Hi folks,
Through difficulties and pain finally I solved all problems.
The mail server running postfix virtual can now send and receive mails
using maildb (MySQL database). Remote mail client (Evolution) can
login the server sending and receiving mails.
The important config files governing login on the mail server with
following settings are as follows;
1)
/etc/postfix/master.cf
--master.cf--
smtp inet n - n - - smtpd
submission inet n - n - - smtpd
-o smtpd_sasl_auth_enable=yes
-o smtpd_tls_auth_only=yes
-o
smtpd_client_restrictions=permit_sasl_authenticated,reject_unauth_destination,reject
-o smtpd_sasl_security_options=noanonymous,noplaintext
-o smtpd_sasl_tls_security_options=noanonymous
smtps inet n - - - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_tls_auth_only=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_sasl_security_options=noanonymous,noplaintext
-o smtpd_sasl_tls_security_options=noanonymous
587 inet n - n - - smtpd -o
smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
-o smtpd_enforce_tls=yes
-o smtpd_sasl_auth_enable=yes
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - n 300 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp
-o fallback_relay=
showq unix n - - - - showq
error unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender
$recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
amavis unix - - - - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
127.0.0.1:10025 inet n - - - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o strict_rfc821_envelopes=yes
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1001
pre-cleanup unix n - - - 0 cleanup
-o virtual_alias_maps=
-o canonical_maps=
-o sender_canonical_maps=
-o recipient_canonical_maps=
-o masquerade_domains=
2)
/etc/courier/anthmysqlrc
# cat /etc/courier/authmysqlrc
##VERSION: $Id: authmysqlrc,v 1.18 2004/11/14 02:58:16 mrsam Exp $
##NAME: LOCATION:0
MYSQL_SERVER localhost
MYSQL_USERNAME mail
MYSQL_PASSWORD mypassword
##NAME: MYSQL_SOCKET:0
MYSQL_SOCKET /var/run/mysqld/mysqld.sock
##NAME: MYSQL_PORT:0
MYSQL_PORT 0
##NAME: MYSQL_OPT:0
MYSQL_OPT 0
##NAME: MYSQL_DATABASE:0
MYSQL_DATABASE maildb
##NAME: MYSQL_USER_TABLE:0
MYSQL_USER_TABLE users
##NAME: MYSQL_CLEAR_PWFIELD:0
MYSQL_CLEAR_PWFIELD clear
##NAME: MYSQL_UID_FIELD:0
MYSQL_UID_FIELD uid
##NAME: MYSQL_GID_FIELD:0
MYSQL_GID_FIELD gid
##NAME: MYSQL_LOGIN_FIELD:0
MYSQL_LOGIN_FIELD id
##NAME: MYSQL_HOME_FIELD:0
MYSQL_HOME_FIELD home
##NAME: MYSQL_NAME_FIELD:0
MYSQL_NAME_FIELD name
##NAME: MYSQL_MAILDIR_FIELD:0
MYSQL_MAILDIR_FIELD concat(home,'/',maildir)
##NAME: MYSQL_WHERE_CLAUSE:0
MYSQL_WHERE_CLAUSE enabled=1
* end *
Hoping that the abovementioned can serve as reference to folks when in
need.
Following howto;
How to set up a mail server on a GNU / Linux system
http://flurdy.com/docs/postfix/index.html
is almost 100% workable.
What confused me is the author establinh/adding some rules/options on
some config files stopping the mail server to work first. After
configuration completed those rules/options are removed/changed
thereafter.
Thanks
B.R.
Stephen
--- Stephen Liu <[EMAIL PROTECTED]> wrote:
>
> --- Brian Evans - Postfix List <[EMAIL PROTECTED]> wrote:
>
> > Stephen Liu wrote:
> > > Hi folks,
> > >
> > >
> > > I'm following;
> > > http://flurdy.com/docs/postfix/index.html
> > >
> > > to build a mail server running postfix virtual. The server is
> now
> > > running able to send and receive mails. But remote mail client
> > > 'Evolution' can't login the server to send/receive mails.
> > >
> >
> > A client receiving mails should be the focus of the POP/IMAP
> > implementation you are using.
