SASL PLAIN authentication failed

Discussion in 'General' started by aa6tem, Mar 28, 2022.

  1. aa6tem

    aa6tem New Member

    After I updated ISPconfig to 3.2.8 and also after the patch to 3.2.8p1 Im having issues with postfix

    For some receipents Im getting:

    Mar 28 07:41:06 -- postfix/smtpd[19300]: warning: localhost[]: SASL PLAIN authentication failed:
    Mar 28 07:41:06 -- postfix/smtp[19299]: 23D3986: to=<[email protected]>, relay=[]:10025, delay=2.2, delays=0.02/0.06/2.1/0, dsn=4.7.8, status=undeliverable (SASL authentication failed; server[] said: 535 5.7.8 Error: authentication failed: )
    Also my server stopped to accept some mails:

    Mar 24 11:45:11 -- postfix/smtpd[10303]: NOQUEUE: reject: RCPT from[]: 450 4.1.1 <[email protected]>: Recipient address rejected: unverified address
    : SASL authentication failed; server[] said: 535 5.7.8 Error: authentication failed: ; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<>

    I was able to solve the problem with commenting out the following newly added config from

    #address_verify_virtual_transport = smtp:[]:10025
    #address_verify_transport_maps = static:smtp:[]:10025
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Seems as if amavis on your system is not sarted.
  3. aa6tem

    aa6tem New Member

    It is , and the weird thing, it was only blocking some mails not all.

    /etc/init.d/amavis status
    ● amavis.service - LSB: Starts amavisd-new mailfilter
    Loaded: loaded (/etc/init.d/amavis; generated)
    Active: active (running) since Mon 2022-03-28 09:05:02 CEST; 47min ago
    Docs: man:systemd-sysv-generator(8)
    Process: 513 ExecStart=/etc/init.d/amavis start (code=exited, status=0/SUCCESS)
    Tasks: 3 (limit: 4698)
    Memory: 545.8M
    CGroup: /system.slice/amavis.service
    ├─1306 /usr/sbin/amavisd-new (master)
    ├─3158 /usr/sbin/amavisd-new (ch4-avail)
    └─3159 /usr/sbin/amavisd-new (ch4-avail)
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Is Amavis listening on that port? Check with:

    netstat -ntap | grep 10025
  5. aa6tem

    aa6tem New Member

    I was checking that
    tcp 0 0* LISTEN 5755/master

    further I see
    tcp 0 0 localhost:10023* LISTEN 669/postgrey --pidf
    tcp 0 0 localhost:10024* LISTEN 1306/amavisd-new (m
    tcp 0 0 localhost:10025* LISTEN 5755/master
    tcp 0 0 localhost:10026* LISTEN 1306/amavisd-new (m
    tcp 0 0 localhost:10027* LISTEN 5755/master

    This is my amavis config

    50-user:$inet_socket_port = [10024,10026];
    50-user:$interface_policy{'10026'} = 'ORIGINATING';
    Last edited: Mar 28, 2022
  6. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

    I'd suspect you have a problem with dovecot userdb/passwd lookups, as user verification will be done (past the amavis daemon) via the dovecot lmtp daemon, and sasl authentication is via dovecot auth service. Maybe try restarting dovecot and see if there are any errors in the mail log. You could check that your /etc/dovecot/dovecot.conf looks complete (one other user reported only a partial config file after updating).
  7. sipherdee

    sipherdee New Member HowtoForge Supporter

    I was having the same issue which was solved by restarting the 'amavis' service and commenting the two lines mentionned by aa6tem in ''. I then restarted the 'postfix' and 'dovecot' services.
    Last edited: Jun 15, 2022
    aa6tem likes this.

Share This Page