Code: postfix/smtp[29356]: warning: SASL authentication failure: No worthy mechs found postfix/smtp[29356]: B35FEA02962: to=<*****@*****>, relay=smtp.broadband.rogers.com[206.190.36.18]:25, delay=0.14, delays=0.01/0.02/0.11/0, dsn=4.7.0, status=deferred (SASL authentication failed; cannot authenticate to server smtp.broadband.rogers.com[206.190.36.18]: no mechanism available
Please run Code: echo 'pwcheck_method: saslauthd' >> /etc/postfix/sasl/smtpd.conf echo 'mech_list: plain login' >> /etc/postfix/sasl/smtpd.conf and restart Postfix.
I'm still getting the same error, I always follow the perfect setup to the T, What would cause this if I followed the perfect setup guide, I have setup this machine for a client but outgoing and incoming email still isn't working only local email.
Which guide did you follow? We may then be able to know what to expect to see in your system. Is that everything? What are the permissions on the file? Can the postfix user read the contents? Code: ls -l /etc/postfix/sasl What SASL options do you have set in postfix's main.cf? Can you post the the contents of that file here, xxxx'ing out any site sensitive information?
I used the Ubuntu 8.04 Perfect Server setup. Yes that is everything that was in the file and these are the permissions Code: -rw-r--r-- 1 root root 50 2008-08-14 15:42 smtpd.conf and here is my main.cf Code: # See /usr/share/postfix/main.cf.dist for a commented, more complete version # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. #myorigin = /etc/mailname smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h readme_directory = no # TLS parameters smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key smtpd_use_tls = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. myhostname = ********* alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname #mydestination = ***********, localhost.********, localhost.localdomain, localhost relayhost = [smtp.broadband.rogers.com] mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_command = mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all inet_protocols = all smtpd_sasl_local_domain = smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_sasl_authenticated_header = yes smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination smtpd_tls_auth_only = no smtp_use_tls = yes smtp_tls_note_starttls_offer = yes smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom virtual_maps = hash:/etc/postfix/virtusertable mydestination = /etc/postfix/local-host-names home_mailbox = Maildir/ smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_option =
Can you post your /etc/postfix/master.cf as well? Maybe Postfix is running chrooted... Did you disable AppArmor?
yes I disabled apparmor and removed it completely. Code: # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master"). # # Do not forget to execute "postfix reload" after editing this file. # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - - - - smtpd #submission inet n - - - - smtpd # -o smtpd_tls_security_level=encrypt # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING #smtps inet n - - - - smtpd # -o smtpd_tls_wrappermode=yes # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING #628 inet n - - - - qmqpd pickup fifo n - - 60 1 pickup cleanup unix n - - - 0 cleanup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - - 300 1 oqmgr tlsmgr unix - - - 1000? 1 tlsmgr rewrite unix - - - - - trivial-rewrite bounce unix - - - - 0 bounce defer unix - - - - 0 bounce trace unix - - - - 0 bounce verify unix - - - - 1 verify flush unix n - - 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - - - - smtp # When relaying mail as backup MX, disable fallback_relay to avoid MX loops relay unix - - - - - smtp -o smtp_fallback_relay= # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 showq unix n - - - - showq error unix - - - - - error retry unix - - - - - error discard unix - - - - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - - - - lmtp anvil unix - - - - 1 anvil scache unix - - - - 1 scache # # ==================================================================== # Interfaces to non-Postfix software. Be sure to examine the manual # pages of the non-Postfix software to find out what options it wants. # # Many of the following services use the Postfix pipe(8) delivery # agent. See the pipe(8) man page for information about ${recipient} # and other message envelope options. # ==================================================================== # # maildrop. See the Postfix MAILDROP_README file for details. # Also specify in main.cf: maildrop_destination_recipient_limit=1 # maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} # # See the Postfix UUCP_README file for configuration details. # uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) # # Other external delivery methods. # ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient scalemail-backend unix - n n - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} mailman unix - n n - - pipe flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user}
I don't see anything obviously amiss. Just check that the relay server name in /etc/postfix/sasl_passwd is also enclosed in [].
