Current time: 12-24-2024, 03:23 AM Hello There, Guest! (LoginRegister)


Post Reply 
SMTP problem
Author Message
BeNe Offline
Moderator
*****
Moderators

Posts: 5,899
Joined: Jan 2007
Reputation: 68
Post: #11
RE: SMTP problem
Quote:User not known to the underlying authentication module
And the user is really right ??

Greez BeNe
11-12-2007 07:48 PM
Visit this user's website Find all posts by this user Quote this message in a reply
bpratt Offline
Junior Member
*

Posts: 71
Joined: Oct 2007
Reputation: 0
Post: #12
RE: SMTP problem
BeNe Wrote:
Quote:User not known to the underlying authentication module
And the user is really right ??

Yes, the actual user does exist in ispcp

It's almost like the wrong auth module set or something.
11-12-2007 07:57 PM
Find all posts by this user Quote this message in a reply
joximu Offline
helper
*****
Moderators

Posts: 7,024
Joined: Jan 2007
Reputation: 92
Post: #13
RE: SMTP problem
Hi bpratt

can you turn off saslauthd?
Postfix has a built in sasl service - normally you don't need an extra service.

/Joxi
11-12-2007 08:30 PM
Visit this user's website Find all posts by this user Quote this message in a reply
bpratt Offline
Junior Member
*

Posts: 71
Joined: Oct 2007
Reputation: 0
Post: #14
RE: SMTP problem
joximu Wrote:can you turn off saslauthd?
Postfix has a built in sasl service - normally you don't need an extra service.

Yeah I did just that, but didn't make any difference. Sad

Just gave me the generic failure and cannot connect to saslauthd server
11-12-2007 09:21 PM
Find all posts by this user Quote this message in a reply
joximu Offline
helper
*****
Moderators

Posts: 7,024
Joined: Jan 2007
Reputation: 92
Post: #15
RE: SMTP problem
Hm, well...

we don't know what was running on the server before you installed ispcp. On a fresh installation there are no problems (at least not theese).

a dpkg -l | grep sasl brings this on my server:
libsasl2
libsasl2-2
libsasl2-modules
sasl2-bin

so, could you remove the unneeded packages. Restart postfix and give us feedback.
If it's still not working - you'd better give us the output of "postconf -n" and maybe the master.cf.

Also have a look in the other threads - there are similar thing (most of them did not follow the official install way - or they don't run debian etch...)

/Joximu
11-12-2007 09:41 PM
Visit this user's website Find all posts by this user Quote this message in a reply
bpratt Offline
Junior Member
*

Posts: 71
Joined: Oct 2007
Reputation: 0
Post: #16
RE: SMTP problem
joximu Wrote:we don't know what was running on the server before you installed ispcp. On a fresh installation there are no problems (at least not theese).

Fresh Debian Etch install, then I installed ispcp on the box.

Quote:a dpkg -l | grep sasl brings this on my server:
libsasl2
libsasl2-2
libsasl2-modules
sasl2-bin

dpkg -l | grep sasl
ii libsasl2 2.1.22.dfsg1-8 Authentication abstraction library
ii libsasl2-2 2.1.22.dfsg1-8 Authentication abstraction library
ii libsasl2-modules 2.1.22.dfsg1-8 Pluggable Authentication Modules for SASL
ii sasl2-bin 2.1.22.dfsg1-8 Administration programs for SASL users datab

So pretty much the same as you.


Quote:If it's still not working - you'd better give us the output of "postconf -n" and maybe the master.cf.

Also have a look in the other threads - there are similar thing (most of them did not follow the official install way - or they don't run debian etch...)

