I’m having an issue with Postfix not accepting SMTP connections (from Mail.app in OSX) and not forwarding emails when specified. Below is the output of “postconf -n” with my domain name changed to “example.com”.
Any help would be greatly appreciated. I’ve been trying to get the email portion of the server up and running for quite some time. Everything else seems to be working great. I’m running Ubuntu 8.04 Server.<br><br>Post edited by: dimpared, at: 2008/05/20 22:32
The email forwarding works now all of a sudden, which is weird because I made no changes since last night that I know of. The SMTP authentication still occurs though. Below is the contents of /var/log/mail.log which was truncated before trying to connect via SMTP and send a mail for forwarding, respectively.
[code:1]May 21 15:27:07 example dovecot: imap-login: Login: user=<username>, method=PLAIN, rip=xxx.xxx.xxx.xxx, lip=xxx.xxx.xxx.xxx, TLS
May 21 15:27:07 example dovecot: IMAP(username): Disconnected: Logged out
May 21 15:27:15 example postfix/smtpd[9057]: connect from xxx.xxx.xxx.xxx.xxx.xxx.xxx.com[xxx.xxx.xxx.xxx]
May 21 15:27:16 example postfix/smtpd[9057]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
May 21 15:27:16 example postfix/smtpd[9057]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
May 21 15:27:16 example postfix/smtpd[9057]: warning: SASL authentication failure: Password verification failed
May 21 15:27:16 example postfix/smtpd[9057]: warning: xxx.xxx.xxx.xxx.xxx.xxx.xxx.com[xxx.xxx.xxx.xxx]: SASL PLAIN authentication failed: authentication failure
May 21 15:27:16 example postfix/smtpd[9057]: disconnect from xxx.xxx.xxx.xxx.xxx.xxx.xxx.com[xxx.xxx.xxx.xxx]
May 21 15:27:16 example postfix/smtpd[9057]: connect from xxx.xxx.xxx.xxx.xxx.xxx.xxx.com[xxx.xxx.xxx.xxx]
May 21 15:27:16 example postfix/smtpd[9057]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
May 21 15:27:16 example postfix/smtpd[9057]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
May 21 15:27:16 example postfix/smtpd[9057]: warning: SASL authentication failure: no secret in database
May 21 15:27:16 example postfix/smtpd[9057]: warning: xxx.xxx.xxx.xxx.xxx.xxx.xxx.com[xxx.xxx.xxx.xxx]: SASL CRAM-MD5 authentication failed: authentication failure
May 21 15:27:16 example postfix/smtpd[9057]: disconnect from xxx.xxx.xxx.xxx.xxx.xxx.xxx.com[xxx.xxx.xxx.xxx]
May 21 15:27:16 example postfix/smtpd[9057]: connect from xxx.xxx.xxx.xxx.xxx.xxx.xxx.com[xxx.xxx.xxx.xxx]
May 21 15:27:17 example postfix/smtpd[9057]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
May 21 15:27:17 example postfix/smtpd[9057]: warning: SASL authentication failure: no secret in database
May 21 15:27:17 example postfix/smtpd[9057]: warning: xxx.xxx.xxx.xxx.xxx.xxx.xxx.com[xxx.xxx.xxx.xxx]: SASL NTLM authentication failed: authentication failure
May 21 15:27:17 example postfix/smtpd[9057]: disconnect from xxx.xxx.xxx.xxx.xxx.xxx.xxx.com[xxx.xxx.xxx.xxx]
May 21 15:29:07 example postfix/smtpd[9092]: connect from el-out-1112.google.com[209.85.162.181]
May 21 15:29:08 example postfix/trivial-rewrite[9094]: warning: do not list domain example.com in BOTH mydestination and virtual_alias_domains
May 21 15:29:08 example postfix/smtpd[9092]: 042DE3895A: client=el-out-1112.google.com[209.85.162.181]
May 21 15:29:08 example postfix/cleanup[9095]: 042DE3895A: message-id=<8C7D26FD-BC7B-4453-AF79-4FC0D2215FF2@gmail.com>
May 21 15:29:08 example postfix/qmgr[3557]: 042DE3895A: from=<username@gmail.com>, size=1933, nrcpt=1 (queue active)
May 21 15:29:08 example postfix/trivial-rewrite[9094]: warning: do not list domain example.com in BOTH mydestination and virtual_alias_domains
May 21 15:29:08 example postfix/trivial-rewrite[9094]: warning: do not list domain example.com in BOTH mydestination and virtual_alias_domains
May 21 15:29:08 example postfix/local[9096]: 042DE3895A: to=<username@example.com>, relay=local, delay=0.22, delays=0.18/0.01/0/0.02, dsn=2.0.0, status=sent (delivered to mailbox)
May 21 15:29:08 example postfix/cleanup[9095]: 256EC3895C: message-id=<8C7D26FD-BC7B-4453-AF79-4FC0D2215FF2@gmail.com>
May 21 15:29:08 example postfix/qmgr[3557]: 256EC3895C: from=<username@gmail.com>, size=2075, nrcpt=1 (queue active)
May 21 15:29:08 example postfix/local[9096]: 042DE3895A: to=<username@example.com>, relay=local, delay=0.23, delays=0.18/0.01/0/0.03, dsn=2.0.0, status=sent (forwarded as 256EC3895C)
May 21 15:29:08 example postfix/qmgr[3557]: 042DE3895A: removed
May 21 15:29:09 example postfix/smtp[9097]: 256EC3895C: to=<username@gmail.com>, orig_to=<username@example.com>, relay=gmail-smtp-in.l.google.com[74.125.45.114]:25, delay=1.6, delays=0.03/0.01/0.16/1.4, dsn=2.0.0, status=sent (250 2.0.0 OK 1211383749 4si2756987yxd.2)
May 21 15:29:09 example postfix/qmgr[3557]: 256EC3895C: removed
May 21 15:29:38 example postfix/smtpd[9092]: disconnect from el-out-1112.google.com[209.85.162.181]
[/code:1]
To me, it appears that the relevant parts are as follows, but am not really sure how to fix them.
