Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1908
  • Last Modified:

Postfix/Courier/MySQL Error

I have installed postfix, courier-imap, and saslauthd with mysql authentication based on this tutorial: http://www.howtoforge.com/virtual-users-and-domains-postfix-courier-mysql-centos5.1

My system is CENTOs 5.2 and I get this error when I try to authenticate with SMTP:
Nov 10 19:29:56 newinstance postfix/smtpd[7323]: sql_select option missing
Nov 10 19:29:56 newinstance postfix/smtpd[7323]: auxpropfunc error no mechanism available
Nov 10 19:33:58 newinstance saslauthd[7377]: do_auth : auth failure: [user=jon] [service=smtp] [realm=mydomain.com] [mech=pam] [reason=PAM auth error]

I am able to send mail unauthenticated through telnet, but mysql authentication is not working. There are no mysql queries being executed by authdaemond. Can someone guide me through a debugging/fix process?
0
JonMarkGo
Asked:
JonMarkGo
  • 18
  • 9
1 Solution
 
artmsCommented:
Can you paste this file content
/usr/lib/sasl2/smtpd.conf
Check if content is the same as written in instruction http://www.howtoforge.com/virtual-users-and-domains-postfix-courier-mysql-centos5.1-p2
0
 
JonMarkGoAuthor Commented:
pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/var/spool/authdaemon/socket
0
 
artmsCommented:
Please execute this command
rpm -qa | grep sasl

If there is package associated with sql, then remove it, if there is none then check /usr/lib64/sasl2/ or /usr/lib/sasl2/ if there is sasl2 sql module.

Sasl finds that it has sql module (which you do not use in you configuration and tries to load it, that module requires sql_select option), so you have to disable that module so it is not being loaded.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
JonMarkGoAuthor Commented:
I ran rpm -e --allmatches cyrus-sasl-sql-2.1.22-4
but it is still unable to match with the proper authentication data in the DB.
0
 
JonMarkGoAuthor Commented:
I also get these errors when trying to log in to imap:
Nov 10 21:58:02 newinstance imapd-ssl: Connection, ip=[::ffff:1.2.3.4]
Nov 10 21:58:03 newinstance imapd-ssl: authdaemon: s_connect() failed: No such file or directory
Nov 10 21:58:03 newinstance imapd-ssl: LOGIN FAILED, method=PLAIN, ip=[::ffff:1.2.3.4]
Nov 10 21:58:03 newinstance imapd-ssl: authentication error: No such file or directory

(1.2.3.4 is just my IP masked)
0
 
JonMarkGoAuthor Commented:
I get these errors too with imap, strangely it doesn't even try authmysql...

Nov 10 22:00:58 newinstance imapd-ssl: LOGIN FAILED, method=PLAIN, ip=[::ffff:1.2.3.4]
Nov 10 22:00:58 newinstance authdaemond: received auth request, service=imap, authtype=login
Nov 10 22:00:58 newinstance authdaemond: authuserdb: trying this module
Nov 10 22:00:58 newinstance authdaemond: userdb: unable to stat /usr/local/etc/authlib/userdb.dat: No such file or directory
Nov 10 22:00:58 newinstance authdaemond: userdb: looking up 'jon@mydomain.com'
Nov 10 22:00:58 newinstance authdaemond: authuserdb: REJECT - try next module
Nov 10 22:00:58 newinstance authdaemond: authpwd: trying this module
Nov 10 22:00:58 newinstance authdaemond: authpwd: REJECT - try next module
Nov 10 22:00:58 newinstance authdaemond: authshadow: trying this module
Nov 10 22:00:58 newinstance authdaemond: authshadow: REJECT - try next module
Nov 10 22:00:58 newinstance authdaemond: authcustom: trying this module
Nov 10 22:00:58 newinstance authdaemond: authcustom: nothing implemented in do_auth_custom()
Nov 10 22:00:58 newinstance authdaemond: authcustom: REJECT - try next module
Nov 10 22:00:58 newinstance authdaemond: authpipe: trying this module
Nov 10 22:00:58 newinstance authdaemond: authpipe: REJECT - try next module
Nov 10 22:00:58 newinstance authdaemond: FAIL, all modules rejected
Nov 10 22:01:03 newinstance authdaemond: received auth request, service=imap, authtype=login
Nov 10 22:01:03 newinstance authdaemond: authuserdb: trying this module
Nov 10 22:01:03 newinstance authdaemond: userdb: unable to stat /usr/local/etc/authlib/userdb.dat: No such file or directory
Nov 10 22:01:03 newinstance authdaemond: userdb: looking up 'jon@mydomain.com'
Nov 10 22:01:03 newinstance authdaemond: authuserdb: REJECT - try next module
Nov 10 22:01:03 newinstance authdaemond: authpwd: trying this module
Nov 10 22:01:03 newinstance authdaemond: authpwd: REJECT - try next module
Nov 10 22:01:03 newinstance authdaemond: authshadow: trying this module
Nov 10 22:01:03 newinstance authdaemond: authshadow: REJECT - try next module
Nov 10 22:01:03 newinstance authdaemond: authcustom: trying this module
Nov 10 22:01:03 newinstance authdaemond: authcustom: nothing implemented in do_auth_custom()
Nov 10 22:01:03 newinstance authdaemond: authcustom: REJECT - try next module
Nov 10 22:01:03 newinstance authdaemond: authpipe: trying this module
Nov 10 22:01:03 newinstance authdaemond: authpipe: REJECT - try next module
Nov 10 22:01:03 newinstance authdaemond: FAIL, all modules rejected
Nov 10 22:01:03 newinstance imapd-ssl: LOGIN FAILED, user=jon@mydomain.com, ip=[::ffff:1.2.3.4]
0
 
