I've followed through the very nice and detail how-to provided here for a postfix email server and receive a wrong/bad password error when trying to connect via imap/smtp to an email account. My /var/log/mail.log shows: Code: Nov 9 12:26:16 email imapd-ssl: Connection, ip=[::ffff:192.168.1.195] Nov 9 12:26:25 email imapd-ssl: LOGIN FAILED, ip=[::ffff:192.168.1.195] I'm certain I'm connecting with the correct username and password. I would like some advice on how best to troubleshoot this issue. If there is any more information I can provide I'd be happy to. Thanks.
No, I receive a similar message on the email client side and the following message in the log notes: Code: Nov 10 08:44:38 email imaplogin: Connection, ip=[::ffff:192.168.1.195] Nov 10 08:44:48 email imaplogin: LOGIN FAILED, ip=[::ffff:192.168.1.195] Please let me know if you need to see any other config files. The hostname of the email server is email.domainname.com, although I would like it to serve email for email addresses of the form [email protected]. Currently the domain name is in use by a previously setup and working (although ancient) qmail server so I am connecting the server using its IP address. Not sure if any of this would affect it. I'm a little concerned from looking at the pam.d/smtp file and the "users" sql table that the authorization is against the whole email address and not just the username, or am I missing something there?
Okay, looked through that thread and tried what was mentioned there. MySQL is running, mail_admin has access to the tabels in mail and there are no errors regarding mysql in the log notes. It seems to be connecting to the MySQL table just fine.. Code: [root@email:~]# mysql -u mail_admin -p Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 97 to server version: 4.1.11-Debian_4sarge2-log Type 'help;' or '\h' for help. Type '\c' to clear the buffer. mysql> select * from mail.users; +------------------------------+---------------+----------+ | email | password | quota | +------------------------------+---------------+----------+ | [email protected] | tBBSZgpT0Ij7U | 10485760 | | [email protected] | hJ05pek3gdqSg | 10485760 | | [email protected] | UDK03yLmpNCek | 10485760 | | [email protected] | 3E14fZA/Q9asM | 10485760 | +------------------------------+---------------+----------+ 4 rows in set (0.00 sec) /etc/courier/authmysqlrc: Code: MYSQL_SERVER 127.0.0.1 MYSQL_USERNAME mail_admin MYSQL_PASSWORD ###### MYSQL_PORT 0 MYSQL_DATABASE mail MYSQL_USER_TABLE users MYSQL_CRYPT_PWFIELD password #MYSQL_CLEAR_PWFIELD password MYSQL_UID_FIELD 5000 MYSQL_GID_FIELD 5000 MYSQL_LOGIN_FIELD email MYSQL_HOME_FIELD "/home/vmail" MYSQL_MAILDIR_FIELD CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/') #MYSQL_NAME_FIELD MYSQL_QUOTA_FIELD quota /etc/courier/authmodulelist: Code: authdaemon /etc/courier/authdaemonrc: Code: ##VERSION: $Id: authdaemonrc.in,v 1.8 2001/10/07 02:16:22 mrsam Exp $ # # Copyright 2000-2001 Double Precision, Inc. See COPYING for # distribution information. # # authdaemonrc created from authdaemonrc.dist by sysconftool # # Do not alter lines that begin with ##, they are used when upgrading # this configuration. # # This file configures authdaemond, the resident authentication daemon. # # Comments in this file are ignored. Although this file is intended to # be sourced as a shell script, authdaemond parses it manually, so # the acceptable syntax is a bit limited. Multiline variable contents, # with the \ continuation character, are not allowed. Everything must # fit on one line. Do not use any additional whitespace for indentation, # or anything else. ##NAME: authmodulelist:0 # # The authentication modules that are linked into authdaemond. The # default list is installed. You may selectively disable modules simply # by removing them from the following list. The available modules you # can use are: authcustom authcram authuserdb authldap authpgsql authmysql authpam authmodulelist="authmysql" ##NAME: authmodulelistorig:1 # # This setting is used by Courier's webadmin module, and should be left # alone authmodulelistorig="authcustom authcram authuserdb authldap authpgsql authmysql authpam" ##NAME: daemons:0 # # The number of daemon processes that are started. authdaemon is typically # installed where authentication modules are relatively expensive: such # as authldap, or authmysql, so it's better to have a number of them running. # PLEASE NOTE: Some platforms may experience a problem if there's more than # one daemon. Specifically, SystemV derived platforms that use TLI with # socket emulation. I'm suspicious of TLI's ability to handle multiple # processes accepting connections on the same filesystem domain socket. # # You may need to increase daemons if as your system load increases. Symptoms # include sporadic authentication failures. If you start getting # authentication failures, increase daemons. However, the default of 5 # SHOULD be sufficient. Bumping up daemon count is only a short-term # solution. The permanent solution is to add more resources: RAM, faster # disks, faster CPUs... daemons=5 ##NAME: version:0 # # When you have multiple versions of authdaemond.