[code:1]warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
warning: do not list domain example.com in BOTH mydestination and virtual_alias_domains
[/code:1]
Ok. I’m no guru, but here’s what appear to be the problems based on what you think is the problem.
You need to create the sasldb2 file. You can’t just sudo touch it, though. It needs information. First check to see if there’s a sasldb2 file in /etc/:
[code:1]
ls /etc/ | grep sasl
[/code:1]
If not, you’re good. If there is… well frankly I don’t know. I’d say just move it to a new file name like sasldb2.bak and start new, but that’s me. Now run:
[code:1]
sudo saslpasswd2 -c -u mail.example.com -a smtpauth username
[/code:1]
more info on saslpasswd can be found in the man pages
[code:1]
man saslpasswd2
[/code:1]
now you need to change the permissions for that file or rather the owner of it:
[code:1]
sudo chown postfix sasldb2
[/code:1]
Now if you run this:
[code:1]
sudo sasldblistusers2
[/code:1]
You should see the user you just created.
That SHOULD fix your first problem. Again. Not a guru.
For your second problem run this:
[code:1]
postconf | grep -e mydestination -e virtual_alias_domains
[/code:1]
and post the output. I hope this helps a bit.
I’m not real familiar with postfix or emails in general, so most everything I just got I got from the manpages, postfix.org or just winging it. I also don’t have any experience with virtualmin (I’m still trying to get it configured right) so most everything I know is command line based. Again, HTH.
warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
This is the relevant one.
saslauthd isn’t configured to use the local password database, and possibly not to use sane authentication types for that password database.
You haven’t mentioned if this box was installed using our install.sh automated install script? If so, Ubuntu must have changed something that silently breaks our configuration of saslauthd. I’ll have to dig in and see what. I believe I have heard from someone else that they’d also had problems with saslauthd…so this is seeming the likely cause.
There’s a FAQ about saslauthd, but it primarily covers Red Hat based systems (no Debian-based systems were supported by the installer before I had finished automating the process, I think, so it didn’t need to be documented).
Anyway, I’ll see if I can figure out where the saslauthd configuration files have gotten to on Ubuntu 8.04.
I did not use the install script, mostly because the binaries have not been compiled yet for Ubuntu 8.04 amd64, but also because I wanted a more tailored setup. I do have everything working beautifully except for this issue however. Is it possible that I need to make a modification to the /etc/default/saslauthd file to make it work as desired?
The output from running [code:1]postconf | grep -e mydestination -e virtual_alias_domains[/code:1] is
Oh, the other issue is unimportant. But, it’s just that you’ve got “example.com” in your mydestination and also in your virtual alias maps file. You only want it in the virtual map file. However, if the hostname of your system is also example.com, that’ll break delivery…so you probably want your system to be named something else, like ns1.example.com or primary.example.com or whatever.
The saslauthd thing…I don’t remember where all of the configuration files are on Ubuntu. I have a script that jumps through all kinds of hoops to find them (they’re different on almost every OS and version and architecture we support!).
It looks like you’ll be probably looking for /etc/default/saslauthd and /etc/postifx/sasl/smtpd.conf
You need to see OPTIONS or PARAMS to "-m /var/spool/postfix/var/run/saslauthd -r" in the defaults file.
And, in the smtpd.conf file:
pwcheck_method: saslauthd
mech_list: plain login
I think that’ll do it. Probably.
Oh, and of course you need to restart saslauthd after making the changes.
Got it. Well, sorry to have clogged up the post then. Like I said, I am no guru on this. I had wondered whether or not virtualmin handled this or not. Good Luck.
The problem has been resolved, thanks for all your help. In the long run, I ended up just following the Postfix portion of the tutorial at http://www.howtoforge.com/perfect-server-ubuntu8.04-lts-p5 , which incorporated what you had suggested as well. I’m now up and running! Thanks again.
Your advice would be correct for many types of deployment…just not the kind Virtualmin manages.
Dimpared,
Great to hear you got it straightened out. I’m working on significant additions to the documentation on the subject of installations that don’t use install.sh (though Ubuntu 8.04 should be fully supported now in the install script, and for most folks that’s the fastest way to get everything right).
