postfix sasl (dovecot) works no more
Hello everybody, I am running FreeBSD with postfix (2.6.0-RC2) and dovecot (1.1.11). There are virtual domains and users and postfix authenticates users using sasl and dovecot. Today I've performed a server upgrade (portupgrade -arRv) and sasl authentication works no more. It worked for the last 4 months without problems. I've made no modification to any config file. In postfix logs I get May 14 14:35:11 softexp postfix/smtpd[8378]: warning: SASL: Connect to smtpd failed: No such file or directory May 14 14:35:11 softexp postfix/smtpd[8378]: fatal: no SASL authentication mechanisms postfix is running, dovecot is running, saslauthd is running. For me everything seems ok, what file or directory has been changed and can not be found anymore? Please help me if you can, this is a production server. postfconf -n command_directory = /usr/local/sbin config_directory = /usr/local/etc/postfix daemon_directory = /usr/local/libexec/postfix data_directory = /var/db/postfix debug_peer_level = 2 debug_peer_list = softexp.ro header_checks = regexp:/usr/local/etc/postfix/header_checks html_directory = no mail_owner = postfix mailq_path = /usr/local/bin/mailq manpage_directory = /usr/local/man myhostname = mail.softexp.ro mynetworks_style = host newaliases_path = /usr/local/bin/newaliases queue_directory = /var/spool/postfix readme_directory = no sample_directory = /usr/local/etc/postfix sendmail_path = /usr/local/sbin/sendmail setgid_group = maildrop smtpd_data_restrictions = reject_unauth_pipelining smtpd_helo_required = yes smtpd_helo_restrictions = reject_invalid_hostname permit smtpd_recipient_restrictions = reject_non_fqdn_sender reject_non_fqdn_recipient permit_mynetworks permit_sasl_authenticated reject_unauth_destination reject_sender_login_mismatch reject_invalid_hostname reject_unknown_recipient_domain reject_unverified_recipient check_sender_access hash:/usr/local/etc/postfix/access_sender check_helo_access pcre:/usr/local/etc/postfix/helo_checks reject_unknown_sender_domain reject_rbl_client zen.spamhaus.org, reject_rhsbl_sender dsn.rfc-ignorant.org permit smtpd_sasl_auth_enable = yes smtpd_sender_restrictions = reject_unknown_sender_domain, reject_non_fqdn_sender, permit soft_bounce = no unknown_local_recipient_reject_code = 550 virtual_alias_maps = hash:/usr/local/etc/postfix/valias.txt virtual_gid_maps = static:1000 virtual_mailbox_base = /var/spool/vmail virtual_mailbox_domains = /usr/local/etc/postfix/vhost.txt virtual_mailbox_maps = hash:/usr/local/etc/postfix/vmaps.txt virtual_uid_maps = static:1000 dovecot -n # 1.1.11: /usr/local/etc/dovecot.conf # OS: FreeBSD 7.0-RELEASE amd64 ufs base_dir: /var/run/dovecot/ log_path: /var/log/dovecot.log info_log_path: /var/log/dovecot.info protocols: imap imaps pop3 pop3s ssl_disable: yes disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(pop3): /usr/local/libexec/dovecot/pop3-login login_greeting_capability(default): yes login_greeting_capability(imap): yes login_greeting_capability(pop3): no verbose_proctitle: yes first_valid_uid: 1000 first_valid_gid: 1000 mail_privileged_group: mail mail_location: maildir:/var/spool/vmail/%d/%n mail_executable(default): /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/imap mail_executable(pop3): /usr/local/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/local/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/lib/dovecot/imap mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3 imap_client_workarounds(default): delay-newmail netscape-eoh tb-extra-mailbox-sep imap_client_workarounds(imap): delay-newmail netscape-eoh tb-extra-mailbox-sep imap_client_workarounds(pop3): pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh auth default: mechanisms: plain login username_format: %Lu passdb: driver: pam args: session=yes dovecot passdb: driver: passwd-file args: /usr/local/etc/dovecot_passwd userdb: driver: passwd args: blocking=yes userdb: driver: passwd-file args: /usr/local/etc/dovecot_users socket: type: listen client: path: /var/run/dovecot/auth-client mode: 432 master: path: /var/run/dovecot/auth-master mode: 384 Many thanks
Re: postfix sasl (dovecot) works no more
wiseadmin: > Hello everybody, > I am running FreeBSD with postfix (2.6.0-RC2) and dovecot (1.1.11). > There are virtual domains and users and postfix authenticates users > using sasl and dovecot. > Today I've performed a server upgrade (portupgrade -arRv) and sasl > authentication works no more. It worked for the last 4 months without Restore the old software on the production machine, and debug the new software on a test machine. Wietse
Re: postfix sasl (dovecot) works no more
On May 14, 2009, at 7:40 AM, wiseadmin wrote: Hello everybody, I am running FreeBSD with postfix (2.6.0-RC2) and dovecot (1.1.11). There are virtual domains and users and postfix authenticates users using sasl and dovecot. Today I've performed a server upgrade (portupgrade -arRv) and sasl authentication works no more. It worked for the last 4 months without problems. I've made no modification to any config file. In postfix logs I get May 14 14:35:11 softexp postfix/smtpd[8378]: warning: SASL: Connect to smtpd failed: No such file or directory May 14 14:35:11 softexp postfix/smtpd[8378]: fatal: no SASL authentication mechanisms postfix is running, dovecot is running, saslauthd is running Why dovecot AND saslauthd?
