Sending mail to non local host(but the host is on same domain)

I've now got it where I can log in with new accounts I create, but smtp authentication through outlook still fails. the error message in the log is

SASL LOGIN authentication failed: authentication failure

 

What's the username you use in Outlook? It must be the system username, not the email address or anything else.

 

I use the same username/password in outlook as I do for roundcube. I created a test account in ISPConfig with username bilmar_bill, password 1234, and email address [email protected], then I set it up in outlook with bilmar_bill as the username and 1234 as the password. POP3 authentication works fine, I can send/receive and will get emails I send to the account. However, SMTP authentication does not work. Under Outgoing Server, I checked "Use same settings as incoming server" in Outlook, which is what has me confused. It's the same username/password for both POP3 and SMTP, and POP3 logs in fine, but SMTP fails. I've tried setting accounts up without requiring authentication on outgoing mail, but then I get a bounce when I try to send email - Relay Access Denied.

 

What's in /etc/postfix/sasl/smtpd.conf and /etc/postfix/main.cf?

 

smtpd.conf

Code:

pwcheck_method: saslauthd
mech_list: plain login

main.cf

Code:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = webserver.uc3.biz
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = webserver.uc3.biz, localhost.uc3.biz, localhost.localdomain, localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

 

Please run

Code:

postconf -e 'virtual_maps = hash:/etc/postfix/virtusertable'
postconf -e 'mydestination = /etc/postfix/local-host-names'
/etc/init.d/postfix restart

 

I ran the code, but it's still doing the same thing. Is there an alternative to postfix that works easily with ispconfig?

 

Did you disable AppArmor? Did you add postfix to the sasl group? What's in /etc/default/saslauthd?

 

AppArmor is disable and postfix belongs to the groups postfix and sasl.

Here is /etc/default/saslauthd

Code:

#
# Settings for saslauthd daemon
# Please read /usr/share/doc/sasl2-bin/README.Debian for details.
#

# Should saslauthd run automatically on startup? (default: no)
START=yes

# Description of this saslauthd instance. Recommended.
# (suggestion: SASL Authentication Daemon)
DESC="SASL Authentication Daemon"

# Short name of this saslauthd instance. Strongly recommended.
# (suggestion: saslauthd)
NAME="saslauthd"

# Which authentication mechanisms should saslauthd use? (default: pam)
#
# Available options in this Debian package:
# getpwent  -- use the getpwent() library function
# kerberos5 -- use Kerberos 5
# pam       -- use PAM
# rimap     -- use a remote IMAP server
# shadow    -- use the local shadow password file
# sasldb    -- use the local sasldb database file
# ldap      -- use LDAP (configuration is in /etc/saslauthd.conf)
#
# Only one option may be used at a time. See the saslauthd man page
# for more information.
#
# Example: MECHANISMS="pam"
MECHANISMS="pam"

# Additional options for this mechanism. (default: none)
# See the saslauthd man page for information about mech-specific options.
MECH_OPTIONS=""

# How many saslauthd processes should we run? (default: 5)
# A value of 0 will fork a new process for each connection.
THREADS=5

# Other options (default: -c -m /var/run/saslauthd)
# Note: You MUST specify the -m option or saslauthd won't run!
#
# WARNING: DO NOT SPECIFY THE -d OPTION.
# The -d option will cause saslauthd to run in the foreground instead of as
# a daemon. This will PREVENT YOUR SYSTEM FROM BOOTING PROPERLY. If you wish
# to run saslauthd in debug mode, please run it by hand to be safe.
#
# See /usr/share/doc/sasl2-bin/README.Debian for Debian-specific information.
# See the saslauthd man page and the output of 'saslauthd -h' for general
# information about these options.
#
# Example for postfix users: "-c -m /var/spool/postfix/var/run/saslauthd"
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"

 

Looks ok. Not sure what it is...

 

Know it's been awhile, but figured I'd post the solution I found for anyone else with the same issue.

In /etc/default/saslauthd, change:
MECHANISMS="pam"

To:
MECHANISMS="shadow"