Postfix/smtpd - SASL Auth Problem

[nubduck]

Hi,

In short, when I try to send mails from Microsoft Outlook 2007, I keep getting prompted to enter username and password, and even though I know its correct, it just keeps poping up. Suspecting its the server, I checked the logs and found the following:

From /var/log/mailog:

Code:

Jun  3 03:41:30 hostnowwithus postfix/smtpd[3420]: connect from cm121.sigma50.maxonline.com.sg[218.212.50.121]
Jun  3 03:41:30 hostnowwithus postfix/smtpd[3420]: warning: SASL authentication failure: no secret in database
Jun  3 03:41:30 hostnowwithus postfix/smtpd[3420]: warning: cm121.sigma50.maxonline.com.sg[218.212.50.121]: SASL NTLM authentication failed: authentication failure
Jun  3 03:41:30 hostnowwithus postfix/smtpd[3420]: warning: SASL authentication failure: realm changed: authentication aborted
Jun  3 03:41:30 hostnowwithus postfix/smtpd[3420]: warning: cm121.sigma50.maxonline.com.sg[218.212.50.121]: SASL DIGEST-MD5 authentication failed: authentication failure
Jun  3 03:41:30 hostnowwithus postfix/smtpd[3420]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Jun  3 03:41:30 hostnowwithus postfix/smtpd[3420]: warning: cm121.sigma50.maxonline.com.sg[218.212.50.121]: SASL LOGIN authentication failed: generic failure
Jun  3 03:41:30 hostnowwithus postfix/smtpd[3420]: lost connection after AUTH from cm121.sigma50.maxonline.com.sg[218.212.50.121]
Jun  3 03:41:30 hostnowwithus postfix/smtpd[3420]: disconnect from cm121.sigma50.maxonline.com.sg[218.212.50.121]

Anybody has any ideas where I should go around fixing it?

---

Just update to my problem as above:
Using IMAP from the webmail client works fine, send and receive. Its just the SMTP when using with POP3 via Outlook 2007 so far.

Downloading other mail clients to test it out as well.

Other error logs I found while scanning through the log was this:
From /var/log/maillog

Code:

Jun  3 04:08:10 hostnowwithus postfix/cleanup[25495]: warning: database /etc/postfix/ispcp/aliases.db is older than source file /etc/postfix/ispcp/aliases

But it seems unrelated to the problem in #1

---

Similar error in thunderbird:

From /var/log/maillog:

Code:

Jun  3 04:21:09 hostnowwithus postfix/smtpd[9728]: connect from cm121.sigma50.maxonline.com.sg[218.212.50.121]
Jun  3 04:21:09 hostnowwithus postfix/smtpd[9728]: setting up TLS connection from cm121.sigma50.maxonline.com.sg[218.212.50.121]
Jun  3 04:21:09 hostnowwithus postfix/smtpd[9728]: SSL_accept:before/accept initialization
Jun  3 04:21:09 hostnowwithus postfix/smtpd[9728]: SSL_accept:error in SSLv2/v3 read client hello A
Jun  3 04:21:09 hostnowwithus postfix/smtpd[9728]: SSL_accept:error in SSLv3 read client hello B
Jun  3 04:21:09 hostnowwithus postfix/smtpd[9728]: SSL_accept:error in SSLv3 read client hello B
Jun  3 04:21:09 hostnowwithus postfix/smtpd[9728]: SSL_accept:SSLv3 read client hello B
Jun  3 04:21:09 hostnowwithus postfix/smtpd[9728]: SSL_accept:SSLv3 write server hello A
Jun  3 04:21:09 hostnowwithus postfix/smtpd[9728]: SSL_accept:SSLv3 write change cipher spec A
Jun  3 04:21:09 hostnowwithus postfix/smtpd[9728]: SSL_accept:SSLv3 write finished A
Jun  3 04:21:09 hostnowwithus postfix/smtpd[9728]: SSL_accept:SSLv3 flush data
Jun  3 04:21:09 hostnowwithus postfix/smtpd[9728]: SSL_accept:error in SSLv3 read finished A
Jun  3 04:21:09 hostnowwithus last message repeated 3 times
Jun  3 04:21:09 hostnowwithus postfix/smtpd[9728]: SSL_accept:SSLv3 read finished A
Jun  3 04:21:09 hostnowwithus postfix/smtpd[9728]: Reusing old session
Jun  3 04:21:09 hostnowwithus postfix/smtpd[9728]: TLS connection established from cm121.sigma50.maxonline.com.sg[218.212.50.121]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Jun  3 04:21:09 hostnowwithus postfix/smtpd[9728]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Jun  3 04:21:09 hostnowwithus postfix/smtpd[9728]: warning: SASL authentication failure: Password verification failed
Jun  3 04:21:09 hostnowwithus postfix/smtpd[9728]: warning: cm121.sigma50.maxonline.com.sg[218.212.50.121]: SASL PLAIN authentication failed: generic failure
Jun  3 04:21:09 hostnowwithus postfix/smtpd[9728]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Jun  3 04:21:09 hostnowwithus postfix/smtpd[9728]: warning: cm121.sigma50.maxonline.com.sg[218.212.50.121]: SASL LOGIN authentication failed: generic failure
Jun  3 04:21:13 hostnowwithus postfix/smtpd[9728]: disconnect from cm121.sigma50.maxonline.com.sg[218.212.50.121]