Re: postfix sasl (dovecot) works no more
wiseadmin:
> May 14 14:35:11 softexp postfix/smtpd[8378]: warning: SASL: Connect to
> smtpd failed: No such file or directory
You need to update your main.cf:smtpd_sasl_path setting and specify
the location of the socket that the Dovecot server listens on.
For example, when dovecot.conf says:
socket listen {
...
path = /var/spool/postfix/private/auth
...
Then main.cf would say:
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
Wietse
Re: postfix sasl (dovecot) works no more
Thank you Wietse !
Unfortunately it doesnt work :(
In dovecot.conf the socket is /var/run/dovecot/auth-master
When I added in main.cf I got permission denied (it has 600 and
root:wheel). I changed the permission in 666 (this is not ok, but I only
wanted to see if it works) and now I get in logs only "fatal: no SASL
authentication mechanisms".
I don't know what else to do. Some one said something about smtpd.conf
The file is in /usr/lib/sasl2/smtpd.conf and in /usr/lib/sasl2 and its
content is:
log_level:3
pwcheck_method: saslauthd
mech_list: plain login
What is frustrated is that the server worked for many months. I tried a
downgrade of postfix and I get the same error. maybe it is not from
postfix but from dovecot or saslauthd.
Is some one know what should I do please advice me. I'm stuck and I
don't know what to do.
Thank you
Wietse Venema wrote:
> You need to update your main.cf:smtpd_sasl_path setting and specify
> the location of the socket that the Dovecot server listens on.
>
> For example, when dovecot.conf says:
>
> socket listen {
> ...
> path = /var/spool/postfix/private/auth
> ...
>
> Then main.cf would say:
>
> smtpd_sasl_type = dovecot
> smtpd_sasl_path = private/auth
>
> Wietse
>
>
Re: postfix sasl (dovecot) works no more
I think the problem is
deeper.
The 25/tcp port is open but I can't ehlo the server.
[...@toshiba ~]$telnet server_domain 25
Trying 80.96.x.x...
Connected to server_domain.
Escape character is '^]'.
And get stucked there !
Wietse Venema wrote:
wiseadmin:
May 14 14:35:11 softexp postfix/smtpd[8378]: warning: SASL: Connect to
smtpd failed: No such file or directory
You need to update your main.cf:smtpd_sasl_path setting and specify
the location of the socket that the Dovecot server listens on.
For example, when dovecot.conf says:
socket listen {
...
path = /var/spool/postfix/private/auth
...
Then main.cf would say:
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
Wietse
Re: postfix sasl (dovecot) works no more
wiseadmin wrote:
> Thank you Wietse !
> Unfortunately it doesnt work :(
> In dovecot.conf the socket is /var/run/dovecot/auth-master
>
That is a master socket. Postfix uses a client socket.
> When I added in main.cf I got permission denied (it has 600 and
> root:wheel). I changed the permission in 666 (this is not ok, but I only
> wanted to see if it works) and now I get in logs only "fatal: no SASL
> authentication mechanisms".
> I don't know what else to do. Some one said something about smtpd.conf
> The file is in /usr/lib/sasl2/smtpd.conf and in /usr/lib/sasl2 and its
> content is:
> log_level:3
> pwcheck_method: saslauthd
> mech_list: plain login
>
>
You seem to be confusing Cyrus SASL (saslauthd) and Dovecot SASL.
If users can auth against Dovecot for mail retrieval, then it's
suggested to use Dovecot's auth mechanisms in Postfix for ease of
management.
http://www.postfix.org/SASL_README.html#server_dovecot outlines this.
Brian
> What is frustrated is that the server worked for many months. I tried a
> downgrade of postfix and I get the same error. maybe it is not from
> postfix but from dovecot or saslauthd.
>
> Is some one know what should I do please advice me. I'm stuck and I
> don't know what to do.
>
> Thank you
>
>
> Wietse Venema wrote:
>
>> You need to update your main.cf:smtpd_sasl_path setting and specify
>> the location of the socket that the Dovecot server listens on.
