SMTP Auth. error (relay) - frustrating

Hi,

Whatever I did, I wasn't able to send mail over Postfix via a user created by ISPConfig (email>new user). Its already impossible to send without auth (outlook exp). There is no DNS problem. I can telnet and connect but cannot send to any domain thats not hosted here.

What should I do? Below is my main.cf file...

BTW: I've read the post at http://www.howtoforge.com/forums/showthread.php?t=4795&page=1

Nothing worked... I don't use the name "info" btw.

I'll be very happy if you help me, thanks again for this powerful tool.


--------------- main.cf -----------------------

queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
unknown_local_recipient_reject_code = 550
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, check_relay_domains
alias_maps = hash:/etc/aliases, nis:mail.aliases
alias_database = hash:/etc/aliases
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.2.8/samples
readme_directory = /usr/share/doc/postfix-2.2.8/README_FILES
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
home_mailbox = Maildir/
mailbox_command =
virtual_maps = hash:/etc/postfix/virtusertable
mydestination = /etc/postfix/local-host-names

 

I know, it's enabled. But username/password is not accepted... It keeps asking and asking...

BTW: I've tried username/password created in ISPConfig new user panel, also tried user@ mydomain.com, mail@ mydomain.com...

Nothing is accepted...

I can send to local domains... But only to them...

 

What's the exact error message you get? What's in your mail log?

The username you must use in Outlook should look like this: web1_someuser, not an email address.

 

Hi,

I've removed the prefix for hosts (I don't use webx_user syntax, just "user"). Of couse I'm entering this user and password values into outlook's window. But ik keeps asking and asking. There is no error until I cancel...

BTW: Same user can log into FTP using same password. It looks like user data does not update in SMTP or somehow Postfix does not accept user logins at all. My setup is Fedora 5 (+ perfect setup ISPConfig).

I have no idea where to look for mail log...

Could you please offer me some check I can do them sequantially so we could speed up this process. For example, if I know where postfix looks for users (SMTP), I could check that file and see if the user exists. Weird thing is, I can recieve emails but cannot send! Kinda SMTP login error... :S

BTW, thanx a lot!..

 

hmm ... saslauthd regulates smtp auth ... did u control every step in the Perfect setup guide containing settings for saslauthd?

 

Yes I did actually.

I've even done the installation again 15 mins ago...

nope...

 

What's the output of

Code:

uname -m

?
What's in /usr/lib64/sasl2/smtpd.conf and /usr/lib/sasl2/smtpd.conf?

 

The output is i686

The server runs fedora core 5 and its an AMD 2600 (32 bit not 64).

/usr/lib/sasl2/smtpd.conf is (there is no lib64 folder):

pwcheck_method: saslauthd
mech_list: plain login

I think this is a very common problem (I've searched through the forum). But I couldn't find any solutions.

Thanks
B.

 

Is there any way to test SMTP auth. via telnet? I can send to local domains using HELO/MAIL FROM/RCPT TO/DATA sequence but I have no idea how to test loging mechanism using manual commands (don't know what to do after EHLO)...

 

Google:

Code:

[URL="http://www.google.nl/search?q=smtp+auth+telnet+test"]http://www.google.nl/search?q=smtp+auth+telnet+test[/URL]

shows plenty examples.

 

I've uninstalled and installed again (postfix/ssl/dovecot part) and this time dovecot runs but there is no SMTP response. Connection established but there is not banner of postfix (when I telnet mydomain.com at port 25). I can type anything but there is no response...

This will drive me crazy...

can someone do the setup for me? how?

 

OK I'm editing this post:

There was no log file but I've discovered my log file is /usr/local/psa/var/log/maillog

I've checked it and seen: "fatal: open database /etc/aliases.db: No such file or directory" line

I've gone to /etc and used "postmap aliases" command. There were many errors saying "postmap: warning: aliases, line 96: record is in "key: value" format; is this an alias file?" but finally I've got an aliases.db file.