> >
> > >
> > > # tail /var/log/mail.log
> > > Nov 17 09:00:32 xen05 postfix/smtpd[6601]: warning:
> > > xen0.satimis.com[192.168.0.110]: SASL PLAIN authentication
> failed:
> > > authentication failure
> > > Nov 17 09:00:48 xen05 postfix/smtpd[6601]: warning: SASL
> > authentication
> > > problem: unable to open Berkeley db /etc/sasldb2: No such file or
> > > directory
> > > Nov 17 09:00:48 xen05 last message repeated 3 times
> > > Nov 17 09:00:48 xen05 postfix/smtpd[6601]: warning: SASL
> > authentication
> > > failure: Password verification failed
> > > Nov 17 09:00:48 xen05 postfix/smtpd[6601]: warning:
> > > xen0.satimis.com[192.168.0.110]: SASL PLAIN authentication
> failed:
> > > authentication failure
> > > Nov 17 09:00:54 xen05 postfix/smtpd[6601]: warning: SASL
> > authentication
> > > problem: unable to open Berkeley db /etc/sasldb2: No such file or
> > > directory
> > > Nov 17 09:00:54 xen05 last message repeated 3 times
> > > Nov 17 09:00:54 xen05 postfix/smtpd[6601]: warning: SASL
> > authentication
> > > failure: Password verification failed
> > > Nov 17 09:00:54 xen05 postfix/smtpd[6601]: warning:
> > > xen0.satimis.com[192.168.0.110]: SASL PLAIN authentication
> failed:
> > > authentication failure
> > > Nov 17 09:01:03 xen05 postfix/smtpd[6601]: disconnect from
> > > xen0.satimis.com[192.168.0.110]
> > >
> > >
> > > # grep smtpd_sasl_path /etc/postfix/main.cf
> > > smtpd_sasl_path = /etc/postfix/sasl;/usr/lib/sasl2
> > >
> > >
> >
> > Grab saslfinger (links in DEBUG_README) and run 'saslfinger -s'.
> > You may find a file referring to saslauthd.
> > If so, this is the real config file that the library is using.
> >
> > Post the results here if you need further assistance.
>
>
> Hi Brian
>
>
> Herebelow is the output of saslfinger;
>
>
> # /home/satimis/saslfinger -s
> saslfinger - postfix Cyrus sasl configuration Tue Nov 18 02:43:26 UTC
> 2008
> version: 1.0.2
> mode: server-side SMTP AUTH
>
> -- basics --
> Postfix: 2.3.8
> System: Debian GNU/Linux 4.0 \n \l
>
> -- smtpd is linked to --
> libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7d89000)
>
> -- active SMTP AUTH and TLS parameters for smtpd --
> broken_sasl_auth_clients = yes
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_local_domain =
> smtpd_sasl_path = /etc/postfix/sasl, /usr/lib/sasl2
> smtpd_sasl_security_options = noanonymous
> smtpd_tls_cert_file = /etc/postfix/postfix.cert
> smtpd_tls_key_file = /etc/postfix/postfix.key
> smtpd_use_tls = yes
>
>
> -- listing of /usr/lib/sasl2 --
> total 788
> drwxr-xr-x 2 root root 4096 2008-11-07 11:01 .
> drwxr-xr-x 33 root root 8192 2008-11-17 05:32 ..
> -rw-r--r-- 1 root root 13304 2006-12-13 21:26 libanonymous.a
> -rw-r--r-- 1 root root 855 2006-12-13 21:26 libanonymous.la
> -rw-r--r-- 1 root root 12844 2006-12-13 21:26 libanonymous.so
> -rw-r--r-- 1 root root 12844 2006-12-13 21:26 libanonymous.so.2
> -rw-r--r-- 1 root root 12844 2006-12-13 21:26 libanonymous.so.2.0.22
> -rw-r--r-- 1 root root 15502 2006-12-13 21:26 libcrammd5.a
> -rw-r--r-- 1 root root 841 2006-12-13 21:26 libcrammd5.la
> -rw-r--r-- 1 root root 15052 2006-12-13 21:26 libcrammd5.so
> -rw-r--r-- 1 root root 15052 2006-12-13 21:26 libcrammd5.so.2
> -rw-r--r-- 1 root root 15052 2006-12-13 21:26 libcrammd5.so.2.0.22
> -rw-r--r-- 1 root root 46320 2006-12-13 21:26 libdigestmd5.a
> -rw-r--r-- 1 root root 864 2006-12-13 21:26 libdigestmd5.la
> -rw-r--r-- 1 root root 43040 2006-12-13 21:26 libdigestmd5.so
> -rw-r--r-- 1 root root 43040 2006-12-13 21:26 libdigestmd5.so.2
> -rw-r--r-- 1 root root 43040 2006-12-13 21:26 libdigestmd5.so.2.0.22
> -rw-r--r-- 1 root root 13482 2006-12-13 21:26 liblogin.a
> -rw-r--r-- 1 root root 835 2006-12-13 21:26 liblogin.la
> -rw-r--r-- 1 root root 13384 2006-12-13 21:26 liblogin.so
> -rw-r--r-- 1 root root 13384 2006-12-13 21:26 liblogin.so.2
> -rw-r--r-- 1 root root 13384 2006-12-13 21:26 liblogin.so.2.0.22
> -rw-r--r-- 1 root root 29300 2006-12-13 21:26 libntlm.a
> -rw-r--r-- 1 root root 829 2006-12-13 21:26 libntlm.la
> -rw-r--r-- 1 root root 28776 2006-12-13 21:26 libntlm.so
> -rw-r--r-- 1 root root 28776 2006-12-13 21:26 libntlm.so.2
> -rw-r--r-- 1 root root 28776 2006-12-13 21:26 libntlm.so.2.0.22
> -rw-r--r-- 1 root root 13818 2006-12-13 21:26 libplain.a
> -rw-r--r-- 1 root root 835 2006-12-13 21:26 libplain.la
> -rw-r--r-- 1 root root 13992 2006-12-13 21:26 libplain.so
