Virtual Users And Domains With Postfix, Courier And MySQL Etch, Authentication ISP

Discussion in 'HOWTO-Related Questions' started by mess-mate, Jan 17, 2008.

  1. mess-mate

    mess-mate New Member

    Virtual Users And Domains With Postfix, Courier And MySQL (Debian Etch).
    I've installed this server following the howto on a different machine to act as a mailserver for the other stations.

    Everyone can connect to their mailbox with a webmail mailer (ilohamail) on the server but they can't send any message.
    This is the error who's occured:
    postfix/smtp[30659]: 7FF1427CA8: to=<[email protected]>,[]:25, delay=0.21, delays=0.02/0/0.13/0.05, dsn=5.0.0, status=bounced (host[] said: 554 <[email protected]>: Recipient address rejected: Missing Authentication (in reply to RCPT TO command))

    I've checked so what everything but can't find what's going wrong.
    best regards
  2. falko

    falko Super Moderator ISPConfig Developer

  3. mess-mate

    mess-mate New Member

  4. mess-mate

    mess-mate New Member

    OK, i followed

    but it didn't change anything.

    This is the exactly error:
    serv postfix/smtp[9768]: 6E9BC27CA7: to=<[email protected]>,[]:25, delay=0.
    37, delays=0.12/0.01/0.14/0.09, dsn=5.0.0, status=bounced (host[] said: 554 <[email protected]>:
    Recipient address rejected: Missing Authentication (in reply to RCPT TO command))

    'serv' is the server machine name and the message was sent from a workstation with a webmail on that server.

    I'm sure it's a postfix (or sassl) question, when i sent a message with mutt on that workstation (connected to the server imap-courier), the message is sent correctly because the smtp (postfix) of the workstation is used and not the smtp of the server.
    Last edited: Jan 19, 2008
  5. falko

    falko Super Moderator ISPConfig Developer

    What's in /etc/postfix/ Did you create /etc/postfix/sasl_passwd with the correct username and password?
  6. mess-mate

    mess-mate New Member

    Hi Falko,
    as you can see :
    -rw------- 1 root root 37 2008-01-19 15:28 sasl_passwd
    -rw------- 1 root root 12288 2008-01-19 15:29 sasl_passwd.db

    I've tryed inserting in sasl_passwd:
    and mess-mate:mypassword ( my passwd in clear)
    and did a postmap + restart postfix of course..
    I also mv /etc/postfix/sasl to /etc/postfix/sasl-org.
    Moving the sasl directory to sasl-org did not change anything to login to my mailbox on the server. What are the purposes exactly of that sasl ? I thought to login to the mailbox, do it ?
    So here is my postconf -n :
    alias_database = hash:/etc/aliases
    alias_maps = hash:/etc/aliases
    broken_sasl_auth_clients = yes
    config_directory = /etc/postfix
    debug_peer_list = localhost
    default_transport = smtp
    mailbox_size_limit = 0
    mydestination =, localhost, localhost.localdomain
    myhostname =
    mynetworks =
    proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
    recipient_delimiter = +
    relayhost = []
    sender_canonical_maps = hash:/etc/postfix/sender_canonical
    sendmail_path = /usr/sbin/sendmail
    smtp_generic_maps = hash:/etc/postfix/generic
    smtp_helo_name =
    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
    smtp_sasl_security_options =
    smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination permit_sasl_authenticated
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_authenticated_header = yes
    smtpd_tls_cert_file = /etc/postfix/smtpd.cert
    smtpd_tls_key_file = /etc/postfix/smtpd.key
    smtpd_use_tls = yes
    transport_maps = proxy:mysql:/etc/postfix/
    virtual_alias_domains =
    virtual_alias_maps = proxy:mysql:/etc/postfix/, mysql:/etc/postfix/
    virtual_create_maildirsize = yes
    virtual_gid_maps = static:5000
    virtual_mailbox_base = /home/vmail
    virtual_mailbox_domains = proxy:mysql:/etc/postfix/
    virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/
    virtual_mailbox_limit_override = yes
    virtual_mailbox_maps = proxy:mysql:/etc/postfix/
    virtual_maildir_limit_message = "The user you are trying to reach is over quota."
    virtual_overquota_bounce = yes
    virtual_transport = maildrop
    virtual_uid_maps = static:5000

