Failure to SMTP Authenticate for any domain

I have a server with two domains: domaina.com and domainb.com. My virtualmin master is configured as main.domaina.com.

I’m trying to create a sender SMTP account by logging in to Webmain (as a privileged user) under domaina.com called either “noreply@domaina.com” or “no-reply@domaina.com”. However, when trying to use the SMTP settings listed under “Show Email Client Settings”, I’m consistently met with a SASL error as follows:

Jun 13 13:56:27 main postfix/smtpd[439735]: connect from sendera10.transmail.net[135.84.80.10]
Jun 13 13:56:29 main postfix/smtpd[439735]: warning: sendera10.transmail.net[135.84.80.10]: SASL LOGIN authentication failed: authentication failure, sasl_username=no-reply@domaina.com
Jun 13 13:56:29 main postfix/smtpd[439735]: lost connection after AUTH from sendera10.transmail.net[135.84.80.10]
Jun 13 13:56:29 main postfix/smtpd[439735]: disconnect from sendera10.transmail.net[135.84.80.10] ehlo=2 starttls=1 auth=0/1 commands=3/4

But here’s where things get weird.

Using the same configuration for, say, “retched@domainb.com,” the same SMTP server name, but changing the username and password to match the retched@domainb.com name, I’m able to log in and send the email with no problem. I can log in to IMAP to retrieve messages but cannot log in to send messages.

Looking for any advice on how to troubleshoot this weird issue.

And yes, I did run the re-check configuration wizard in the Virtualmin dash as well as restarting the entire VPS to see if that would help but no avail. The port 587 is open and I made sure I wasn’t blacklisted out via Fail2Ban.

You can rule out fail2ban if you’re seeing log entries when you attempt to authenticate. A firewall rule would prevent any connection, which means no log.

Does any user in domaina.com work?

It is expected that any server name will work, as long as the actual username is the fully qualified user and the username you’re logging in with is the full user+domain. It is possible things get more complicated if you’re logging in with a bare username, e.g. joe. Dovecot and saslauthd have configuration for dealing with that situation based on the domain name being connected to (or should, there have been cases we’ve seen in the past where installation did not complete without that being noticed, and so some of the mail configuration didn’t complete and so services weren’t configured correctly for virtual hosting). But, we can rule that out if everything is working for other users with the same username format.

Okay this is … odd.

I made a mail user for the other domain and now I’m running into the same problem. SASL is failing to authenticate the new user.

My original user (retched@domainb.com) can still authenticate in with no problem.

Both of the new users that I created cannot log in. However, they can log in to Webmin and send emails through their panel.

EDIT:
Also also: No I have not made any changes to either of the Dovecot nor Postfix control panels.

I don’t know what to make of all that. It looks like an incorrect password or incorrect password format configuration in the client (e.g. anything other than PLAIN). The fact that one user works seems to indicate Dovecot and saslauthd are behaving appropriately.

So, I guess the thing to figure out is what’s different about that working user and the non-working users.

Changing literally nothing other than deleting the users, re-adding the user and resetting SASL… it works now.

This can’t be normal, right?

EDIT: Double confirming. Even went and renamed the user I just made then resetting the SASL Server, everything works.

Are you sure your browser didn’t autofill a different password when creating or editing the user?

Yup. I directly copy and pasted it each time.