[mr.x]

Hi,

please show us your main.cf

/Jan

[nubduck]

Update:

I got fedup and basically renamed smtpd.conf to smtpd.conf.bak and restarted postfix. Now outgoing mails could flow through but sniffing through my logs I found myself with the following:

From /var/log/maillog:

Code:

Jun  3 04:47:02 hostnowwithus pop3d: Connection, ip=[::ffff:x.x.x.x]
Jun  3 04:47:02 hostnowwithus postfix/smtpd[10086]: warning: database /etc/postfix/ispcp/aliases.db is older than source file /etc/postfix/ispcp/aliases
Jun  3 04:47:02 hostnowwithus postfix/smtpd[10086]: connect from unknown[x.x.x.x]
Jun  3 04:47:02 hostnowwithus pop3d: LOGIN, user=<removed>, ip=[::ffff:x.x.x.x], port=[59813]
Jun  3 04:47:02 hostnowwithus pop3d: LOGOUT, user=<removed>, ip=[::ffff:x.x.x.x], port=[59813], top=0, retr=0, rcvd=12, sent=39, time=0
Jun  3 04:47:02 hostnowwithus postfix/smtpd[10086]: warning: SASL authentication failure: no secret in database
Jun  3 04:47:02 hostnowwithus postfix/smtpd[10086]: warning: unknown[x.x.x.x]: SASL NTLM authentication failed: authentication failure
Jun  3 04:47:02 hostnowwithus postfix/smtpd[10086]: warning: SASL authentication failure: realm changed: authentication aborted
Jun  3 04:47:02 hostnowwithus postfix/smtpd[10086]: warning: unknown[x.x.x.x]: SASL DIGEST-MD5 authentication failed: authentication failure
Jun  3 04:47:02 hostnowwithus postfix/trivial-rewrite[10088]: warning: database /etc/postfix/ispcp/aliases.db is older than source file /etc/postfix/ispcp/aliases
Jun  3 04:47:02 hostnowwithus postfix/cleanup[10089]: warning: database /etc/postfix/ispcp/aliases.db is older than source file /etc/postfix/ispcp/aliases
Jun  3 04:47:02 hostnowwithus postfix/smtpd[10086]: F0FDE4E85C3: client=unknown[x.x.x.x], sasl_method=LOGIN, sasl_username=<removed>
Jun  3 04:47:03 hostnowwithus postfix/cleanup[10089]: F0FDE4E85C3: message-id=<000001cb0294$133c10b0$39b43210$@com>
Jun  3 04:47:03 hostnowwithus postfix/qmgr[10081]: F0FDE4E85C3: from=<<removed>>, size=1187, nrcpt=1 (queue active)
Jun  3 04:47:03 hostnowwithus amavis[2409]: (02409-05) (!!)WARN: all primary virus scanners failed, considering backups
Jun  3 04:47:04 hostnowwithus pop3d: Connection, ip=[::ffff:x.x.x.x]
Jun  3 04:47:04 hostnowwithus pop3d: LOGIN, user=<removed>, ip=[::ffff:x.x.x.x], port=[59817]
Jun  3 04:47:04 hostnowwithus pop3d: LOGOUT, user=<removed>, ip=[::ffff:x.x.x.x], port=[59817], top=0, retr=0, rcvd=12, sent=39, time=0
Jun  3 04:47:05 hostnowwithus postfix/smtpd[10086]: disconnect from unknown[x.x.x.x]
Jun  3 04:47:12 hostnowwithus postfix/smtpd[10094]: warning: database /etc/postfix/ispcp/aliases.db is older than source file /etc/postfix/ispcp/aliases
