sasl_local_domain =
    smtpd_sasl_application_name = smtpd
    broken_sasl_auth_clients = yes
    debug_peer_list=smtp.gmail.com
    debug_peer_level=4
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    smtpd_sender_restrictions = reject_unknown_sender_domain
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    smtpd_tls_security_level = may
    smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
    
    
    # start new test lines
    smtp_tls_loglevel = 1
    smtp_connect_timeout = 120s
    smtp_tls_note_starttls_offer = yes
    smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
    smtp_starttls_timeout = 300s
    # end new test lines
    
    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.
    
    smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated
    myhostname = Coffee-Grounds
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    mydomain = spiritbearstudios.com
    myorigin = /etc/mailname
    mydestination = spiritbearstudios.com, Coffee-Grounds, localhost.localdomain, localhost
    relayhost = [smtp.gmail.com]:587
    mynetworks = 127.0.0.0/8, 10.82.88.0/24, [::1]/128
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = ipv4
    home_mailbox = Maildir/
    smtp_sasl_auth_enable = yes
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd
    smtpd_sasl_type = dovecot
    smtpd_sasl_path = private/auth
    smtpd_sasl_authenticated_header = yes
    smtpd_sasl_local_domain =
    smtpd_sasl_application_name = smtpd
    broken_sasl_auth_clients = yes
    debug_peer_list=smtp.gmail.com
    debug_peer_level=4
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    smtpd_sender_restrictions = reject_unknown_sender_domain
    mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/dovecot.conf -m "${EXTENSION}"
    smtpd_tls_received_header = yes
    smtpd_tls_auth_only = no
    tls_random_source = dev:/dev/urandom
    content_filter = smtp-amavis:[127.0.0.1]:10024
    
    Here is the mail log
    Code:
    Mar 16 16:42:08 Coffee-Grounds postfix/master[8369]: warning: process /usr/lib/postfix/smtpd pid 8457 exit status 1
    Mar 16 16:42:08 Coffee-Grounds postfix/master[8369]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
    Mar 16 16:43:13 Coffee-Grounds postfix/anvil[8430]: statistics: max connection rate 1/60s for (smtp:155.133.82.84) at Mar 16 16:33:13
    Mar 16 16:43:13 Coffee-Grounds postfix/anvil[8430]: statistics: max connection count 1 for (smtp:155.133.82.84) at Mar 16 16:33:13
    Mar 16 16:43:13 Coffee-Grounds postfix/anvil[8430]: statistics: max cache size 1 at Mar 16 16:33:13
    Mar 16 16:43:36 Coffee-Grounds postfix/smtpd[8458]: warning: cannot load 512-bit DH parameters from file /etc/postfix/dh512.pem???: No such file or directory -- using compiled-$
    Mar 16 16:43:36 Coffee-Grounds postfix/smtpd[8458]: connect from unknown[155.133.82.84]
    Mar 16 16:43:36 Coffee-Grounds postfix/smtpd[8458]: warning: SASL: Connect to private/auth failed: Connection refused
    Mar 16 16:43:36 Coffee-Grounds postfix/smtpd[8458]: fatal: no SASL authentication mechanisms
    Mar 16 16:43:37 Coffee-Grounds postfix/master[8369]: warning: process /usr/lib/postfix/smtpd pid 8458 exit status 1
    Mar 16 16:43:37 Coffee-Grounds postfix/master[8369]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
    Mar 16 16:45:04 Coffee-Grounds postfix/smtpd[8459]: warning: cannot load 512-bit DH parameters from file /etc/postfix/dh512.pem???: No such file or directory -- using compiled-$
    Mar 16 16:45:10 Coffee-Grounds postfix/smtpd[8459]: connect from unknown[155.133.82.84]
    Mar 16 16:45:10 Coffee-Grounds postfix/smtpd[8459]: warning: SASL: Connect to private/auth failed: Connection refused
    Mar 16 16:45:10 Coffee-Grounds postfix/smtpd[8459]: fatal: no SASL authentication mechanisms
    Mar 16 16:45:11 Coffee-Grounds postfix/master[8369]: warning: process /usr/lib/postfix/smtpd pid 8459 exit status 1
    Mar 16 16:45:11 Coffee-Grounds postfix/master[8369]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
    Mar 16 16:46:33 Coffee-Grounds postfix/smtpd[8461]: warning: cannot load 512-bit DH parameters from file /etc/postfix/dh512.pem???: No such file or directory -- using compiled-$
    Mar 16 16:46:36 Coffee-Grounds postfix/smtpd[8461]: connect from unknown[155.133.82.84]
    Mar 16 16:46:36 Coffee-Grounds postfix/smtpd[8461]: warning: SASL: Connect to private/auth failed: Connection refused
    Mar 16 16:46:36 Coffee-Grounds postfix/smtpd[8461]: fatal: no SASL authentication mechanisms
    Mar 16 16:46:37 Coffee-Grounds postfix/master[8369]: warning: process /usr/lib/postfix/smtpd pid 8461 exit status 1
    Mar 16 16:46:37 Coffee-Grounds postfix/master[8369]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
    