> -rw-r--r-- 1 root root 13992 2006-12-13 21:26 libplain.so.2
> -rw-r--r-- 1 root root 13992 2006-12-13 21:26 libplain.so.2.0.22
> -rw-r--r-- 1 root root 21726 2006-12-13 21:26 libsasldb.a
> -rw-r--r-- 1 root root 856 2006-12-13 21:25 libsasldb.la
> -rw-r--r-- 1 root root 17980 2006-12-13 21:26 libsasldb.so
> -rw-r--r-- 1 root root 17980 2006-12-13 21:26 libsasldb.so.2
> -rw-r--r-- 1 root root 17980 2006-12-13 21:26 libsasldb.so.2.0.22
> -rw-r--r-- 1 root root 23576 2006-12-13 21:26 libsql.a
> -rw-r--r-- 1 root root 964 2006-12-13 21:26 libsql.la
> -rw-r--r-- 1 root root 23072 2006-12-13 21:26 libsql.so
> -rw-r--r-- 1 root root 23072 2006-12-13 21:26 libsql.so.2
> -rw-r--r-- 1 root root 23072 2006-12-13 21:26 libsql.so.2.0.22
>
>
> -- content of /etc/postfix/sasl/smtpd.conf --
> pwcheck_method: auxprop
> auxprop_plugin: sql
> mech_list: plain login cram-md5 digest-md5
> sql_engine: mysql
> sql_hostnames: 127.0.0.1
> sql_user: --- replaced ---
> sql_passwd: --- replaced ---
> sql_database: maildb
> sql_select: select clear from users where id='[EMAIL PROTECTED]' and enabled
> = 1
>
>
> -- active services in /etc/postfix/master.cf --
> # service type private unpriv chroot wakeup maxproc command +
> args
> # (yes) (yes) (yes) (never) (100)
> smtp inet n - - - - smtpd -o
> cleanup_service_name=pre-cleanup
> submission inet n - n - - smtpd
> -o smtpd_sasl_auth_enable=yes
> -o smtpd_tls_auth_only=yes
> -o
>
smtpd_client_restrictions=permit_sasl_authenticated,reject_unauth_destination,reject
> -o smtpd_sasl_security_options=noanonymous,noplaintext
> -o smtpd_sasl_tls_security_options=noanonymous
> smtps inet n - - - - smtpd -v
> -o smtpd_tls_wrappermode=yes
> -o smtpd_sasl_auth_enable=yes
> -o smtpd_tls_auth_only=yes
> -o smtpd_client_restrictions=permit_sasl_authenticated,reject
> -o smtpd_sasl_security_options=noanonymous,noplaintext
> -o smtpd_sasl_tls_security_options=noanonymous
> 587 inet n - n - - smtpd
> -o smtpd_enforce_tls=yes
> -o smtpd_sasl_auth_enable=yes
> pickup fifo n - - 60 1 pickup
>
> cleanup unix n - - - 0 cleanup
> -o mime_header_checks=
> -o nested_header_checks=
> -o body_checks=
> -o header_checks=
>
> qmgr fifo n - n 300 1 qmgr
> tlsmgr unix - - n 300 1 tlsmgr
> rewrite unix - - - - -
> trivial-rewrite
> bounce unix - - - - 0 bounce
> defer unix - - - - 0 bounce
> trace unix - - - - 0 bounce
> verify unix - - - - 1 verify
> flush unix n - - 1000? 0 flush
> proxymap unix - - n - - proxymap
> smtp unix - - - - - smtp
> relay unix - - - - - smtp
> -o fallback_relay=
> showq unix n - - - - showq
> error unix - - - - - error
> discard unix - - - - - discard
> local unix - n n - - local
> virtual unix - n n - - virtual
> lmtp unix - - - - - lmtp
> anvil unix - - - - 1 anvil
> scache unix - - - - 1 scache
> maildrop unix - n n - - pipe
> flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
> uucp unix - n n - - pipe
> flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
> ($recipient)
> ifmail unix - n n - - pipe
> flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop
> ($recipient)
> bsmtp unix - n n - - pipe
> flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender
> $recipient
> scalemail-backend unix - n n - 2 pipe
> flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
> ${nexthop} ${user} ${extension}
> mailman unix - n n - - pipe
> flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
> ${nexthop} ${user}
>
> amavis unix - - - - 2 smtp
> -o smtp_data_done_timeout=1200
> -o smtp_send_xforward_command=yes
>
> 127.0.0.1:10025 inet n - - - - smtpd
> -o content_filter=
> -o local_recipient_maps=
> -o relay_recipient_maps=
> -o smtpd_restriction_classes=
> -o smtpd_client_restrictions=
> -o smtpd_helo_restrictions=
> -o smtpd_sender_restrictions=
> -o smtpd_recipient_restrictions=permit_mynetworks,reject
> -o strict_rfc821_envelopes=yes
> -o mynetworks=127.0.0.0/8
> -o smtpd_error_sleep_time=0
> -o smtpd_soft_error_limit=1001
> -o smtpd_hard_error_limit=1001
>
> pre-cleanup unix n - - - 0 cleanup
> -o virtual_alias_maps=
> -o canonical_maps=
> -o sender_canonical_maps=
> -o recipient_canonical_maps=
> -o masquerade_domains=
>
> -- mechanisms on localhost --
> 250-AUTH PLAIN NTLM LOGIN DIGEST-MD5 CRAM-MD5
> 250-AUTH=PLAIN NTLM LOGIN DIGEST-MD5 CRAM-MD5
>
>
> -- end of saslfinger output --
>
>
> Would it be the problem coming from MySQL files?
