SMTP Issue - Virtual Users And Domains ... Ubuntu

Hi,

I have a working Insallation of this howto: http://www.howtoforge.com/virtual_postfix_mysql_quota_courier_ubuntu_edgy

Well, I thougt it is working... I get this error when I want to send a Mail:

I googled a bit, with no success... I seams that the SASL-Part don't work.

Code:

<host>:~# testsaslauthd -u test -p testpass
connect() : No such file or directory

The saslauth-deamon is running:

Code:

<host>:~# ps aux|grep sasl
root     23925  0.0  0.0   7224   736 ?        Ss   15:01   0:00 /usr/sbin/saslauthd -a pam -c -n 5
root     23926  0.0  0.0   7224   468 ?        S    15:01   0:00 /usr/sbin/saslauthd -a pam -c -n 5
root     23930  0.0  0.0   7224   356 ?        S    15:01   0:00 /usr/sbin/saslauthd -a pam -c -n 5
root     23931  0.0  0.0   7224   356 ?        S    15:01   0:00 /usr/sbin/saslauthd -a pam -c -n 5
root     23932  0.0  0.0   7224   356 ?        S    15:01   0:00 /usr/sbin/saslauthd -a pam -c -n 5
root     23937  0.0  0.0   1552   500 pts/0    R+   15:01   0:00 grep sasl

And chroot is enabled: (/etc/postfix/master.cf)

Code:

# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       -       -       -       smtpd

And the rights/owner of "/var/run/saslauthd" should be ok:

Code:

<host>:~# ls -al /var/run/saslauthd
total 936
drwx--x---  2 root sasl    140 Jul 31 15:01 .
drwxr-xr-x 12 root root    400 Jul 31 14:18 ..
-rw-------  1 root root      0 Jul 31 15:01 cache.flock
-rw-------  1 root root 945152 Jul 31 15:01 cache.mmap
srwxrwxrwx  1 root root      0 Jul 31 15:01 mux
-rw-------  1 root root      0 Jul 31 15:01 mux.accept
-rw-------  1 root root      6 Jul 31 15:01 saslauthd.pid

Can someone help me please? I have no ideas anymore...

Thanks
Roman

 

Did you configure saslauthd exactly as shown in chapter 6 on http://www.howtoforge.com/virtual_postfix_mysql_quota_courier_ubuntu_edgy_p3 ?

Which Ubuntu version are you using?

 

Ubuntu 7.04 Feisty Fawn

I just double-checked it... For me it seems ok. Here are my files described on Page 3 of the howto:

Code:

<host>:~# cat /etc/default/saslauthd
#
# Settings for saslauthd daemon
#

# Should saslauthd run automatically on startup? (default: no)
START=yes

PARAMS="-m /var/spool/postfix/var/run/saslauthd -r"
PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"

# Which authentication mechanisms should saslauthd use? (default: pam)
#
# Available options in this Debian package:
# getpwent  -- use the getpwent() library function
# kerberos5 -- use Kerberos 5
# pam       -- use PAM
# rimap     -- use a remote IMAP server
# shadow    -- use the local shadow password file
# sasldb    -- use the local sasldb database file
# ldap      -- use LDAP (configuration is in /etc/saslauthd.conf)
#
# Only one option may be used at a time. See the saslauthd man page
# for more information.
#
# Example: MECHANISMS="pam"
MECHANISMS="pam"

# Additional options for this mechanism. (default: none)
# See the saslauthd man page for information about mech-specific options.
MECH_OPTIONS=""

# How many saslauthd processes should we run? (default: 5)
# A value of 0 will fork a new process for each connection.
THREADS=5

# Other options (default: -c)
# See the saslauthd man page for information about these options.
#
# Example for postfix users: "-c -m /var/spool/postfix/var/run/saslauthd"
# Note: See /usr/share/doc/sasl2-bin/README.Debian
OPTIONS="-c"

Code:

<host>:~# cat /etc/pam.d/smtp
auth    required   pam_mysql.so user=mail_admin passwd=mail_admin_password host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1

account sufficient pam_mysql.so user=mail_admin passwd=mail_admin_password host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1

Code:

<host>:~# cat /etc/postfix/sasl/smtpd.conf
pwcheck_method: saslauthd
mech_list: plain login
allow_plaintext: true
auxprop_plugin: mysql
sql_hostnames: 127.0.0.1
sql_user: mail_admin
sql_passwd: mail_admin_password
sql_database: mail
sql_select: select password from users where email = '%u'

Code:

<host>:~# cat /etc/courier/authdaemonrc
##VERSION: $Id: authdaemonrc.in,v 1.13 2005/10/05 00:07:32 mrsam Exp $
#
# Copyright 2000-2005 Double Precision, Inc.  See COPYING for
# distribution information.
#
# authdaemonrc created from authdaemonrc.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# This file configures authdaemond, the resident authentication daemon.
#
# Comments in this file are ignored.  Although this file is intended to
# be sourced as a shell script, authdaemond parses it manually, so
# the acceptable syntax is a bit limited.  Multiline variable contents,
# with the \ continuation character, are not allowed.  Everything must
# fit on one line.  Do not use any additional whitespace for indentation,
# or anything else.

##NAME: authmodulelist:2
#
# The authentication modules that are linked into authdaemond.  The
# default list is installed.  You may selectively disable modules simply
# by removing them from the following list.  The available modules you
# can use are: authuserdb authpam authpgsql authldap authmysql authcustom authpipe

authmodulelist="authmysql"

##NAME: authmodulelistorig:3
#
# This setting is used by Courier's webadmin module, and should be left
# alone

authmodulelistorig="authuserdb authpam authpgsql authldap authmysql authcustom authpipe"

##NAME: daemons:0
#
# The number of daemon processes that are started.  authdaemon is typically
# installed where authentication modules are relatively expensive: such
# as authldap, or authmysql, so it's better to have a number of them running.
# PLEASE NOTE:  Some platforms may experience a problem if there's more than
# one daemon.  Specifically, SystemV derived platforms that use TLI with
# socket emulation.  I'm suspicious of TLI's ability to handle multiple
# processes accepting connections on the same filesystem domain socket.
#
# You may need to increase daemons if as your system load increases.  Symptoms
# include sporadic authentication failures.  If you start getting
# authentication failures, increase daemons.  However, the default of 5
# SHOULD be sufficient.  Bumping up daemon count is only a short-term
# solution.  The permanent solution is to add more resources: RAM, faster
# disks, faster CPUs...

daemons=5

##NAME: authdaemonvar:2
#
# authdaemonvar is here, but is not used directly by authdaemond.  It's
# used by various configuration and build scripts, so don't touch it!

authdaemonvar=/var/run/courier/authdaemon

##NAME: DEBUG_LOGIN:0
#
# Dump additional diagnostics to syslog
#
# DEBUG_LOGIN=0   - turn off debugging
# DEBUG_LOGIN=1   - turn on debugging
# DEBUG_LOGIN=2   - turn on debugging + log passwords too
#
# ** YES ** - DEBUG_LOGIN=2 places passwords into syslog.
#
# Note that most information is sent to syslog at level 'debug', so
# you may need to modify your /etc/syslog.conf to be able to see it.

DEBUG_LOGIN=0

##NAME: DEFAULTOPTIONS:0
#
# A comma-separated list of option=value pairs. Each option is applied
# to an account if the account does not have its own specific value for
# that option. So for example, you can set
#   DEFAULTOPTIONS="disablewebmail=1,disableimap=1"
# and then enable webmail and/or imap on individual accounts by setting
# disablewebmail=0 and/or disableimap=0 on the account.