     
  6. ztk.me

    ztk.me Well-Known Member HowtoForge Supporter

    You still need to change your
    Code:
    smtp_tls_CAfile = /etc/letsencrypt/live/spiritbearstudios.com/chain.pem
    
    Beware that you have the following block twice, remove one block and use the above mentioned tls_CAfile param
    This is a rather old config ( version 2.3 and less ) and defaults to smtpd anyway, you can remove that line
    it's smtpd_sasl_path for version newer versions.
    Code:
    smtpd_sasl_application_name = smtpd
    Also I did quote/mention some ssl-related stuff because it's a ssl related topic, if you use that, please read the full text :)
    You need to generate the dh-files if you want to use PFS.
     
  7. Madrig88

    Madrig88 New Member

    I have the one about the DH parameters solved and I do want to use PFS for some reason the config wasn't recognizing the dh512.pem in the postfix folder but I got it working. for some reason I cant even telnet I find this odd. I actually just installed postfix not long ago and I started shoving old fixes in thinking that it would help... this is probably a newer config gone wrong by user error.

    This is what happens when I try to telnet to the server:
    Code:
    root@Coffee-Grounds:/etc/postfix# telnet localhost 25
    Trying ::1...
    Trying 127.0.0.1...
    Connected to localhost.
    Escape character is '^]'.
    ehlo localhost
            # Waits approx 2 mins then...
    Connection closed by foreign host.
    
    Mail.log:
    Code:
    Mar 16 17:41:28 Coffee-Grounds postfix/master[10023]: daemon started -- version 2.11.3, configuration /etc/postfix
    Mar 16 17:41:40 Coffee-Grounds postfix/smtpd[10026]: connect from unknown[155.133.82.84]
    Mar 16 17:41:40 Coffee-Grounds postfix/smtpd[10026]: warning: SASL: Connect to private/auth failed: Connection refused
    Mar 16 17:41:40 Coffee-Grounds postfix/smtpd[10026]: fatal: no SASL authentication mechanisms
    Mar 16 17:41:41 Coffee-Grounds postfix/master[10023]: warning: process /usr/lib/postfix/smtpd pid 10026 exit status 1
    Mar 16 17:41:41 Coffee-Grounds postfix/master[10023]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
    Mar 16 17:43:11 Coffee-Grounds postfix/smtpd[10031]: connect from unknown[155.133.82.84]
    Mar 16 17:43:11 Coffee-Grounds postfix/smtpd[10031]: warning: SASL: Connect to private/auth failed: Connection refused
    Mar 16 17:43:11 Coffee-Grounds postfix/smtpd[10031]: fatal: no SASL authentication mechanisms
    Mar 16 17:43:12 Coffee-Grounds postfix/master[10023]: warning: process /usr/lib/postfix/smtpd pid 10031 exit status 1
    Mar 16 17:43:12 Coffee-Grounds postfix/master[10023]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
    Mar 16 17:44:12 Coffee-Grounds postfix/smtpd[10033]: connect from localhost[127.0.0.1]
    Mar 16 17:44:12 Coffee-Grounds postfix/smtpd[10033]: warning: SASL: Connect to private/auth failed: Connection refused
    Mar 16 17:44:12 Coffee-Grounds postfix/smtpd[10033]: fatal: no SASL authentication mechanisms
    Mar 16 17:44:13 Coffee-Grounds postfix/master[10023]: warning: process /usr/lib/postfix/smtpd pid 10033 exit status 1
    Mar 16 17:44:13 Coffee-Grounds postfix/master[10023]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
     
  8. ztk.me

    ztk.me Well-Known Member HowtoForge Supporter

    Ok, make sure dovecot is running and does provide private/auth
    See this article for instructions.
    And just in case you missed it
    Code:
    adduser postfix sasl
     
  9. Madrig88

    Madrig88 New Member

    Alright, so roundcube works now, and I am able to send emails, however, now I cannot receive the test email because of the following. perhaps you can make heads or tails out of this. this was Issue 2 unable to send email through the GMail smtp. This was the issue that caused the changes that I had made.