JonMarkGoAuthor Commented:
I think I found the problem:
libauthmysql.so: cannot open shared object file: No such file or directory
0
 
JonMarkGoAuthor Commented:
The strange thing is that the library is there: /usr/lib64/courier-authlib/libauthmysql.so

Why wouldn't authdaemond be able to find it?
0
 
JonMarkGoAuthor Commented:
mydomain.com is my masked FQDN
1.2.3.4 is my personal IP address

Here is my messages log:
Nov 11 16:38:28 newinstance saslauthd[7377]: do_auth         : auth failure: [user=jon] [service=smtp] [realm=mydomain.com] [mech=pam] [reason=PAM auth error]
Nov 11 16:38:30 newinstance saslauthd[7379]: do_auth         : auth failure: [user=jon] [service=smtp] [realm=mydomain.com] [mech=pam] [reason=PAM auth error]

Here is my maillog:
Nov 11 16:37:11 newinstance authdaemond: stopping authdaemond children
Nov 11 16:37:14 newinstance authdaemond: modules="authmysql", daemons=5
Nov 11 16:37:14 newinstance authdaemond: Installing libauthmysql
Nov 11 16:37:14 newinstance authdaemond: Installation complete: authmysql
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  mail
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  ipv4
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: name_mask: ipv4
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  mail1.mydomain.com
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  mydomain.com
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  Postfix
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  postfix
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  postfix
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  postdrop
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  mail1.mydomain.com, localhost, localhost.localdomain
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: expand $myhostname -> mail1.mydomain.com
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  /usr/libexec/postfix
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  /usr/sbin
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  /var/spool/postfix
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  pid
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  all
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  double-bounce
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  nobody
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  hash:/etc/aliases
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  200600825
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  2.3.3
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  hash
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  deferred, defer
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: expand $mydestination -> mail1.mydomain.com, localhost, localhost.localdomain
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: expand $relay_domains -> mail1.mydomain.com, localhost, localhost.localdomain
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  TZ MAIL_CONFIG LANG
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG TZ XAUTHORITY DISPLAY LANG=C
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  subnet
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  +=
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  -=+
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqpd_authorized_clients,relay_domains,smtpd_access_maps
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  bounce
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  cleanup
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  defer
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  pickup
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  qmgr
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  rewrite
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  showq
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  error
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  flush
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  verify
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  trace
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  2
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  100s
Nov 11 16:38:24 newinstance last message repeated 3 times
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  3600s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  3600s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  100s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  100s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  1000s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  1000s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  10s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  10s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  1s
Nov 11 16:38:24 newinstance last message repeated 3 times
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  500s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  500s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  18000s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  18000s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  1s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  1s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  127.0.0.0/8
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: inet_addr_local: configured 2 IPv4 addresses
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  550
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: expand $myhostname ESMTP $mail_name -> mail1.mydomain.com ESMTP Postfix
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  resource, software
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  
Nov 11 16:38:24 newinstance last message repeated 2 times
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  
Nov 11 16:38:24 newinstance last message repeated 4 times
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  postmaster
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  
Nov 11 16:38:24 newinstance last message repeated 2 times
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  hash:/etc/aliases
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: expand proxy:unix:passwd.byname $alias_maps -> proxy:unix:passwd.byname hash:/etc/aliases
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  noanonymous
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  smtpd
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  amavis:[127.0.0.1]:10024
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  
Nov 11 16:38:24 newinstance last message repeated 2 times
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  CONNECT GET POST
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  <>
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  postmaster
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: expand $authorized_verp_clients ->
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: expand $myhostname -> mail1.mydomain.com
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  no_address_mappings
