Re: Strange problem with postfix and dovecot sasl auth
Timo Sirainen wrote: On Apr 26, 2009, at 11:58 PM, Timo Sirainen wrote: smtpd_sasl_path = private/dovecot .. I can see the private/auth socket created when dovecot starts, with postfix:postfix permissions. Also, netstat shows it: bash:# netstat -ln | grep dovecot unix 2 [ ACC ] STREAM LISTENING 111791 private/dovecot I don't see it there. What is that private/dovecot anyway? Maybe netstat -lnp | grep dovecot would have shown the socket though. Oh. That's actually it. Dovecot is listening on private/auth, but Postfix is connecting to private/dovecot. But what is listening on private/dovecot then? You've added some kind of a "dovecot" service to master.cf? Doh! I can't believe I've missed that, don't know how many times and hours I've spent staring at the config files feeling a bit stupid atm... ;) Thanks Timo for spotting it, much appreciated! And Victor was right in his answer, the 'private/dovecot' showing in netstat is indeed a pipe transport. THANK YOU!!! juhis p.s. everythings working now wrt. my dovecot&postfix co-existence.
Re: Strange problem with postfix and dovecot sasl auth
Wietse Venema wrote: Juha Pahkala: Wietse Venema wrote: Juha Pahkala: Apr 24 15:42:30 server postfix/smtpd[8126]: name_mask: noanonymous Apr 24 15:42:30 server postfix/smtpd[8126]: xsasl_dovecot_server_connect: Connecting Apr 24 15:42:40 server postfix/smtpd[8126]: xsasl_dovecot_server_connect: auth reply: status Apr 24 15:42:50 server postfix/smtpd[8126]: fatal: no SASL authentication mechanisms Your DOVECOT configuration provides no authentication mechanisms that are allowed by POSTFIX smtpd_sasl_security_options. Wietse Thanks for your answer. I'm not quite sure I understand it though. This is how I understand the situation currently: Postfix has (by default) disabled anonymous auth mechanisms. But it does allow plaintext auth. My dovecot provides plain and login. So if I understand correctly, the dovecot plain should be fine? Postfix receives no methods from the Dovecot authentication server that satisfy the smtpd_sasl_security_options requirement. If you don't believe this, then you can try to trace the conversation between Postfix and the Dovecot authentication server. Wietser Hi Wietser, Don't get me wrong, I do believe you if you say so, but I just don't understand why. Given my dovecot config, which I believe is a quite standard way of configuring dovecot , I have no idea why it doesn't work. I've seen similar config files when searching the web, and they seem to work. Do you have any suggestions as to what could be wrong with my dovecot config? Thanks in advance, juhis -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Re: Strange problem with postfix and dovecot sasl auth
Wietse Venema wrote: Juha Pahkala: Apr 24 15:42:30 server postfix/smtpd[8126]: name_mask: noanonymous Apr 24 15:42:30 server postfix/smtpd[8126]: xsasl_dovecot_server_connect: Connecting Apr 24 15:42:40 server postfix/smtpd[8126]: xsasl_dovecot_server_connect: auth reply: status Apr 24 15:42:50 server postfix/smtpd[8126]: fatal: no SASL authentication mechanisms Your DOVECOT configuration provides no authentication mechanisms that are allowed by POSTFIX smtpd_sasl_security_options. Wietse Thanks for your answer. I'm not quite sure I understand it though. This is how I understand the situation currently: Postfix has (by default) disabled anonymous auth mechanisms. But it does allow plaintext auth. My dovecot provides plain and login. So if I understand correctly, the dovecot plain should be fine? I tried to add cram-md5 and digest-md5 to dovecot auth mechanisms, but it didn't change anyhing. I even tried to set "smtpd_sasl_security_options = " in postfix main.cf, ie. allowing anonymous auth. And according to postfix documentation... "Postfix treats anonymous login as no authentication." So no authentication should be going on, but still I get the error. But the setup does work if I disable sasl auth with "smtpd_sasl_auth_enable =no". I'm a bit confused here. Am I making any sense here, surely hope not :) juhis -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Re: Strange problem with postfix and dovecot sasl auth
Terry Carmen wrote: Hello, I've been trying to setup postfix with tls and smtp auth (dovecot sasl). I'm now stuck with the smtp auth part, with a strange error. For a few days I've tried to search information about similar problems, but found none. Now I'm hoping somebody here could help me out. I'm running Ubuntu Jaunty on AMD64. I've disabled tls (and a lot of other options, and not running in a chroot jail) for now. The problem is, that as soon as I enable smtp auth in postfix (smtpd_sasl_auth_enable), smtp stops working. When doing bash:# telnet localhost 25 Trying ::1... ^ I'm guessing that something in the mix isn't properly configured for IPv6. I's probably configurable, but unless you really need IPv6, I'd suggest just disabling IPv6 in your network stack, commenting out any IPv6 references in Postfix and trying again. Terry Hi Terry, Thanks for the suggestion. Should've been more clear originally, but I already had tried that. And I now tried it again, to no avail (ie. commenting out the 'inet_protocols = all', and dropping the ipv6 loopback from my 'mynetworks'). So doesn't seem to be an ipv6 issue as I understand. For reference, I had to enable ipv6 in postfix, since the new Ubuntu Jaunty has ipv6 compiled into the kernel as opposed to being a module. And there seems to be no way of disabling it. And the fetchmail package distributed with jaunty barfs, if ipv6 is enabled in the system, but not in postfix at least, this seems to be the case. br, juhis -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Strange problem with postfix and dovecot sasl auth
Hello,
I've been trying to setup postfix with tls and smtp auth (dovecot sasl).