I'm not sure this is related but also found this in logwatch Code: --------------------- Kernel Begin ------------------------ WARNING: Segmentation Faults in these executables [74592.920762] console-kit-dae : 1 Time(s) ---------------------- Kernel End -------------------------
Please download saslfinger from here http://postfix.state-of-mind.de/patrick.koetter/saslfinger/ and post the output of: Code: sudo saslfinger -c
Code: saslfinger - postfix Cyrus sasl configuration Sat Aug 16 14:28:36 EDT 2008 version: 1.0.4 mode: client-side SMTP AUTH -- basics -- Postfix: 2.5.1 System: Ubuntu 8.04.1 \n \l -- smtp is linked to -- libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7cff000) -- active SMTP AUTH and TLS parameters for smtp -- relayhost = [smtp.broadband.rogers.com] smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_tls_note_starttls_offer = yes smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtp_use_tls = yes -- listing of /usr/lib/sasl2 -- total 724 drwxr-xr-x 2 root root 4096 2008-04-22 13:49 . drwxr-xr-x 171 root root 45056 2008-08-14 15:30 .. -rw-r--r-- 1 root root 13568 2008-04-09 17:50 libanonymous.a -rw-r--r-- 1 root root 862 2008-04-09 17:49 libanonymous.la -rw-r--r-- 1 root root 12984 2008-04-09 17:50 libanonymous.so -rw-r--r-- 1 root root 12984 2008-04-09 17:50 libanonymous.so.2 -rw-r--r-- 1 root root 12984 2008-04-09 17:50 libanonymous.so.2.0.22 -rw-r--r-- 1 root root 15834 2008-04-09 17:50 libcrammd5.a -rw-r--r-- 1 root root 848 2008-04-09 17:49 libcrammd5.la -rw-r--r-- 1 root root 15320 2008-04-09 17:50 libcrammd5.so -rw-r--r-- 1 root root 15320 2008-04-09 17:50 libcrammd5.so.2 -rw-r--r-- 1 root root 15320 2008-04-09 17:50 libcrammd5.so.2.0.22 -rw-r--r-- 1 root root 46332 2008-04-09 17:50 libdigestmd5.a -rw-r--r-- 1 root root 871 2008-04-09 17:49 libdigestmd5.la -rw-r--r-- 1 root root 43020 2008-04-09 17:50 libdigestmd5.so -rw-r--r-- 1 root root 43020 2008-04-09 17:50 libdigestmd5.so.2 -rw-r--r-- 1 root root 43020 2008-04-09 17:50 libdigestmd5.so.2.0.22 -rw-r--r-- 1 root root 13574 2008-04-09 17:50 liblogin.a -rw-r--r-- 1 root root 842 2008-04-09 17:49 liblogin.la -rw-r--r-- 1 root root 13268 2008-04-09 17:50 liblogin.so -rw-r--r-- 1 root root 13268 2008-04-09 17:50 liblogin.so.2 -rw-r--r-- 1 root root 13268 2008-04-09 17:50 liblogin.so.2.0.22 -rw-r--r-- 1 root root 30016 2008-04-09 17:50 libntlm.a -rw-r--r-- 1 root root 836 2008-04-09 17:49 libntlm.la -rw-r--r-- 1 root root 29236 2008-04-09 17:50 libntlm.so -rw-r--r-- 1 root root 29236 2008-04-09 17:50 libntlm.so.2 -rw-r--r-- 1 root root 29236 2008-04-09 17:50 libntlm.so.2.0.22 -rw-r--r-- 1 root root 13798 2008-04-09 17:50 libplain.a -rw-r--r-- 1 root root 842 2008-04-09 17:49 libplain.la -rw-r--r-- 1 root root 13396 2008-04-09 17:50 libplain.so -rw-r--r-- 1 root root 13396 2008-04-09 17:50 libplain.so.2 -rw-r--r-- 1 root root 13396 2008-04-09 17:50 libplain.so.2.0.22 -rw-r--r-- 1 root root 22126 2008-04-09 17:50 libsasldb.a -rw-r--r-- 1 root root 873 2008-04-09 17:49 libsasldb.la -rw-r--r-- 1 root root 18080 2008-04-09 17:50 libsasldb.so -rw-r--r-- 1 root root 18080 2008-04-09 17:50 libsasldb.so.2 -rw-r--r-- 1 root root 18080 2008-04-09 17:50 libsasldb.so.2.0.22 -- listing of /etc/postfix/sasl -- total 12 drwxr-xr-x 2 root root 4096 2008-08-01 02:45 . drwxr-xr-x 4 root root 4096 2008-08-16 12:32 .. -rw-r--r-- 1 root root 50 2008-08-14 15:42 smtpd.conf -- permissions for /etc/postfix/sasl_passwd -- -rw------- 1 root root 66 2008-08-10 20:47 /etc/postfix/sasl_passwd -- permissions for /etc/postfix/sasl_passwd.db -- -rw------- 1 root root 12288 2008-08-10 20:48 /etc/postfix/sasl_passwd.db /etc/postfix/sasl_passwd.db is up to date. -- active services in /etc/postfix/master.cf -- # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) smtp inet n - n - - smtpd pickup fifo n - - 60 1 pickup cleanup unix n - - - 0 cleanup qmgr fifo n - n 300 1 qmgr tlsmgr unix - - - 1000? 