SMTP sending problem

Help! (Home for newbies)
1

HI Guys

I reinstalled my server and now I have the problem that I’m not able to send mails outside. Some mails can be delivered, some can’t. I got every time the error message “Mail relay not allowed”.

I’m a mac user and in my mail program I can also see that a login with my user “info.blake-hofer” is possible via IMAP but not via SMTP. I tried also to change the password on my server for this user and changed this also in my mail program. Can anyone tell me why this happens? The server is freshly installed, based on Ubuntu 16.04.3 . In /var/log/auth.log I can see the following error (e.g. timestamp at 11:00.46)

Oct 9 10:56:04 myweb systemd: pam_unix(systemd-user:session): session closed for user blake-hofer
Oct 9 10:56:04 myweb su[8134]: Successful su for blake-hofer by root
Oct 9 10:56:04 myweb su[8134]: + ??? root:blake-hofer
Oct 9 10:56:04 myweb su[8134]: pam_unix(su:session): session opened for user blake-hofer by (uid=0)
Oct 9 10:56:04 myweb systemd-logind[635]: New session c661 of user blake-hofer.
Oct 9 10:56:04 myweb systemd: pam_unix(systemd-user:session): session opened for user blake-hofer by (uid=0)
Oct 9 10:56:04 myweb su[8134]: pam_unix(su:session): session closed for user blake-hofer
Oct 9 10:56:04 myweb systemd-logind[635]: Removed session c661.
Oct 9 10:56:04 myweb systemd: pam_unix(systemd-user:session): session closed for user blake-hofer
Oct 9 11:00:01 myweb CRON[8286]: pam_unix(cron:session): session opened for user root by (uid=0)
Oct 9 11:00:02 myweb CRON[8286]: pam_unix(cron:session): session closed for user root
Oct 9 11:00:46 myweb auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=info.blake-hofer rhost=80.218.125.112 user=info.blake-hofer
Oct 9 11:01:09 myweb auth: message repeated 4 times: [ pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=info.blake-hofer rhost=80.218.125.112 user=info.blake-hofer]
Oct 9 11:01:10 myweb su[8468]: Successful su for blake-hofer by root
Oct 9 11:01:10 myweb su[8468]: + ??? root:blake-hofer
Oct 9 11:01:10 myweb su[8468]: pam_unix(su:session): session opened for user blake-hofer by (uid=0)
Oct 9 11:01:10 myweb systemd-logind[635]: New session c662 of user blake-hofer.
Oct 9 11:01:10 myweb systemd: pam_unix(systemd-user:session): session opened for user blake-hofer by (uid=0)
Oct 9 11:01:10 myweb su[8468]: pam_unix(su:session): session closed for user blake-hofer
Oct 9 11:01:10 myweb systemd-logind[635]: Removed session c662.
Oct 9 11:01:10 myweb systemd: pam_unix(systemd-user:session): session closed for user blake-hofer
Oct 9 11:01:10 myweb su[8479]: Successful su for blake-hofer by root
Oct 9 11:01:10 myweb su[8479]: + ??? root:blake-hofer
Oct 9 11:01:10 myweb su[8479]: pam_unix(su:session): session opened for user blake-hofer by (uid=0)
Oct 9 11:01:10 myweb systemd-logind[635]: New session c663 of user blake-hofer.
Oct 9 11:01:10 myweb systemd: pam_unix(systemd-user:session): session opened for user blake-hofer by (uid=0)
Oct 9 11:01:10 myweb su[8479]: pam_unix(su:session): session closed for user blake-hofer
Oct 9 11:01:10 myweb systemd-logind[635]: Removed session c663.
Oct 9 11:01:10 myweb systemd: pam_unix(systemd-user:session): session closed for user blake-hofer
Oct 9 11:01:12 myweb auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=info.blake-hofer rhost=80.218.125.112 user=info.blake-hofer
Oct 9 11:01:16 myweb auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=info.blake-hofer rhost=80.218.125.112 user=info.blake-hofer
Oct 9 11:01:27 myweb auth: message repeated 3 times: [ pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=info.blake-hofer rhost=80.218.125.112 user=info.blake-hofer]

Can anyone help me please?