I'm now stuck with the smtp auth part, with a strange error. For a few
days I've tried to search information about similar problems, but found
none. Now I'm hoping somebody here could help me out. I'm running Ubuntu
Jaunty on AMD64.
I've disabled tls (and a lot of other options, and not running in a
chroot jail) for now. The problem is, that as soon as I enable smtp auth
in postfix (smtpd_sasl_auth_enable), smtp stops working. When doing
bash:# telnet localhost 25
Trying ::1...
Connected to localhost.
Escape character is '^]'.
...and it halts, and timeouts. Never prints the banner. I've get
increased logging enabled ('smtpd -vv' in master.cf) and below is the
relevant part, with the 'no SASL authentication mechanisms' print:
Apr 24 15:42:30 server postfix/smtpd[8126]: xsasl_dovecot_server_create:
SASL service=smtp, realm=(null)
Apr 24 15:42:30 server postfix/smtpd[8126]: name_mask: noanonymous
Apr 24 15:42:30 server postfix/smtpd[8126]:
xsasl_dovecot_server_connect: Connecting
Apr 24 15:42:40 server postfix/smtpd[8126]:
xsasl_dovecot_server_connect: auth reply: status
Apr 24 15:42:50 server postfix/smtpd[8126]: fatal: no SASL
authentication mechanisms
Apr 24 15:42:50 server postfix/pipe[8128]: warning: unexpected
end-of-input from dovecot socket while reading input attribute name
Apr 24 15:42:50 server postfix/pipe[8128]: warning: deliver_request_get:
error receiving common attributes
Apr 24 15:42:51 server postfix/master[8903]: warning: process
/usr/lib/postfix/smtpd pid 8126 exit status 1
I've seen the 'no SASL authentication mechanisms' erros with google, but
usually because postfix is unable to find the dovecot client auth
socket. I don't think this is my problem. Below are output of 'postconf
-n' and 'dovecot -n' commands:
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
canonical_maps = hash:/etc/postfix/canonical
config_directory = /etc/postfix
home_mailbox = Maildir/
inet_interfaces = all
inet_protocols = all
mailbox_command = /usr/lib/dovecot/deliver -c
/etc/dovecot/dovecot-postfix.conf -n -m "${EXTENSION}"
mydestination =
mydomain = *my.domain*
myhostname = *server.at.my.domain*
mynetworks = 127.0.0.0/8, 192.168.0.0/24, [::1]/128
myorigin = /etc/mailname
readme_directory = no
relay_domains =
relayhost = [*my.isp.provider*]
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/dovecot
smtpd_sasl_type = dovecot
strict_rfc821_envelopes = yes
virtual_gid_maps = static:5000
virtual_mailbox_domains = /etc/postfix/vhosts
virtual_minimum_uid = 1000
virtual_transport = dovecot
virtual_uid_maps = static:5000
# 1.1.11: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.28-11-server x86_64 Ubuntu 9.04 ext3
base_dir: /var/run/dovecot/
log_path: /var/log/dovecot.log
info_log_path: /var/log/dovecot-info.log
ssl_cert_file: /etc/ssl/certs/dovecot.pem
ssl_key_file: /etc/ssl/private/dovecot.pem
disable_plaintext_auth: no
login_dir: /var/run/dovecot//login
login_executable: /usr/lib/dovecot/imap-login
valid_chroot_dirs: /var/spool/vmail
mail_location: maildir:/home/vmail/%d/%n/Maildir
auth default:
mechanisms: plain login
debug: yes
passdb:
driver: passwd-file
args: /etc/dovecot/passwd
userdb:
driver: static
args: uid=vmail gid=vmail home=/home/vmail/%d/%n
socket:
type: listen
client:
path: /var/spool/postfix/private/auth
mode: 438
user: postfix
group: postfix
master:
path: /var/run/dovecot/auth-master
mode: 384
user: vmail
I can see the private/auth socket created when dovecot starts, with
postfix:postfix permissions. Also, netstat shows it:
bash:# netstat -ln | grep dovecot
unix 2 [ ACC ] STREAM LISTENING 111791 private/dovecot
unix 2 [ ACC ] STREAM LISTENING 120787
/var/run/dovecot//dict-server
unix 2 [ ACC ] STREAM LISTENING 120789
/var/run/dovecot//login/default
unix 2 [ ACC ] STREAM LISTENING 120800
/var/run/dovecot/auth-master
unix 2 [ ACC ] STREAM LISTENING 120803
/var/run/dovecot//auth-worker.29982
I'm totally clueless as to what to try next. Does anybody here have any
suggestions how to continue, what to try or debug. I'd bee very greatful
for any ideas.
TIA,
Juha Pahkala
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