>
>
> Following is the mail.log reporting the failure of login to download
> mails. IMAP is running here.
>
>
> # tail /var/log/mail.log
> Nov 18 02:52:16 xen05 imapd: LOGIN: ip=[::ffff:192.168.0.110],
> command=CAPABILITY
> Nov 18 02:52:16 xen05 imapd: LOGIN: ip=[::ffff:192.168.0.110],
> command=AUTHENTICATE
> Nov 18 02:52:16 xen05 authdaemond: received auth request,
> service=imap,
> authtype=cram-md5
> Nov 18 02:52:16 xen05 authdaemond: authmysql: trying this module
> Nov 18 02:52:16 xen05 authdaemond: cram:
>
challenge=PDQyOEM4MTA3MTdCNTdDMkNDOURCNkI2MkE2MjdGN0QyQHhlbjA1LnNhdGltaXMuY29tPg==,
> response=c2F0aW1pcyAzYjBiMGQ3MTljNjA5MmJkODk2NjNhYzhlYTZiZmI2MQ==
> Nov 18 02:52:16 xen05 authdaemond: cram: decoded challenge/response,
> username 'satimis'
> Nov 18 02:52:16 xen05 authdaemond: failed to connect to mysql server
> (server=<null>, userid=mail): Access denied for user
> 'mail'@'localhost'
> (using password: YES)
> Nov 18 02:52:16 xen05 authdaemond: authmysql: TEMPFAIL - no more
> modules will be tried
> Nov 18 02:52:16 xen05 imapd: LOGIN FAILED, method=CRAM-MD5,
> ip=[::ffff:192.168.0.110]
> Nov 18 02:52:16 xen05 imapd: authentication error: Input/output error
>
>
> The user is [EMAIL PROTECTED] How can 'mail'@'localhost' come in?
>
>
>
> B.R.
> Stephen L
>
>
>
>
> >
> > > # grep pwcheck_method /etc/postfix/sasl/smtpd.conf
> > > pwcheck_method: auxprop
> > >
> > >
> > > # find / name sasldb2 | grep sasldb
> > > /usr/lib/sasl2/libsasldb.la
> > > /usr/lib/sasl2/libsasldb.a
> > > /usr/lib/sasl2/libsasldb.so.2.0.22
> > > /usr/lib/sasl2/libsasldb.so
> > > /usr/lib/sasl2/libsasldb.so.2
> > >
> > >
> > > # ls -al /usr/lib/sasl2/libsasldb.so
> > > lrwxrwxrwx 1 root root 19 2008-11-07 10:03
> > /usr/lib/sasl2/libsasldb.so
> > > -> libsasldb.so.2.0.22
> > >
> > >
> > > # ls -al /usr/lib/sasl2/libsasldb.so.2
> > > lrwxrwxrwx 1 root root 19 2008-11-07 10:03
> > > /usr/lib/sasl2/libsasldb.so.2 -> libsasldb.so.2.0.22
> > >
> > >
> > > # ls -al /usr/lib/sasl2/libsasldb.so.2.0.22
> > > -rw-r--r-- 1 root root 17980 2006-12-13 21:26
> > > /usr/lib/sasl2/libsasldb.so.2.0.22
> > >
> > >
> > > If changing the line as "smtpd_sasl_path = smtpd"
> > >
> > > Still can't login
Send instant messages to your online friends http://uk.messenger.yahoo.com