Jun  3 04:47:12 hostnowwithus postfix/smtpd[10094]: connect from hostnowwithus.com.local[127.0.0.1]
Jun  3 04:47:12 hostnowwithus postfix/smtpd[10094]: 60C754E85CC: client=hostnowwithus.com.local[127.0.0.1]
Jun  3 04:47:12 hostnowwithus postfix/cleanup[10089]: 60C754E85CC: message-id=<000001cb0294$133c10b0$39b43210$@com>
Jun  3 04:47:12 hostnowwithus postfix/smtpd[10094]: disconnect from hostnowwithus.com.local[127.0.0.1]
Jun  3 04:47:12 hostnowwithus postfix/qmgr[10081]: 60C754E85CC: from=<<removed>>, size=1647, nrcpt=1 (queue active)
Jun  3 04:47:12 hostnowwithus amavis[2409]: (02409-05) Passed CLEAN, [218.212.50.121] [218.212.50.121] <<removed>> -> <<removed>>, Message-ID: <000001cb0294$133c10b0$39b43210$@com>, mail_id: GX3muINUvRFL, Hits: 0.392, size: 1187, queued_as: 60C754E85CC, 9330 ms
Jun  3 04:47:12 hostnowwithus postfix/smtp[10090]: F0FDE4E85C3: to=<<removed>>, relay=127.0.0.1[127.0.0.1]:10024, delay=9.8, delays=0.43/0.02/0.01/9.3, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=02409-05, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 60C754E85CC)
Jun  3 04:47:12 hostnowwithus postfix/qmgr[10081]: F0FDE4E85C3: removed
Jun  3 04:47:13 hostnowwithus postfix/smtp[10095]: 60C754E85CC: to=<<removed>>, relay=<removed>[x.x.x.x]:25, delay=0.99, delays=0.05/0.05/0.02/0.87, dsn=2.0.0, status=sent (250 OK id=1OJun9-0008NY-QA)
Jun  3 04:47:13 hostnowwithus postfix/qmgr[10081]: 60C754E85CC: removed

---

(06-03-2010 06:47 AM)mr.x Wrote:  Hi,

please show us your main.cf

/Jan

Hi,

As requested:

Code:

# ispCP Ï (OMEGA) a Virtual Hosting Control Panel
# Copyright (C) 2001-2006 by moleSoftware GmbH - http://www.molesoftware.com
# Copyright (C) 2006-2010 by isp Control Panel - http://ispcp.net
#
# Version: $Id: main.cf 2505 2010-01-06 20:30:53Z nuxwin $
#
# The contents of this file are subject to the Mozilla Public License
# Version 1.1 (the "License"); you may not use this file except in
# compliance with the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS"
# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the
# License for the specific language governing rights and limitations
# under the License.
#
# The Original Code is "VHCS - Virtual Hosting Control System".
#
# The Initial Developer of the Original Code is moleSoftware GmbH.
# Portions created by Initial Developer are Copyright (C) 2001-2006
# by moleSoftware GmbH. All Rights Reserved.
# Portions created by the ispCP Team are Copyright (C) 2006-2010 by
# isp Control Panel. All Rights Reserved.
#
# The ispCP Ï Home Page is:
#
#    http://isp-control.net
#