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: expand ${smtpd_client_connection_limit_exceptions:$mynetworks} -> 127.0.0.0/8
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  permit_inet_interfaces
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  
Nov 11 16:38:24 newinstance last message repeated 2 times
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: expand $smtpd_sasl_security_options -> noanonymous
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  /etc/postfix/smtpd.cert
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  /etc/postfix/smtpd.key
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: expand $smtpd_tls_dcert_file ->
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  medium
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  !EXPORT:!LOW:!MEDIUM:ALL:+RC4:@STRENGTH
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  !EXPORT:!LOW:ALL:+RC4:@STRENGTH
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  !EXPORT:ALL:+RC4:@STRENGTH
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  ALL:+RC4:@STRENGTH
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  !aNULL:eNULL+kRSA
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  SSLv3, TLSv1
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  
Nov 11 16:38:24 newinstance last message repeated 2 times
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  cyrus
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  j {daemon_name} v
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  {tls_version} {cipher} {cipher_bits} {cert_subject} {cert_issuer}
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  i {auth_type} {auth_authen} {auth_author} {mail_addr}
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  i {rcpt_addr}
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  i
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  i
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  2
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  tempfail
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: expand $myhostname -> mail1.mydomain.com
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: expand $mail_name $mail_version -> Postfix 2.3.3
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  yes
Nov 11 16:38:24 newinstance last message repeated 3 times
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  300s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  300s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  1s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  1s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  100s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  100s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  3s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  3s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  100s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  100s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  300s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  300s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  1000s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  1000s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  300s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  300s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  3600s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  3600s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  30s
Nov 11 16:38:24 newinstance last message repeated 3 times
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  300s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_eval: const  300s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: process generation: 63 (63)
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_string: mynetworks ~? debug_peer_list
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_string: mynetworks ~? fast_flush_domains
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_string: mynetworks ~? mynetworks
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_string: relay_domains ~? debug_peer_list
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_string: relay_domains ~? fast_flush_domains
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_string: relay_domains ~? mynetworks
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_string: relay_domains ~? permit_mx_backup_networks
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_string: relay_domains ~? qmqpd_authorized_clients
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_string: relay_domains ~? relay_domains
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_string: permit_mx_backup_networks ~? debug_peer_list
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_string: permit_mx_backup_networks ~? fast_flush_domains
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_string: permit_mx_backup_networks ~? mynetworks
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_string: permit_mx_backup_networks ~? permit_mx_backup_networks
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: connect to subsystem private/proxymap
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: send attr request = open
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: send attr table = unix:passwd.byname
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: send attr flags = 16448
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: private/proxymap socket: wanted attribute: status
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute name: status
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute value: 0
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: private/proxymap socket: wanted attribute: flags
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute name: flags
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute value: 16464
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: private/proxymap socket: wanted attribute: (list terminator)
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute name: (end)
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_proxy_open: connect to map=unix:passwd.byname status=0 server_flags=fixed|lock|fold_fix
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_open: proxy:unix:passwd.byname
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: Compiled against Berkeley DB: 4.3.29?
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: Run-time linked against Berkeley DB: 4.3.29?
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_open: hash:/etc/aliases
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: send attr request = open
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: send attr table = mysql:/etc/postfix/mysql-virtual_forwardings.cf
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: send attr flags = 16448
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: private/proxymap socket: wanted attribute: status
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute name: status
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute value: 0