1 tlsmgr rewrite unix - - - - - trivial-rewrite bounce unix - - - - 0 bounce defer unix - - - - 0 bounce trace unix - - - - 0 bounce verify unix - - - - 1 verify flush unix n - - 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - - - - smtp relay unix - - - - - smtp -o smtp_fallback_relay= showq unix n - - - - showq error unix - - - - - error retry unix - - - - - error discard unix - - - - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - - - - lmtp anvil unix - - - - 1 anvil scache unix - - - - 1 scache maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient scalemail-backend unix - n n - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} mailman unix - n n - - pipe flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user} -- mechanisms on [smtp.broadband.rogers.com] -- -- end of saslfinger output -- I also need help with godaddy, this is the first time I registerd a domain with godaddy, when i send a email to my server from rogers it always fails and its pointing to godaddy's server not mine. do i have to use godaddy's email server for incoming ? and my isp's for outgoing? if so how do i setup that up.
This shows that there are no AUTH mechanisms being offered by the server, however if you telnet to the port directly, it does offer: Code: user@host:~$ telnet smtp.broadband.rogers.com 25 Trying 206.190.36.18... Connected to smtp-rog.mail.yahoo.com. Escape character is '^]'. 220 smtp104.rog.mail.re2.yahoo.com ESMTP ehlo hostname.example.com 250-smtp104.rog.mail.re2.yahoo.com [b]250-AUTH LOGIN PLAIN XYMCOOKIE[/b] 250-PIPELINING 250 8BITMIME quit 221 smtp104.rog.mail.re2.yahoo.com Connection closed by foreign host. I should have see this earlier. Add the following to main.cf and restart postfix: Code: smtp_sasl_security_options = By default it is set to smtp_sasl_security_options = noplaintext, noanonymous effectively disallowing plaintext which is all that's on offer. I also note that you are using TLS (smtp_use_tls = yes), but have none of the following: smtp_tls_CAfile = smtp_tls_cert_file = smtp_tls_key_file = That's likely to generate some warnings/errors in future with any attempts at TLS. Perhaps turn it off until you've digested Postfix TLS Support. Incoming mail is directed according your domain's MX record in the DNS. You have to configure your MX record for your domain in the DNS server for the domain and it must point to the mail server that will receive your domain's email. If email to your domain is going to godaddy's mail server, then your MX is probably pointing there instead of your server. If DNS is managed at your registrar (godaddy) then you must add/change the MX record there. If you manage the DNS yourself (bind on your box), then you add the MX record there. Which server to use for outgoing depends on your situation. You can use your isp's server if they allow it and provide the necessary connection details. Currently it looks like you are planning on relaying everything out through roger's as a type of isp/smarthost. You can also opt to use your own server, depending on your capabilities and resources and provided it's not being blocked for some reason. There's various different ways and it's really up to you to decide what you'd like to do.
While trying to emulate this it seems that the saslfinger utility doesn't like hostnames wrapped in [], hence you get: Code: -- mechanisms on [smtp.broadband.rogers.com] -- -- end of saslfinger output -- Adding smtp_sasl_security_options = might help, but can you please verify that you can telnet to the relay and issue the ehlo command from your server and post the output? Reviewing the details you've posted so far, I see that your main.cf does contain the above line, but with a slight typo. Yours is missing the s in _options.