Problems:

1) MAIL ACCEPT PROBLEM:
Now postfix shows banner, I can log in and check my mails. But server doesn't accept any. When I send email to [email protected] from [email protected] a mail bounces back saying "Client host rejected: Access denied" and there is no mail in the mailbox. No mail can be sent to my server...

2) SMTP AUTH. PROBLEM:
When I try to send mail using my server, it keeps asking username/password... Here is the log:

warning: x.x.x.x: hostname dsl.xxxx.xxx.net verification failed: Name or service not known
connect from unknown[x.x.x.x]
warning: unknown[x.x.x.x]: SASL LOGIN authentication failed
Jan 22 11:23:17 sp4090b postfix/smtpd[3740]: lost connection after AUTH from unknown[x.x.x.x]
Jan 22 11:23:17 sp4090b postfix/smtpd[3740]: disconnect from unknown[x.x.x.x]


Then I've used telnet mydomain.com 25
ehlo mydomain.com

250-mydomain.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250 8BITMIME

auth login
334 VXNlcm5hbWU6
dGVzdA== (this is base64 encoded user name "test" - I've removed prefix in ispconfig and created user)
334 UGFzc3dvcmQ6
dGVzdA== (password "test")
535 Error: authentication failed

Yes.... what is the reason auth fails.... I think it has something to do with the previously installed plesk. It is possible that it's affecting somehow? It's not installed anyore.