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: private/proxymap socket: wanted attribute: flags
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute name: flags
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute value: 16464
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: private/proxymap socket: wanted attribute: (list terminator)
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute name: (end)
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_proxy_open: connect to map=mysql:/etc/postfix/mysql-virtual_forwardings.cf status=0 server_flags=fixed|lock|fold_fix
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_open: proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: cfg_get_str: /etc/postfix/mysql-virtual_email2email.cf: user = mail_admin
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: cfg_get_str: /etc/postfix/mysql-virtual_email2email.cf: password = 6gf535F43f!r
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: cfg_get_str: /etc/postfix/mysql-virtual_email2email.cf: dbname = mail
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: cfg_get_str: /etc/postfix/mysql-virtual_email2email.cf: result_format = %s
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: cfg_get_int: /etc/postfix/mysql-virtual_email2email.cf: expansion_limit = 0
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: cfg_get_str: /etc/postfix/mysql-virtual_email2email.cf: query = SELECT email FROM users WHERE email='%s'
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: cfg_get_str: /etc/postfix/mysql-virtual_email2email.cf: domain =
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: cfg_get_str: /etc/postfix/mysql-virtual_email2email.cf: hosts = 127.0.0.1
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_open: mysql:/etc/postfix/mysql-virtual_email2email.cf
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: send attr request = open
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: send attr table = mysql:/etc/postfix/mysql-virtual_mailboxes.cf
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: send attr flags = 16448
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: private/proxymap socket: wanted attribute: status
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute name: status
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute value: 0
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: private/proxymap socket: wanted attribute: flags
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute name: flags
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute value: 16464
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: private/proxymap socket: wanted attribute: (list terminator)
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute name: (end)
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_proxy_open: connect to map=mysql:/etc/postfix/mysql-virtual_mailboxes.cf status=0 server_flags=fixed|lock|fold_fix
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: dict_open: proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_string: smtpd_access_maps ~? debug_peer_list
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_string: smtpd_access_maps ~? fast_flush_domains
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_string: smtpd_access_maps ~? mynetworks
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_string: smtpd_access_maps ~? permit_mx_backup_networks
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_string: smtpd_access_maps ~? qmqpd_authorized_clients
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_string: smtpd_access_maps ~? relay_domains
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_string: smtpd_access_maps ~? smtpd_access_maps
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: xsasl_cyrus_server_init: SASL config file is smtpd.conf
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: auto_clnt_create: transport=local endpoint=private/tlsmgr
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: auto_clnt_open: connected to private/tlsmgr
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: send attr request = seed
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: send attr size = 32
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: private/tlsmgr: wanted attribute: status
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute name: status
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute value: 0
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: private/tlsmgr: wanted attribute: seed
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute name: seed
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute value: NsNFFy4tKg/arXlnKO+0GMaCKg7veoYm2qFtqr3U2/U=
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: private/tlsmgr: wanted attribute: (list terminator)
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute name: (end)
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: send attr request = policy
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: send attr cache_type = smtpd
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: private/tlsmgr: wanted attribute: status
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute name: status
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute value: 0
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: private/tlsmgr: wanted attribute: cachable
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute name: cachable
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute value: 0
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: private/tlsmgr: wanted attribute: (list terminator)
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute name: (end)
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_string: fast_flush_domains ~? debug_peer_list
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_string: fast_flush_domains ~? fast_flush_domains
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: name_mask: no_address_mappings
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: auto_clnt_create: transport=local endpoint=private/anvil
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: connection established
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: master_notify: status 0
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: name_mask: resource
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: name_mask: software
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: xsasl_cyrus_server_create: SASL service=smtp, realm=(null)
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: name_mask: noanonymous
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: warning: 1.2.3.4: address not listed for hostname plastimach.com
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: connect from unknown[1.2.3.4]
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_list_match: unknown: no match
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_list_match: 1.2.3.4: no match