I looked at other threads, and unfortunately they didn't give me much to go on with or weren't in English. Sad

Here's my postconf -n and master.cf

Code:
postconf -n
alias_database = hash:/etc/aliases
append_at_myorigin = yes
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
inet_interfaces = all
local_destination_recipient_limit = 1
local_recipient_maps = unix:passwd.byname $alias_database
local_transport = local
mail_spool_directory = /var/mail
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
mydestination = $myhostname, $mydomain
mydomain = virtual.overflow.net.au
myhostname = virtual.overflow.net.au
mynetworks_style = host
myorigin = $mydomain
setgid_group = postdrop
smtpd_banner = $myhostname ISPCP 1.0 Priamos Managed ESMTP 1.0.0 RC2 OMEGA
smtpd_recipient_restrictions = permit_mynetworks,                               permit_sasl_authenticated,                               reject_unauth_destination                               check_policy_service inet:127.0.0.1:60000
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = permit_mynetworks,                               permit_sasl_authenticated,                               reject_unauth_destination
transport_maps = hash:/etc/postfix/ispcp/transport
virtual_alias_maps = hash:/etc/postfix/ispcp/aliases
virtual_gid_maps = static:8
virtual_mailbox_base = /var/mail/virtual
virtual_mailbox_domains = hash:/etc/postfix/ispcp/domains
virtual_mailbox_limit = 0
virtual_mailbox_maps = hash:/etc/postfix/ispcp/mailboxes
virtual_minimum_uid = 1001
virtual_transport = virtual
virtual_uid_maps = static:1001

Code:
#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       -       -       -       smtpd
#submission inet n       -       -       -       -       smtpd
#  -o smtpd_enforce_tls=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps     inet  n       -       -       -       -       smtpd
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
# For AOL-Accounts
587       inet  n       -       -       -       -       smtpd
   -o smtpd_client_restrictions=permit_sasl_authenticated,reject_unauth_destination
#628      inet  n       -       -       -       -       qmqpd
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       -       300     1       qmgr
#qmgr     fifo  n       -       -       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       -       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       -       -       -       smtp
        -o fallback_relay=
#   -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
# ====================================================================
# ISPCP Ï OMEGA configuration
# ====================================================================
# AMaViS => Antivir / Antispam
amavis    unix  -       -       n       -       2       smtp
   -o smtp_data_done_timeout=1200
   -o smtp_send_xforward_command=yes
   -o disable_dns_lookups=yes

localhost:10025 inet  n -       n       -      -        smtpd
   -o content_filter=
   -o local_recipient_maps=
   -o relay_recipient_maps=
   -o smtpd_restriction_classes=
   -o smtpd_client_restrictions=
   -o smtpd_helo_restrictions=
   -o smtpd_sender_restrictions=
   -o smtpd_recipient_restrictions=permit_mynetworks,reject
   -o smtpd_override_options=no_address_mappings
   -o mynetworks=127.0.0.0/8
   -o strict_rfc821_envelopes=yes

# ISPCP autoresponder
ispcp-arpl unix  -      n       n       -       -       pipe
  flags=O user=vmail argv=/var/www/ispcp/engine/messager/ispcp-arpl-msgr

# TSL - Activate, if TSL is avaiable/used
smtps     inet  n       -       -       -       -       smtpd
   -o smtpd_tls_wrappermode=yes
   -o smtpd_sasl_auth_enable=yes
#   -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
#
# The Cyrus deliver program has changed incompatibly, multiple times.
#
old-cyrus unix  -       n       n       -       -       pipe
  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
cyrus     unix  -       n       n       -       -       pipe
  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
11-12-2007 09:55 PM
Find all posts by this user Quote this message in a reply
joximu Offline
helper
*****
Moderators

Posts: 7,024
Joined: Jan 2007
Reputation: 92
Post: #17
RE: SMTP problem
ok.

the main.cf: I'm sure you'll find an error in mail.err that mydomain and myhostname is the same - this is not ok.

Since I have a slightly newer snapshot installed and there were some changes it's slightly different on my server.
You can have a look in the new main.cf:
http://www.isp-control.net/ispcp/browser...ix/main.cf

ust take a deeper look in the *sasl* variables and the myhostname/mydomain thing.
they should not be the same. But they also should not be like a domain you want to run virtually on the box. So you need two hostnames.
Id' take: myhostname: the FQDN of the server. $mydomain: take the hostname of the URL for ispcp: "admin.$myhostname" or whatever... - should exist...