    Code:
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: private/tlsmgr: wanted attribute: (list terminator)
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: input attribute name: (end)
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: Untrusted TLS connection established to smtp.gmail.com[209.85.147.109]:587: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 ($
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: smtp_stream_setup: maxtime=300 enable_deadline=0
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: > smtp.gmail.com[209.85.147.109]:587: EHLO spiritbearstudios
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: vstream_fflush_some: fd 19 flush 24
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: vstream_buf_get_ready: fd 19 got 221
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: < smtp.gmail.com[209.85.147.109]:587: 250-smtp.gmail.com at your service, [75.128.91.10]
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: < smtp.gmail.com[209.85.147.109]:587: 250-SIZE 35882577
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: < smtp.gmail.com[209.85.147.109]:587: 250-8BITMIME
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: < smtp.gmail.com[209.85.147.109]:587: 250-AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: < smtp.gmail.com[209.85.147.109]:587: 250-ENHANCEDSTATUSCODES
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: < smtp.gmail.com[209.85.147.109]:587: 250-PIPELINING
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: < smtp.gmail.com[209.85.147.109]:587: 250-CHUNKING
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: < smtp.gmail.com[209.85.147.109]:587: 250 SMTPUTF8
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: server features: 0x102f size 35882577
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: Using ESMTP PIPELINING, TCP send buffer size is 44800, PIPELINING buffer size is 4096
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: maps_find: smtp_sasl_passwd: smtp.gmail.com: not found
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: maps_find: smtp_sasl_passwd: hash:/etc/postfix/sasl/sasl_passwd(0,lock|fold_fix): [smtp.gmail.com]:587 = ########:$
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: smtp_sasl_passwd_lookup: host `smtp.gmail.com' user `########' pass `#########'
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: starting new SASL client
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: name_mask: noplaintext
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: name_mask: noanonymous
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: smtp_sasl_authenticate: smtp.gmail.com[209.85.147.109]:587: SASL mechanisms LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER$
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: warning: SASL authentication failure: No worthy mechs found
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: connect to subsystem private/defer
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: send attr nrequest = 0
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: send attr flags = 0
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: send attr queue_id = E49D6403DE
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: send attr original_recipient = [email protected]
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: send attr recipient = [email protected]
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: send attr offset = 607
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: send attr dsn_orig_rcpt = rfc822;[email protected]
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: send attr notify_flags = 0
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: send attr status = 4.7.0
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: send attr diag_type = x-sasl
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: send attr diag_text = no mechanism available
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: send attr mta_type =
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: send attr mta_mname =
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: send attr action = delayed
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: send attr reason = SASL authentication failed; cannot authenticate to server smtp.gmail.com[209.85.147.109]: no mechanism ava$
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: vstream_fflush_some: fd 20 flush 386
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: vstream_buf_get_ready: fd 20 got 10
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: private/defer socket: wanted attribute: status
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: input attribute name: status
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: input attribute value: 0
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: private/defer socket: wanted attribute: (list terminator)
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: input attribute name: (end)
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: E49D6403DE: to=<[email protected]>, relay=smtp.gmail.com[209.85.147.109]:587, delay=0.86, delays=0.02/0.02/0.82/0, dsn=4.7.0, $
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: flush_add: site bsdd.com id E49D6403DE
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: match_hostname: bsdd.com ~? spiritbearstudios.com
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: match_hostname: bsdd.com ~? Coffee-Grounds
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: match_hostname: bsdd.com ~? localhost.localdomain
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: match_hostname: bsdd.com ~? localhost
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: match_list_match: bsdd.com: no match
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: flush_add: site bsdd.com id E49D6403DE status 4
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: smtp_stream_setup: maxtime=300 enable_deadline=0
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: > smtp.gmail.com[209.85.147.109]:587: QUIT
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: name_mask: resource
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: name_mask: software
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: vstream_fflush_some: fd 19 flush 6
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: vstream_fflush_some: fd 19 flush 0
    Mar 17 14:09:55 Coffee-Grounds postfix/smtp[13472]: disposing SASL state information
    Mar 17 14:10:40 Coffee-Grounds dovecot: imap-login: Login: user=<wdunham>, method=PLAIN, rip=10.82.88.1, lip=10.82.88.182, mpid=13475, TLS, session=<YGZVjEIuDgAKUlgB>
    Mar 17 14:10:40 Coffee-Grounds dovecot: imap(wdunham): Disconnected: Logged out in=91 out=866
    
    filtered User and password for SMTP server
     
  10. ztk.me

    ztk.me Well-Known Member HowtoForge Supporter

    Check your password file
    Code:
    $cat /etc/postfix/sasl/sasl_passwd
    smtp.gmail.com      user:pass
    
    It says it can't find it.