>>
>> For example, when dovecot.conf says:
>>
>> socket listen {
>> ...
>> path = /var/spool/postfix/private/auth
>> ...
>>
>> Then main.cf would say:
>>
>> smtpd_sasl_type = dovecot
>> smtpd_sasl_path = private/auth
>>
>> Wietse
>>
>>
>>
Re: postfix sasl (dovecot) works no more
wiseadmin schrieb:
> Thank you Wietse !
> Unfortunately it doesnt work :(
> In dovecot.conf the socket is /var/run/dovecot/auth-master
> When I added in main.cf I got permission denied (it has 600 and
> root:wheel). I changed the permission in 666 (this is not ok, but I only
> wanted to see if it works) and now I get in logs only "fatal: no SASL
> authentication mechanisms".
> I don't know what else to do. Some one said something about smtpd.conf
> The file is in /usr/lib/sasl2/smtpd.conf and in /usr/lib/sasl2 and its
> content is:
> log_level:3
> pwcheck_method: saslauthd
> mech_list: plain login
>
>
> What is frustrated is that the server worked for many months. I tried a
> downgrade of postfix and I get the same error. maybe it is not from
> postfix but from dovecot or saslauthd.
>
> Is some one know what should I do please advice me. I'm stuck and I
> don't know what to do.
>
> Thank you
is this debian/ubuntu ? are you sure that you didnt reenabled
chroot for postfix , cause then you will fail with
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
>
>
> Wietse Venema wrote:
>> You need to update your main.cf:smtpd_sasl_path setting and specify
>> the location of the socket that the Dovecot server listens on.
>>
>> For example, when dovecot.conf says:
>>
>> socket listen {
>> ...
>> path = /var/spool/postfix/private/auth
>> ...
>>
>> Then main.cf would say:
>>
>> smtpd_sasl_type = dovecot
>> smtpd_sasl_path = private/auth
>>
>> Wietse
>>
>>
--
Best Regards
MfG Robert Schetterer
Germany/Munich/Bavaria
Re: postfix sasl (dovecot) works no more
Why not? It is simple for my setup. I only have 10-15 users and that's all. If you think its dangerous or something please explain and I'll change it. Thanks Sahil Tandon wrote: On May 14, 2009, at 7:40 AM, wiseadmin wrote: Hello everybody, I am running FreeBSD with postfix (2.6.0-RC2) and dovecot (1.1.11). There are virtual domains and users and postfix authenticates users using sasl and dovecot. Today I've performed a server upgrade (portupgrade -arRv) and sasl authentication works no more. It worked for the last 4 months without problems. I've made no modification to any config file. In postfix logs I get May 14 14:35:11 softexp postfix/smtpd[8378]: warning: SASL: Connect to smtpd failed: No such file or directory May 14 14:35:11 softexp postfix/smtpd[8378]: fatal: no SASL authentication mechanisms postfix is running, dovecot is running, saslauthd is running Why dovecot AND saslauthd?
Re: postfix sasl (dovecot) works no more
ThankĀ you.
It worked !
Have a nice day.
Brian Evans - Postfix List wrote:
wiseadmin wrote:
Thank you Wietse !
Unfortunately it doesnt work :(
In dovecot.conf the socket is /var/run/dovecot/auth-master
That is a master socket. Postfix uses a client socket.
When I added in main.cf I got permission denied (it has 600 and
root:wheel). I changed the permission in 666 (this is not ok, but I only
wanted to see if it works) and now I get in logs only "fatal: no SASL
authentication mechanisms".
I don't know what else to do. Some one said something about smtpd.conf
The file is in /usr/lib/sasl2/smtpd.conf and in /usr/lib/sasl2 and its
content is:
log_level:3
pwcheck_method: saslauthd
mech_list: plain login
You seem to be confusing Cyrus SASL (saslauthd) and Dovecot SASL.
If users can auth against Dovecot for mail retrieval, then it's
suggested to use Dovecot's auth mechanisms in Postfix for ease of
management.
http://www.postfix.org/SASL_README.html#server_dovecot outlines this.
Brian
What is frustrated is that the server worked for many months. I tried a
downgrade of postfix and I get the same error. maybe it is not from
postfix but from dovecot or saslauthd.
Is some one know what should I do please advice me. I'm stuck and I
don't know what to do.
Thank you
Wietse Venema wrote:
You need to update your main.cf:smtpd_sasl_path setting and specify
the location of the socket that the Dovecot server listens on.
For example, when dovecot.conf says:
socket listen {
...
path = /var/spool/postfix/private/auth
...
Then main.cf would say:
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
Wietse
Re: postfix sasl (dovecot) works no more
Please stop sending HTML-only email to this mailing list. Wietse