Then do a postfix "restart".

If I connect on your server, there are not all options we normally have:
Code:
# telnet virtual.overflow.net.au 587
Trying 203.55.214.70...
Connected to virtual.overflow.net.au.
Escape character is '^]'.
220 virtual.overflow.net.au ISPCP 1.0 Priamos Managed ESMTP 1.0.0 RC2 OMEGA
ehlo localhost
250-virtual.overflow.net.au
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit
221 2.0.0 Bye
Connection closed by foreign host.

normally we have theese two AUTH lines:

250-AUTH CRAM-MD5 DIGEST-MD5 NTLM
250-AUTH=CRAM-MD5 DIGEST-MD5 NTLM

and - if plaintext is allowed
250-AUTH NTLM DIGEST-MD5 CRAM-MD5 LOGIN PLAIN
250-AUTH=NTLM DIGEST-MD5 CRAM-MD5 LOGIN PLAIN

so, the md5/digest thing seems to be missing totally on your server.

/J
11-12-2007 10:08 PM
Visit this user's website Find all posts by this user Quote this message in a reply
bpratt Offline
Junior Member
*

Posts: 71
Joined: Oct 2007
Reputation: 0
Post: #18
RE: SMTP problem
joximu Wrote:the main.cf: I'm sure you'll find an error in mail.err that mydomain and myhostname is the same - this is not ok.

Changed that now.

Quote:Since I have a slightly newer snapshot installed and there were some changes it's slightly different on my server.
You can have a look in the new main.cf:
http://www.isp-control.net/ispcp/browser...ix/main.cf
I downloaded the RC2c straight from the home page here, no later development versions.

Quote:ust take a deeper look in the *sasl* variables and the myhostname/mydomain thing.
they should not be the same. But they also should not be like a domain you want to run virtually on the box. So you need two hostnames.
Id' take: myhostname: the FQDN of the server. $mydomain: take the hostname of the URL for ispcp: "admin.$myhostname" or whatever... - should exist...

Then do a postfix "restart".

Done that, no luck. Sad

Quote:normally we have theese two AUTH lines:

250-AUTH CRAM-MD5 DIGEST-MD5 NTLM
250-AUTH=CRAM-MD5 DIGEST-MD5 NTLM

and - if plaintext is allowed
250-AUTH NTLM DIGEST-MD5 CRAM-MD5 LOGIN PLAIN
250-AUTH=NTLM DIGEST-MD5 CRAM-MD5 LOGIN PLAIN

so, the md5/digest thing seems to be missing totally on your server.

Should that be in the smtpd.conf file ? as all I've got in there for the mech_list is plain and login .... or are there other packages that need to be installed ?


Thanks for your help so far.
11-12-2007 10:40 PM
Find all posts by this user Quote this message in a reply
joximu Offline
helper
*****
Moderators

Posts: 7,024
Joined: Jan 2007
Reputation: 92
Post: #19
RE: SMTP problem
Ok, the rc2c is not really new... (from may).
I'd recommend to either take a daily snapshot or wait for rc3...

I don't have a smtpd.conf on my server...

do a rename and restart postfix - maybe this is the right direction... :-)
11-12-2007 11:04 PM
Visit this user's website Find all posts by this user Quote this message in a reply
bpratt Offline
Junior Member
*

Posts: 71
Joined: Oct 2007
Reputation: 0
Post: #20
RE: SMTP problem
joximu Wrote:Ok, the rc2c is not really new... (from may).
I'd recommend to either take a daily snapshot or wait for rc3...

I wasn't game to run a snapshot here, which is why I went for rc2c. I'm hoping that when rc3 arrives they'll be an easy way to upgrade to it. Smile

Quote:I don't have a smtpd.conf on my server...

do a rename and restart postfix - maybe this is the right direction... :-)

That seems to have worked, at least to the stage where it's rejecting the email address as user unknown now.

Thanks.
(This post was last modified: 11-13-2007 08:51 AM by bpratt.)
11-13-2007 08:50 AM
Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 3 Guest(s)