* installed, authdaemond # just picks the first one it finds. Set "version" to override that. # For example: version=authdaemond.plain version="" ##NAME: authdaemonvar:0 # # authdaemonvar is here, but is not used directly by authdaemond. It's # used by various configuration and build scripts, so don't touch it! authdaemonvar=/var/run/courier/authdaemon /etc/postfix/main.cf: Code: # See /usr/share/postfix/main.cf.dist for a commented, more complete version smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h myhostname = email.portfoliomci.com alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = email.portfoliomci.com, localhost, localhost.localdomain relayhost = mynetworks = 127.0.0.0/8 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all smtpd_sasl_local_domain = smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_tls_auth_only = no smtp_use_tls = yes smtpd_use_tls = yes smtp_tls_note_starttls_offer = yes smtpd_tls_key_file = /etc/postfix/smtpd.key smtpd_tls_cert_file = /etc/postfix/smtpd.cert smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom home_mailbox = Maildir/ mailbox_command = virtual_alias_domains = virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf virtual_mailbox_base = /home/vmail virtual_uid_maps = static:5000 virtual_gid_maps = static:5000 transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf virtual_create_maildirsize = yes virtual_mailbox_extended = yes virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf virtual_mailbox_limit_override = yes virtual_maildir_limit_message = "The user you are trying to reach is over quota." virtual_overquota_bounce = yes proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps content_filter = amavis:[127.0.0.1]:10024 receive_override_options = no_address_mappings
Yes, there are no whitespaces. If there were I believe I would be getting issues accessing the mysql table, and I don't see any of those errors in the mail.log.
Netstat -tap results: Code: [root@email:~]# netstat -tap Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 localhost.localdo:10024 *:* LISTEN 21581/amavisd (mast tcp 0 0 localhost.localdo:10025 *:* LISTEN 19625/master tcp 0 0 localhost.localdo:mysql *:* LISTEN 4635/mysqld tcp 0 0 *:smtp *:* LISTEN 19625/master tcp6 0 0 *:imaps *:* LISTEN 2754/couriertcpd tcp6 0 0 *:pop3s *:* LISTEN 2671/couriertcpd tcp6 0 0 *:pop3 *:* LISTEN 20792/couriertcpd tcp6 0 0 *:imap2 *:* LISTEN 20775/couriertcpd tcp6 0 0 *:www *:* LISTEN 4015/apache2 tcp6 0 0 *:ssh *:* LISTEN 2115/sshd tcp6 0 0 *:smtp *:* LISTEN 19625/master tcp6 0 444 ::ffff:192.168.1.37:ssh ::ffff:192.168.1.1:1825 ESTABLISHED22290/0 For some reason I'm also getting these in my mail.log now: Code: Nov 11 11:26:31 email postfix/master[19625]: warning: process /usr/lib/postfix/virtual pid 22318 exit status 1 Nov 11 11:26:31 email postfix/master[19625]: warning: /usr/lib/postfix/virtual: bad command startup -- throttling Nov 11 11:27:31 email postfix/virtual[22321]: fatal: mysql:/etc/postfix/mysql-virtual_mailboxes.cf: proxy map is not allowed for security sensitive data Nov 11 11:27:32 email postfix/master[19625]: warning: process /usr/lib/postfix/virtual pid 22321 exit status 1 Nov 11 11:27:32 email postfix/master[19625]: warning: /usr/lib/postfix/virtual: bad command startup -- throttling Nov 11 11:28:11 email postfix/postfix-script: stopping the Postfix mail system Nov 11 11:28:11 email postfix/master[19625]: terminating on signal 15 Nov 11 11:28:12 email postfix/postfix-script: starting the Postfix mail system Nov 11 11:28:12 email postfix/master[22423]: daemon started -- version 2.1.5 Nov 11 11:28:12 email postfix/qmgr[22426]: B3D2089FA: from=<[email protected]>, size=1006, nrcpt=1 (queue active) Nov 11 11:28:12 email postfix/virtual[22431]: fatal: mysql:/etc/postfix/mysql-virtual_mailboxes.cf: proxy map is not allowed for security sensitive data Nov 11 11:28:13 email postfix/master[22423]: warning: process /usr/lib/postfix/virtual pid 22431 exit status 1 Nov 11 11:28:13 email postfix/master[22423]: warning: /usr/lib/postfix/virtual: bad command startup -- throttling
Do you have Code: proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps in /etc/postfix/main.cf? The line must contain $virtual_mailbox_maps! If this doesn't help, remove proxy: from /etc/postfix/main.cf (e.g. Code: virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailboxes.cf instead of Code: virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf ). Don't forget to restart Postfix after your changes!