    Also do:

    Code:
    chown root:root /etc/postfix/sasl/sasl_passwd && chmod 600 /etc/postfix/sasl/sasl_passwd
    
    postmap hash:/etc/postfix/sasl/sasl_passwd
    
     
  11. Madrig88

    Madrig88 New Member

    Alright now its telling me authentication required...

    When my password file looks like this...
    Code:
    smtp.gmail.com      user:pass
    and postmapped I get this...
    Code:
    Mar 17 14:58:18 Coffee-Grounds postfix/smtp[14313]: < smtp.gmail.com[209.85.147.109]:587: 530-5.5.1 Authentication Required. Learn more at
    Mar 17 14:58:18 Coffee-Grounds postfix/smtp[14313]: < smtp.gmail.com[209.85.147.109]:587: 530 5.5.1  https://support.google.com/mail/answer/14257 p1sm4160155iop.12 - gsmtp
    
    So I made sure to follow the link and click this and authorize... https://accounts.google.com/DisplayUnlockCaptcha
    after trying again I get the same result. however when my password file looks like this...
    Code:
    smtp.gmail.com:587 user:pass
    
    and postmapped I get this...
    Code:
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: smtp_sasl_authenticate: smtp.gmail.com[209.85.147.108]:587: SASL mechanisms LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER$
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: warning: SASL authentication failure: No worthy mechs found
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: connect to subsystem private/defer
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: send attr nrequest = 0
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: send attr flags = 0
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: send attr queue_id = DEEF3403F7
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: send attr original_recipient = [email protected]
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: send attr recipient = [email protected]
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: send attr offset = 607
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: send attr dsn_orig_rcpt = rfc822;[email protected]
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: send attr notify_flags = 0
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: send attr status = 4.7.0
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: send attr diag_type = x-sasl
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: send attr diag_text = no mechanism available
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: send attr mta_type =
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: send attr mta_mname =
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: warning: SASL authentication failure: No worthy mechs found
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: connect to subsystemMar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: send attr action = delayed
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: send attr reason = SASL authentication failed; cannot authenticate to server smtp.gmail.com[209.85.147.108]: no mechanism ava$
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: vstream_fflush_some: fd 20 flush 386
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: vstream_buf_get_ready: fd 20 got 10
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: private/defer socket: wanted attribute: status
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: input attribute name: status
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: input attribute value: 0
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: private/defer socket: wanted attribute: (list terminator)
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: input attribute name: (end)
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: DEEF3403F7: to=<[email protected]>, relay=smtp.gmail.com[209.85.147.108]:587, delay=0.64, delays=0.01/0/0.63/0, dsn=4.7.0, sta$
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: flush_add: site bsdd.com id DEEF3403F7
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: match_hostname: bsdd.com ~? spiritbearstudios.com
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: match_hostname: bsdd.com ~? Coffee-Grounds
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: match_hostname: bsdd.com ~? localhost.localdomain
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: match_hostname: bsdd.com ~? localhost
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: match_list_match: bsdd.com: no match
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: flush_add: site bsdd.com id DEEF3403F7 status 4
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: smtp_stream_setup: maxtime=300 enable_deadline=0
    Mar 17 15:06:10 Coffee-Grounds postfix/smtp[14372]: > smtp.gmail.com[209.85.147.108]:587: QUIT
    
     
  12. Madrig88

    Madrig88 New Member

    Alright I figured this issue out!
    This is the sasl_passwd file:
    Code:
    [smtp.gmail.com]:587 user:pass
    Then I realized I missed this in the main.cf(which I missed when you stated it earlier):
    Code:
    smtp_sasl_security_options = noanonymous
    
    and then I had to enable the account using https://accounts.google.com/DisplayUnlockCaptcha and then use less secure apps with this link: https://www.google.com/settings/security/lesssecureapps

    now everything that I have missed on previous email attempts is pushing through, but they are all going to my spam folder. Is there anything with the given information above that I can do to help prevent this?
     
    ztk.me likes this.
  13. ztk.me

    ztk.me Well-Known Member HowtoForge Supporter

    if you haven't done already, you could/should setup SPF for your mail domains.
     
    Madrig88 likes this.
  14. Madrig88

    Madrig88 New Member

    Thank you for your help I have been able to successfully send multiple emails. I greatly appreciate your assistance in this matter.
     

Share This Page