Hi,
I am trying to configure dovecot/postfix with virtual users and sasl
auth but there are so many tutorials
with mistakes and subtle differences that at the end I am lost.
So I am running Ubuntu server 11.04 (natty) and when I installed my
server I had followed
the following guide http://workaround.org/ispmail/etch
Then I have migrated to dovecot 2.1 and now I am trying to allow
authenticated user to use my smtp server because
for the moment I get : Relay access denied
Here is my configuration (first is file hierarchy followed by file
contents) and I would like to know
what I need to do to allow authenticated user send email.
In this tutorial
http://library.linode.com/email/postfix/dovecot-mysql-ubuntu-10.04-lucid#sph_configure-saslauthd-to-use-mysql
it seems I have to add some configuration lines inside /etc/pam.d/smtp
and add database configuration inside /etc/postfix/sasl/smtpd.conf.
But what I find weird is the fact I have to configure some sql queries
from smtpd.conf while normally dovecot has already all the information
to do this kind of query.
So before to keep on modifying my config I would like to be sure I am
following the right way.
Thanks
###########################
/etc/postfix
###########################
drwxr-xr-x 3 root root 4096 2012-02-12 13:33 ./
drwxr-xr-x 116 root root 4096 2012-02-12 13:21 ../
-rw-r--r-- 1 root root 373 2011-07-24 11:50 dynamicmaps.cf
-rw-r--r-- 1 root root 1928 2012-02-12 12:45 main.cf
-rw-r--r-- 1 root root 5762 2011-08-03 22:06 master.cf
-rw-rw---- 1 root postfix 140 2011-07-24 11:43
mysql-virtual-alias-maps.cf
-rw-rw---- 1 root postfix 132 2011-07-24 11:47
mysql-virtual-mailbox-domains.cf
-rw-rw---- 1 root postfix 128 2011-07-24 11:47
mysql-virtual-mailbox-maps.cf
-rw-r--r-- 1 root root 19509 2011-04-05 06:07 postfix-files
-rwxr-xr-x 1 root root 8729 2011-04-05 06:07 postfix-script*
-rwxr-xr-x 1 root root 25752 2011-04-05 06:07 post-install*
drwxr-xr-x 2 root root 4096 2012-02-12 12:41 sasl/
root@xa-12345:/etc/postfix# ll sasl/
drwxr-xr-x 2 root root 4096 2012-02-12 12:41 ./
drwxr-xr-x 3 root root 4096 2012-02-12 13:33 ../
-rw-r--r-- 1 root root 26 2012-02-12 12:41 smtpd.conf
###########################
/etc/dovecot
###########################
drwxr-xr-x 3 root root 4096 2011-09-24 11:42 ./
drwxr-xr-x 116 root root 4096 2012-02-12 13:21 ../
drwxr-xr-x 2 root dovecot 4096 2012-02-12 12:03 conf.d/
-rw-r--r-- 1 root dovecot 3693 2011-09-23 15:11 dovecot.conf
-rw-r--r-- 1 root dovecot 410 2011-09-23 15:11 dovecot-db.conf.ext
-rw-r--r-- 1 root dovecot 782 2011-09-23 15:11
dovecot-dict-sql.conf.ext
-rw-r--r-- 1 root dovecot 5508 2011-09-23 15:38 dovecot-sql.conf
-rw-r--r-- 1 root dovecot 5348 2011-09-23 15:11 dovecot-sql.conf.ext
-rw-r--r-- 1 root dovecot 116 2011-09-23 15:11 README
###########################
/etc/default/saslauthd
###########################
-rw-r--r-- 1 root root 2043 2012-02-12 11:57 /etc/default/saslauthd
###########################
/var/spool/postfix/var/run/
###########################
drwxr-xr-x 3 root root 4096 2012-02-12 12:35 ./
drwxr-xr-x 3 root root 4096 2012-02-12 12:35 ../
drwxr-xr-x 2 root sasl 4096 2012-02-12 12:35 saslauthd/
I have added postfix to the sasl group (don't know if it was necessary
but I found this instruction on a website)
/etc/group:
sasl:x:45:postfix
/etc/default/saslauthd:
----------------------
START=yes
PWDIR="/var/spool/postfix/var/run/saslauthd"
PARAMS="-m ${PWDIR}"
PIDFILE="${PWDIR}/saslauthd.pid"
DESC="SASL Authentication Daemon"
NAME="saslauthd"
MECHANISMS="pam"
MECH_OPTIONS=""
THREADS=5
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"
mkdir -p /var/spool/postfix/var/run/saslauthd
chown -R root.sasl /var/spool/postfix/var/run/saslauthd
Then I have checked saslauth is running after restart:
root@xa-12345:/home/vmail# ps -ef | grep saslauthd
root 6123 1 0 13:21 ? 00:00:00 /usr/sbin/saslauthd -a
pam -c -m /var/run/saslauthd -n 5
root 6124 6123 0 13:21 ? 00:00:00 /usr/sbin/saslauthd -a
pam -c -m /var/run/saslauthd -n 5
root 6125 6123 0 13:21 ? 00:00:00 /usr/sbin/saslauthd -a
pam -c -m /var/run/saslauthd -n 5
root 6127 6123 0 13:21 ? 00:00:00 /usr/sbin/saslauthd -a
pam -c -m /var/run/saslauthd -n 5
root 6128 6123 0 13:21 ? 00:00:00 /usr/sbin/saslauthd -a
pam -c -m /var/run/saslauthd -n 5
Then when I check after restarting if saslauthd socket is created I
don't see anything (don't know if it's normal)
root@xa-12345:/home/vmail# ls -lh /var/spool/postfix/var/run/saslauthd
total 0
/etc/postfix/sasl/smtpd.conf:
-----------------------------
pwcheck_method: saslauthd
/etc/postfix/main.cf:
---------------------
myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
append_dot_mydomain = no
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database =
btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
myhostname = mail.foobar.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = foobar.com
mydestination = xa-12345.dadibox.com, localhost.dadibox.com, localhost
relayhost =
mynetworks = 127.0.0.0/8 80.190.190.190
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
#virtual domains
virtual_mailbox_domains =
mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_base = /home/vmail
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf
# Dovecot LDA
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
debug_peer_level = 2
debug_peer_list = 127.0.0.1
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions =
permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
smtpd_sasl_application_name = smtpd
broken_sasl_auth_clients = yes
/etc/dovecot/conf.d/10-auth.conf:
--------------------------------------
disable_plaintext_auth = no
!include auth-sql.conf.ext
!include auth-static.conf.ext
/etc/dovecot/conf.d/auth-static.conf.ext:
----------------------------------------
userdb {
driver = static
args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes
}
/etc/dovecot/conf.d/auth-sql.conf.ext:
--------------------------------------
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf
}
/etc/dovecot/dovecot-sql.conf:
------------------------------
driver = mysql
connect = host=127.0.0.1 dbname=mailserver user=myuser
password=mypassword
default_pass_scheme = CRAM-MD5
password_query = SELECT email as user, password FROM view_users WHERE
email='%u';
/etc/dovecot/conf.d/10-master.conf:
----------------------------------
service imap-login {
inet_listener imap {
}
inet_listener imaps {
}
}
service pop3-login {
inet_listener pop3 {
}
inet_listener pop3s {
}
}
service lmtp {
unix_listener lmtp {
}
}
service imap {
}
service pop3 {
}
service auth {
unix_listener auth-userdb {
mode = 0600
user = vmail
#group =
}
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0777
}
}
service auth-worker {
}
service dict {
unix_listener dict {
mode = 0600
#user =
group = vmail
}
}