    Thanks for the help.
  7. falko

    falko Super Moderator ISPConfig Developer

    Please remove the brackets in
    relayhost = [] 
    and restart Postfix.
  8. mess-mate

    mess-mate New Member

    Sorry, do not change anything :eek:
    Did you encounter in the past a trouble as this ?
    Can it be a sasl problem ?
  9. falko

    falko Super Moderator ISPConfig Developer

    Are there one or two lines in sasl_passwd?
    You only need one line:
    Code: mess-mate:mypassword
    mess-mate must be your username on and mypassword the password for the user mess-mate on
  10. mess-mate

    mess-mate New Member

    Yes, only 1 line.
    My server is setup as follows: (to be more clear)
    -all internal users have a [email protected] mail address
    ( is only a web address stored by zoneedit, it is only used internally)
    -the same users have a email-address by our ISP like this: [email protected].

    -My mysql table contains the [email protected] addresses with their password. (not any * domain address)
    And the table can't be used for external authentication.

    So i've changed in my, smtpd_sasl_auth_enable = yes to smtp_sasl_auth_enable = yes ( for externally smtp authentication i presume), and now there is a SASL authentication failure 535.
  11. falko

    falko Super Moderator ISPConfig Developer

    Are you absolutely sure that this line contains the correct username and password for You can test this in an email client.
  12. mess-mate

    mess-mate New Member

    Thanks for the patience..
    Yes there is absolutely only 1 line.
    after passing the night, without shutdown the server, messages can be sent with any user ([email protected]) !

    I don't really understand how it can now.
    ( i tryed so many things....)

    Can you tell me :
    - what to do with that pam setup, /etc/postfix/sasl setup and the mysql setup ?
    - is there any about /etc/sasldb2 ?
  13. mess-mate

    mess-mate New Member

    Hi Falko,
    i was curious about that sudently running and did some tests.
    Well, there is no need to do any sasl authentication !
    I removed the directory /etc/postfix/sasl and i
    removed in 'mtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd' also the *.db.

    Postfix continue running as expected.

    But: i configured /etc/postfix/canonical as this:
    xxx [email protected] with a good postmap and that's all.

    xxx is the normal user on the server
    yyy is a [email protected]

    Why? because the machinename is sent as a user-name to the ISP with a simple configuration; so changing it to a really ISP email-user did the trick.
  14. bucheron_59

    bucheron_59 New Member

    help too

    Config FEDORA 9 + FAI
    I post my postconf -n

    alias_database = hash:/etc/aliases
    alias_maps = hash:/etc/aliases
    broken_sasl_auth_clients = yes
    command_directory = /usr/sbin
    config_directory = /etc/postfix
    daemon_directory = /usr/libexec/postfix
    data_directory = /var/lib/postfix
    debug_peer_level = 2
    home_mailbox = Maildir/
    html_directory = no
    inet_interfaces = all
    inet_protocols = all
    mail_owner = postfix
    mailbox_command =
    mailq_path = /usr/bin/mailq.postfix
    manpage_directory = /usr/share/man
    mydestination = /etc/postfix/local-host-names
    myhostname =
    mynetworks =
    newaliases_path = /usr/bin/newaliases.postfix
    queue_directory = /var/spool/postfix
    readme_directory = /usr/share/doc/postfix-2.5.5/README_FILES
    relayhost = []:587
    sample_directory = /usr/share/doc/postfix-2.5.5/samples
    sendmail_path = /usr/sbin/sendmail.postfix
    setgid_group = postdrop
    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
    smtp_tls_note_starttls_offer = yes
    smtp_use_tls = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_authenticated_header = yes
    smtpd_sasl_local_domain =
    smtpd_sasl_security_options = noanonymous
    smtpd_tls_CAfile = /etc/postfix/ssl/mailserver/cacert.pem
    smtpd_tls_auth_only = no
    smtpd_tls_cert_file = /etc/postfix/ssl/mailserver/smtpd.crt
    smtpd_tls_key_file = /etc/postfix/ssl/mailserver/smtpd.key
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    smtpd_use_tls = yes
    tls_random_source = dev:/dev/urandom
    unknown_local_recipient_reject_code = 550

    FAI ORANGE have got a special port (587) and smtp (
    login isn't your email but it's your login like this fti/.........

    I have got the same problems to send email, What can i do?
  15. falko

    falko Super Moderator ISPConfig Developer

    Any errors in your mail log?

Share This Page