# Postfix directory settings; These are critical for normal Postfix MTA functionallity
command_directory            = /usr/sbin
daemon_directory             = /usr/libexec/postfix

# Some common configuration parameters
inet_interfaces              = all
mynetworks_style             = host

myhostname                   = mail.hostnowwithus.com
mydomain                     = hostnowwithus.com
myorigin                     = $myhostname

smtpd_banner                 = $myhostname ESMTP ispCP 1.0.5 OMEGA Managed
setgid_group                 = postdrop

# Receiving messages parameters
mydestination                = $myhostname
append_dot_mydomain          = no
append_at_myorigin           = yes
local_transport              = local
virtual_transport            = virtual
transport_maps               = hash:/etc/postfix/ispcp/transport
alias_maps                   = hash:/etc/aliases
alias_database               = hash:/etc/aliases

# Delivering local messages parameters
mail_spool_directory         = /var/mail

# Mailboxquota
# => 0 for unlimited
# => 104857600 for 100 MB
mailbox_size_limit           = 0
mailbox_command              = procmail -a "$EXTENSION"

# Message size limit
# => 0 for unlimited
# => 104857600 for 100 MB
message_size_limit           = 0

biff                         = no
recipient_delimiter          = +

local_destination_recipient_limit = 1
local_recipient_maps         = unix:passwd.byname $alias_database

# ispCP Autoresponder parameters
ispcp-arpl_destination_recipient_limit = 1

# Delivering virtual messages parameters
virtual_mailbox_base         = /var/mail/virtual
virtual_mailbox_limit        = 0

virtual_mailbox_domains      = hash:/etc/postfix/ispcp/domains
virtual_mailbox_maps         = hash:/etc/postfix/ispcp/mailboxes

virtual_alias_maps           = hash:/etc/postfix/ispcp/aliases

virtual_minimum_uid          = 3001
virtual_uid_maps             = static:3001
virtual_gid_maps             = static:12

# SASL paramters
smtpd_sasl_auth_enable       = yes
smtpd_sasl_security_options  = noanonymous
smtpd_sasl_local_domain      =
broken_sasl_auth_clients     = yes

smtpd_helo_required          = yes

smtpd_helo_restrictions      = permit_mynetworks,
                               permit_sasl_authenticated,
                               reject_invalid_helo_hostname,
                               reject_non_fqdn_helo_hostname

smtpd_sender_restrictions    = reject_non_fqdn_sender,
                               reject_unknown_sender_domain,
                               permit_mynetworks,
                               permit_sasl_authenticated

smtpd_recipient_restrictions = reject_non_fqdn_recipient,
                               reject_unknown_recipient_domain,
                               permit_mynetworks,
                               permit_sasl_authenticated,
                               reject_unauth_destination,
                               reject_unlisted_recipient,
                               check_policy_service inet:127.0.0.1:12525,
                               check_policy_service inet:127.0.0.1:60000,
                               permit

smtpd_data_restrictions      = reject_multi_recipient_bounce,
                               reject_unauth_pipelining

# TLS parameters; activate, if avaible/used
#smtpd_use_tls               = yes
#smtpd_tls_loglevel          = 2
#smtpd_tls_cert_file         = /etc/postfix/cert.pem
#smtpd_tls_key_file          = /etc/postfix/privkey.pem
#smtpd_tls_auth_only         = no
#smtpd_tls_received_header   = yes

# AMaViS parameters; activate, if available/used
content_filter               = amavis:[127.0.0.1]:10024

# Quota support; activate, if available/used
#virtual_create_maildirsize     = yes
#virtual_mailbox_extended       = yes
#virtual_mailbox_limit_maps     = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
#virtual_mailbox_limit_override = yes
#virtual_maildir_limit_message  = "The user you're trying to reach is over mailbox quota."
#virtual_overquota_bounce       = yes

I edited the "# TLS parameters; activate, if avaible/used" section back to commented after trying to isolate the problem.