Best Regards
Dominique

2

I tried now also to setup Roundcube and I’m able to login with these credentials. But when I try to send a mail I get the error message “SMT Error (535): Authentication failed”

I’m really confused at the moment … the password is 100% correct …

3

What does this output:

# systemctl status saslauthd
4

Hi

here it is:

root@myweb ~ # systemctl status saslauthd
● saslauthd.service - LSB: saslauthd startup script
Loaded: loaded (/etc/init.d/saslauthd; bad; vendor preset: enabled)
Active: active (exited) since Sun 2017-10-08 14:50:34 CEST; 1 day 18h ago
Docs: man:systemd-sysv-generator(8)

Oct 08 14:50:34 myweb.blake-hofer.net systemd[1]: Starting LSB: saslauthd startup script…
Oct 08 14:50:34 myweb.blake-hofer.net saslauthd[15866]: * To enable saslauthd, edit /etc/default/saslauthd and set START=yes
Oct 08 14:50:34 myweb.blake-hofer.net systemd[1]: Started LSB: saslauthd startup script.
Oct 08 14:52:22 myweb.blake-hofer.net systemd[1]: Started LSB: saslauthd startup script.

5

dhofer, have you tried making the change to the file mentioned in the log you posted?

6

oh yes, yes - sorry I forgot to mention it.

I checked it but it was already set to YES:

# Settings for saslauthd daemon

Please read /usr/share/doc/sasl2-bin/README.Debian for details.

Should saslauthd run automatically on startup? (default: no)

START=yes

Description of this saslauthd instance. Recommended.

(suggestion: SASL Authentication Daemon)

DESC=“SASL Authentication Daemon”

Short name of this saslauthd instance. Strongly recommended.

(suggestion: saslauthd)

NAME=“saslauthd”

Which authentication mechanisms should saslauthd use? (default: pam)

Available options in this Debian package:

getpwent – use the getpwent() library function

kerberos5 – use Kerberos 5

pam – use PAM

rimap – use a remote IMAP server

shadow – use the local shadow password file

sasldb – use the local sasldb database file

ldap – use LDAP (configuration is in /etc/saslauthd.conf)

Only one option may be used at a time. See the saslauthd man page

for more information.

Example: MECHANISMS=“pam”

MECHANISMS=“pam”

Additional options for this mechanism. (default: none)

See the saslauthd man page for information about mech-specific options.

OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"

How many saslauthd processes should we run? (default: 5)

A value of 0 will fork a new process for each connection.

THREADS=5

Other options (default: -c -m /var/run/saslauthd)

Note: You MUST specify the -m option or saslauthd won’t run!

WARNING: DO NOT SPECIFY THE -d OPTION.

The -d option will cause saslauthd to run in the foreground instead of as

a daemon. This will PREVENT YOUR SYSTEM FROM BOOTING PROPERLY. If you wish

to run saslauthd in debug mode, please run it by hand to be safe.

See /usr/share/doc/sasl2-bin/README.Debian for Debian-specific information.

See the saslauthd man page and the output of ‘saslauthd -h’ for general

information about these options.

Example for chroot Postfix users: “-c -m /var/spool/postfix/var/run/saslauthd”

Example for non-chroot Postfix users: “-c -m /var/run/saslauthd”

To know if your Postfix is running chroot, check /etc/postfix/master.cf.

If it has the line “smtp inet n - y - - smtpd” or “smtp inet n - - - - smtpd”

then your Postfix is running in a chroot.

If it has the line “smtp inet n - n - - smtpd” then your Postfix is NOT

running in a chroot.

OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"
PARAMS="-m /var/spool/postfix/var/run/saslauthd -r"

7

Try restarting the saslauthd service and see if that message goes away, and the status of “bad” goes away.

8

Uh Joe you say here put the -r flag behind the options.

So not this time see above for the config for this user topic starter ??

https://www.virtualmin.com/comment/785281#comment-785281

9

I don’t know. I’m trying to figure it out. Once I have more data from folks, I’ll know why it isn’t working and can fix it in virtualmin-config.

10

Yea they shouldn’t make the same mistake as me yum remove postfix after a while searching for solution why not working, messing up Virtualmin and so on. :wink:

Ok check also always the LOGS after fresh boot, and also after try sending the mail, sometimes this is not installed ( or some parts from it) to then the sasl is not working::
cyrus-sasl The Cyrus SASL library Running latest 2.1.26-21.el7 Base/7/x86_64

also in dovecot a conf with the old depricated “listen”

and postgrey :wink:

IF running CSF firewall then you can check also out of the control panel. View ports on the server that have a running process behind them listening for external connections for the ports there postfix dovecot and services and so on.

smtpd -n smtp -t inet -u -o stress= -s 2 -o smtpd_sasl_auth_enable=yes /usr/libexec/postfix/smtpd

11

Hi Guys

I‘m so sorry about this. I tried to restart the saslauthd service but everytime I tried it failed. What I have done after is to restart the whole server and since them it‘s working without problems. Also a login on my webmail service is working without any problems.

So I don‘t know what the problem was but it seems to be fixed now.

BR
Dominique

12

yea ok thanks for reply, that was why i told you to also fresh boot.