******** HERE IS THE DETAILED LOG FILE ************

Jan 22 13:56:07 myserver postfix/smtpd[8505]: > unknown[ x.x.x.x]: 220 mydomain.com ESMTP Postfix
Jan 22 13:56:07 myserver postfix/smtpd[8505]: < unknown[ x.x.x.x]: EHLO bcolak
Jan 22 13:56:07 myserver postfix/smtpd[8505]: > unknown[ x.x.x.x]: 250-mydomain.com
Jan 22 13:56:07 myserver postfix/smtpd[8505]: > unknown[ x.x.x.x]: 250-PIPELINING
Jan 22 13:56:07 myserver postfix/smtpd[8505]: > unknown[ x.x.x.x]: 250-SIZE 10240000
Jan 22 13:56:07 myserver postfix/smtpd[8505]: > unknown[ x.x.x.x]: 250-VRFY
Jan 22 13:56:07 myserver postfix/smtpd[8505]: > unknown[ x.x.x.x]: 250-ETRN
Jan 22 13:56:07 myserver postfix/smtpd[8505]: > unknown[ x.x.x.x]: 250-STARTTLS
Jan 22 13:56:07 myserver postfix/smtpd[8505]: > unknown[ x.x.x.x]: 250-AUTH PLAIN LOGIN
Jan 22 13:56:07 myserver postfix/smtpd[8505]: match_list_match: unknown: no match
Jan 22 13:56:07 myserver postfix/smtpd[8505]: match_list_match: x.x.x.x: no match
Jan 22 13:56:07 myserver postfix/smtpd[8505]: > unknown[ x.x.x.x]: 250-AUTH=PLAIN LOGIN
Jan 22 13:56:07 myserver postfix/smtpd[8505]: > unknown[ x.x.x.x]: 250 8BITMIME
Jan 22 13:56:07 myserver postfix/smtpd[8505]: < unknown[ x.x.x.x]: AUTH LOGIN
Jan 22 13:56:07 myserver postfix/smtpd[8505]: smtpd_sasl_authenticate: sasl_method LOGIN
Jan 22 13:56:07 myserver postfix/smtpd[8505]: smtpd_sasl_authenticate: uncoded challenge: Username:
Jan 22 13:56:07 myserver postfix/smtpd[8505]: > unknown[ x.x.x.x]: 334 VXNlcm5hbWU6
Jan 22 13:56:08 myserver postfix/smtpd[8505]: < unknown[ x.x.x.x]: dGVzdA==
Jan 22 13:56:08 myserver postfix/smtpd[8505]: smtpd_sasl_authenticate: decoded response: test
Jan 22 13:56:08 myserver postfix/smtpd[8505]: smtpd_sasl_authenticate: uncoded challenge: Password:
Jan 22 13:56:08 myserver postfix/smtpd[8505]: > unknown[ x.x.x.x]: 334 UGFzc3dvcmQ6
Jan 22 13:56:09 myserver postfix/smtpd[8505]: < unknown[ x.x.x.x]: dGVzdA==
Jan 22 13:56:09 myserver postfix/smtpd[8505]: smtpd_sasl_authenticate: decoded response: test
Jan 22 13:56:09 myserver postfix/smtpd[8505]: warning: unknown[ x.x.x.x]: SASL LOGIN authentication failed
Jan 22 13:56:09 myserver postfix/smtpd[8505]: > unknown[ x.x.x.x]: 535 Error: authentication failed
Jan 22 13:56:09 myserver postfix/smtpd[8505]: smtp_get: EOF
Jan 22 13:56:09 myserver postfix/smtpd[8505]: match_hostname: unknown ~? 127.0.0.0/8
Jan 22 13:56:09 myserver postfix/smtpd[8505]: match_hostaddr: x.x.x.x ~? 127.0.0.0/8
Jan 22 13:56:09 myserver postfix/smtpd[8505]: match_hostname: unknown ~? x.111.164.0/22
Jan 22 13:56:09 myserver postfix/smtpd[8505]: match_hostaddr: x.x.x.x ~? x.111.164.0/22
Jan 22 13:56:09 myserver postfix/smtpd[8505]: match_list_match: unknown: no match
Jan 22 13:56:09 myserver postfix/smtpd[8505]: match_list_match: x.x.x.x: no match
Jan 22 13:56:09 myserver postfix/smtpd[8505]: send attr request = disconnect
Jan 22 13:56:09 myserver postfix/smtpd[8505]: send attr ident = smtp: x.x.x.x
Jan 22 13:56:09 myserver postfix/smtpd[8505]: private/anvil: wanted attribute: status
Jan 22 13:56:09 myserver postfix/smtpd[8505]: input attribute name: status
Jan 22 13:56:09 myserver postfix/smtpd[8505]: input attribute value: 0
Jan 22 13:56:09 myserver postfix/smtpd[8505]: private/anvil: wanted attribute: (list terminator)
Jan 22 13:56:09 myserver postfix/smtpd[8505]: input attribute name: (end)
Jan 22 13:56:09 myserver postfix/smtpd[8505]: lost connection after AUTH from unknown[ x.x.x.x]
Jan 22 13:56:09 myserver postfix/smtpd[8505]: disconnect from unknown[ x.x.x.x]
Jan 22 13:56:09 myserver postfix/smtpd[8505]: master_notify: status 1
Jan 22 13:56:09 myserver postfix/smtpd[8505]: connection closed

 

solving...

Please help me, I think we're about to solve this problem. Everything is becoming clear. Please take a look and guide me...

Nobody is replying anymore

 

Look ma! I'm invisible...

 

Once upon a time, I have tried Plesk (installed trial version). Then, after I've discovered the beauty of ISPConfig, I've uninstalled it.

To install ISPConfig and Postfix, I've followed the perfect setup guide. But since my server is a dedicated one, I haven't formatted it before installing ISPConfig.

Is it possible to use ISPConfig/Postfix without SASL authentication? If it is, how can I disable sasl and use plain login?

Thank you very much for your reply, Till.

 

I vividly advise not to do this, because otherwise your server has a good chance of getting abused by spammers and ending on a blacklist!

Can your server provider install a clean CentOS image on the server?

 

Uhm... ok... I wasn't expecting this to be so easy to abuse (because there will be still an authentication but no ssl).

However, my system is fedora 5. It looks like i will request for a system restore. My provider is server pronto (infolink). And server is AMD (not 64 bit). They install webmin. I think I will request not to install anything. I'll install from beginning...

Do you think perfect setup guide (fedora 5) suits quite fine into non 64-bit systems (except changing lib64 to lib directory)?

Thanks Falko ( I remember a singer named Falko, he had a great song called Jenny I think, it was very impressive : )