[mr.x]

Hi,

(06-03-2010 06:52 AM)nubduck Wrote:  /etc/postfix/ispcp/aliases.db is older than source file /etc/postfix/ispcp/aliases

can be fixed with newaliases

main.cf looks ok to me

What about your smtpd.conf?
And what about "saslfinger -s" and testsaslauthd?

/Mr.X

[nubduck]

(06-03-2010 07:28 AM)mr.x Wrote:  Hi,

(06-03-2010 06:52 AM)nubduck Wrote:  /etc/postfix/ispcp/aliases.db is older than source file /etc/postfix/ispcp/aliases

can be fixed with newaliases

main.cf looks ok to me

What about your smtpd.conf?
And what about "saslfinger -s" and testsaslauthd?

/Mr.X

Hi,

Thanks for the fast replies!

I found smtpd.conf in 4 locations, below are its contents:

/usr/lib64/sasl/smtpd.conf

Code:

pwcheck_method: saslauthd
saslauthd_version: 2

/usr/lib64/sasl2/smtpd.conf

Code:

pwcheck_method: saslauthd

/usr/lib/sasl2/smtpd.conf

Code:

pwcheck_method: auxprop
auxprop_plugin: sasldb
mech_list: PLAIN LOGIN

/etc/sasl2/smtpd.conf

Code:

pwcheck_method: saslauthd
mech_list: plain login

All 4 files above are now renamed as smtpd.conf.bak, and I supposed, are not in use.

"saslfinger -s" returned no such command/file, testsaslauthd returned a "connect() : No such file or directory".[/code]

[mr.x]

HI,

(06-03-2010 07:50 AM)nubduck Wrote:  

(06-03-2010 07:28 AM)mr.x Wrote:  Hi,

(06-03-2010 06:52 AM)nubduck Wrote:  /etc/postfix/ispcp/aliases.db is older than source file /etc/postfix/ispcp/aliases

can be fixed with newaliases

main.cf looks ok to me

What about your smtpd.conf?
And what about "saslfinger -s" and testsaslauthd?

/Mr.X

Hi,

Thanks for the fast replies!

I found smtpd.conf in 4 locations, below are its contents:

/usr/lib64/sasl/smtpd.conf

Code:

pwcheck_method: saslauthd
saslauthd_version: 2

/usr/lib64/sasl2/smtpd.conf

Code:

pwcheck_method: saslauthd

/usr/lib/sasl2/smtpd.conf

Code:

pwcheck_method: auxprop
auxprop_plugin: sasldb
mech_list: PLAIN LOGIN

/etc/sasl2/smtpd.conf

Code:

pwcheck_method: saslauthd
mech_list: plain login

All 4 files above are now renamed as smtpd.conf.bak, and I supposed, are not in use.

"saslfinger -s" returned no such command/file, testsaslauthd returned a "connect() : No such file or directory".[/code]

ok, whats in the logfiles when you restart postfix now?
You can get saslfinger from here.
More infos here

May be you should follow this Howto

/Mr.X

[joximu]

Try this:

rename /etc/postfix/sasl*/smtpd.conf if exist
stop saslauthd
restart postfix

check again....

[nubduck]

Thanks again for all the replies, but I have since ran out of time to test and will be out of country for awhile, I will bookmark this page and perform the tests and then post the results then.

Thanks again!

[Boter]

Had the same problem. joximu u did the trick

[Spheerys]

(06-03-2010 11:01 PM)joximu Wrote:  Try this:

rename /etc/postfix/sasl*/smtpd.conf if exist
stop saslauthd
restart postfix

check again....

Hi,

I have the same problem than nubduck with my smtp server.

I try your tip joximu, but I have nothing in the /etc/postfix/sasl/ directory...