DEFAULTOPTIONS=""

##NAME: LOGGEROPTS:0
#
# courierlogger(1) options, e.g. to set syslog facility
#

LOGGEROPTS=""

##NAME: LDAP_TLS_OPTIONS:0
#
# Options documented in ldap.conf(5) can be set here, prefixed with 'LDAP'.
# Examples:
#
#LDAPTLS_CACERT=/path/to/cacert.pem
#LDAPTLS_REQCERT=demand
#LDAPTLS_CERT=/path/to/clientcert.pem
#LDAPTLS_KEY=/path/to/clientkey.pem

Code:

<host>:~# cat /etc/courier/authmysqlrc
MYSQL_SERVER localhost

MYSQL_USERNAME mail_admin

MYSQL_PASSWORD mail_admin_password

MYSQL_PORT 0

MYSQL_DATABASE mail

MYSQL_USER_TABLE users

MYSQL_CRYPT_PWFIELD password

#MYSQL_CLEAR_PWFIELD password

MYSQL_UID_FIELD 5000

MYSQL_GID_FIELD 5000

MYSQL_LOGIN_FIELD email

MYSQL_HOME_FIELD "/home/vmail"

MYSQL_MAILDIR_FIELD CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/')

#MYSQL_NAME_FIELD

MYSQL_QUOTA_FIELD quota

Code:

<host>:~# telnet localhost pop3
Trying 127.0.0.1...
Connected to <host>
Escape character is '^]'.
+OK Hello there.
quit
+OK Better luck next time.
Connection closed by foreign host.

Code:

<host>:~# cat /etc/aliases
# /etc/aliases
mailer-daemon: postmaster
postmaster: root
nobody: root
hostmaster: root
usenet: root
news: root
webmaster: root
www: root
ftp: root
abuse: root
noc: root
security: root

root: <my email adress>

thanks for your help!

greets Roman

 

On Feisty Fawn, /etc/default/saslauthd must look like this:

Code:

#
# Settings for saslauthd daemon
#

# Should saslauthd run automatically on startup? (default: no)
START=yes

# Which authentication mechanisms should saslauthd use? (default: pam)
#
# Available options in this Debian package:
# getpwent  -- use the getpwent() library function
# kerberos5 -- use Kerberos 5
# pam       -- use PAM
# rimap     -- use a remote IMAP server
# shadow    -- use the local shadow password file
# sasldb    -- use the local sasldb database file
# ldap      -- use LDAP (configuration is in /etc/saslauthd.conf)
#
# Only one option may be used at a time. See the saslauthd man page
# for more information.
#
# Example: MECHANISMS="pam"
MECHANISMS="pam"

# Additional options for this mechanism. (default: none)
# See the saslauthd man page for information about mech-specific options.
MECH_OPTIONS=""

# How many saslauthd processes should we run? (default: 5)
# A value of 0 will fork a new process for each connection.
THREADS=5

# Other options (default: -c)
# See the saslauthd man page for information about these options.
#
# Example for postfix users: "-c -m /var/spool/postfix/var/run/saslauthd"
# Note: See /usr/share/doc/sasl2-bin/README.Debian
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"

 

Thanks falko! That solved the "cannot connect to saslauthd server" error. It seams I have an other one...

Code:

postfix/smtpd[13408]: connect from <current IP>
postfix/smtpd[13408]: warning: SASL authentication failure: Password verification failed
postfix/smtpd[13408]: warning: <current IP>: SASL PLAIN authentication failed: authentication failure
postfix/smtpd[13408]: warning: <current IP>: SASL LOGIN authentication failed: authentication failure
postfix/smtpd[13408]: disconnect from <current IP>

And yes, I typed the right password (tried it several times)...

 

I suggest that you compare all your settings again to this tutorial: http://www.howtoforge.com/virtual_users_and_domains_with_postfix_debian_etch

(Ubuntu 7.04 is very similar to Debian Etch, whereas there are some differences to Ubuntu Edgy.

 

I have no idea why, but now it works! Maybe it was a wrong setting on my computer at work...