Okay, checked the /etc/postfix/main.cf and the proxy_read_maps line was there. So I removed the proxy part from the virtual_mailbox_maps line and receive no more errors in my mail.log file. I sent a test message from the "admin" account to "[email protected]" and this is the log notes: Code: Nov 11 12:37:45 email postfix/pickup[24057]: B567A8B2C: uid=1000 from=<admin> Nov 11 12:37:45 email postfix/cleanup[24086]: B567A8B2C: message-id=<[email protected]> Nov 11 12:37:45 email postfix/qmgr[24058]: B567A8B2C: from=<[email protected]>, size=459, nrcpt=1 (queue active) Nov 11 12:37:47 email postfix/smtpd[24097]: connect from localhost.localdomain[127.0.0.1] Nov 11 12:37:47 email postfix/smtpd[24097]: D512C8B2B: client=localhost.localdomain[127.0.0.1] Nov 11 12:37:47 email postfix/cleanup[24086]: D512C8B2B: message-id=<[email protected]> Nov 11 12:37:47 email postfix/qmgr[24058]: D512C8B2B: from=<[email protected]>, size=940, nrcpt=1 (queue active) Nov 11 12:37:47 email amavis[21587]: (21587-01) Passed, <[email protected]> -> <[email protected]>, Message-ID: <[email protected]>, Hits: -1.72 Nov 11 12:37:47 email postfix/smtpd[24097]: disconnect from localhost.localdomain[127.0.0.1] Nov 11 12:37:47 email postfix/smtp[24091]: B567A8B2C: to=<[email protected]>, relay=127.0.0.1[127.0.0.1], delay=2, status=sent (250 2.6.0 Ok, id=21587-01, from MTA: 250 Ok: queued as D512C8B2B) Nov 11 12:37:47 email postfix/qmgr[24058]: B567A8B2C: removed Nov 11 12:37:48 email postfix/smtp[24101]: D512C8B2B: to=<[email protected]>, relay=mail.portfoliomci.com[192.168.1.4], delay=1, status=sent (250 ok 1131730673 qp 2896) Nov 11 12:37:48 email postfix/qmgr[24058]: D512C8B2B: removed Still not able to login from Thunderbird however.
IMAP is what I'm testing at the moment, so receiving emails. But I believe sending isn't working either. Note: I can send via mutt on the server between real accounts, but I can't test virtual accounts in this way.
Did you use Debian stable or testing to install the server? Because in the tutorial I use stable which comes with Postfix 2.1.5, but testing comes with Postfix 2.2.x, and since 2.2 the format of the lookup files has changed. Have a look here: http://www.howtoforge.com/forums/showthread.php?t=1149&page=4 Which Postfix version do you have? Run Code: postconf -d | grep mail_version to find out.
I'm using stable: Code: [root@email:~]# postconf -d | grep mail_version mail_version = 2.1.5 I think this may have to do with me not having the dns information completely setup yet, instead I'm trying to connect to [email protected] (the internal IP of the email server) and I have 192.168.1.37 in my domains table and a user [email protected] in the users table. I will try to get my dns information setup today and see if that helps. If you think this isn't what is causing the problem feel free to continue and try to help, I really appreciate your input. Otherwise perhaps it would be best to wait until the dns setup is complete. Thanks.