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_list_match: unknown: no match
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_list_match: 1.2.3.4: no match
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_hostname: unknown ~? 127.0.0.0/8
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_hostaddr: 1.2.3.4 ~? 127.0.0.0/8
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_list_match: unknown: no match
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_list_match: 1.2.3.4: no match
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: auto_clnt_open: connected to private/anvil
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: send attr request = connect
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: send attr ident = smtp:1.2.3.4
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: private/anvil: wanted attribute: status
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute name: status
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute value: 0
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: private/anvil: wanted attribute: count
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute name: count
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute value: 1
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: private/anvil: wanted attribute: rate
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute name: rate
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute value: 1
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: private/anvil: wanted attribute: (list terminator)
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute name: (end)
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 220 mail1.mydomain.com ESMTP Postfix
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: < unknown[1.2.3.4]: EHLO [127.0.0.1]
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 250-mail1.mydomain.com
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 250-PIPELINING
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 250-SIZE 10240000
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 250-VRFY
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 250-ETRN
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 250-STARTTLS
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 250-AUTH PLAIN LOGIN
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_list_match: unknown: no match
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_list_match: 1.2.3.4: no match
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 250-AUTH=PLAIN LOGIN
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 250-ENHANCEDSTATUSCODES
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 250-8BITMIME
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 250 DSN
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: < unknown[1.2.3.4]: STARTTLS
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 220 2.0.0 Ready to start TLS
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: send attr request = seed
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: send attr size = 32
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: private/tlsmgr: wanted attribute: status
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute name: status
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute value: 0
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: private/tlsmgr: wanted attribute: seed
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute name: seed
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute value: zlv6lvV7mutwdSSGio6NaXKRKgUpKk51W6tnG91zWqc=
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: private/tlsmgr: wanted attribute: (list terminator)
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: input attribute name: (end)
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: < unknown[1.2.3.4]: EHLO [127.0.0.1]
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 250-mail1.mydomain.com
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 250-PIPELINING
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 250-SIZE 10240000
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 250-VRFY
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 250-ETRN
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 250-AUTH PLAIN LOGIN
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_list_match: unknown: no match
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: match_list_match: 1.2.3.4: no match
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 250-AUTH=PLAIN LOGIN
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 250-ENHANCEDSTATUSCODES
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 250-8BITMIME
Nov 11 16:38:24 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 250 DSN
Nov 11 16:38:27 newinstance postfix/smtpd[23539]: < unknown[1.2.3.4]: AUTH PLAIN AGpvbkB3ZS1jYXJlLmNvbQBzZWNyZXQ=
Nov 11 16:38:27 newinstance postfix/smtpd[23539]: xsasl_cyrus_server_first: sasl_method PLAIN, init_response AGpvbkB3ZS1jYXJlLmNvbQBzZWNyZXQ=
Nov 11 16:38:27 newinstance postfix/smtpd[23539]: xsasl_cyrus_server_first: decoded initial response
Nov 11 16:38:28 newinstance postfix/smtpd[23539]: warning: SASL authentication failure: Password verification failed
Nov 11 16:38:28 newinstance postfix/smtpd[23539]: warning: unknown[1.2.3.4]: SASL PLAIN authentication failed: authentication failure
Nov 11 16:38:28 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 535 5.7.0 Error: authentication failed: authentication failure
Nov 11 16:38:29 newinstance postfix/smtpd[23539]: < unknown[1.2.3.4]: AUTH LOGIN
Nov 11 16:38:29 newinstance postfix/smtpd[23539]: xsasl_cyrus_server_first: sasl_method LOGIN
Nov 11 16:38:29 newinstance postfix/smtpd[23539]: xsasl_cyrus_server_auth_response: uncoded server challenge: Username:
Nov 11 16:38:29 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 334 VXNlcm5hbWU6
Nov 11 16:38:29 newinstance postfix/smtpd[23539]: < unknown[1.2.3.4]: am9uQHdlLWNhcmUuY29t
Nov 11 16:38:29 newinstance postfix/smtpd[23539]: xsasl_cyrus_server_next: decoded response: jon@mydomain.com
Nov 11 16:38:29 newinstance postfix/smtpd[23539]: xsasl_cyrus_server_auth_response: uncoded server challenge: Password:
Nov 11 16:38:29 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 334 UGFzc3dvcmQ6
Nov 11 16:38:29 newinstance postfix/smtpd[23539]: < unknown[1.2.3.4]: c2VjcmV0
Nov 11 16:38:29 newinstance postfix/smtpd[23539]: xsasl_cyrus_server_next: decoded response: mypassword
Nov 11 16:38:30 newinstance postfix/smtpd[23539]: warning: unknown[1.2.3.4]: SASL LOGIN authentication failed: authentication failure
Nov 11 16:38:30 newinstance postfix/smtpd[23539]: > unknown[1.2.3.4]: 535 5.7.0 Error: authentication failed: authentication failure
Nov 11 16:39:31 newinstance postfix/smtpd[23539]: smtp_get: EOF
Nov 11 16:39:31 newinstance postfix/smtpd[23539]: match_hostname: unknown ~? 127.0.0.0/8
Nov 11 16:39:31 newinstance postfix/smtpd[23539]: match_hostaddr: 1.2.3.4 ~? 127.0.0.0/8
Nov 11 16:39:31 newinstance postfix/smtpd[23539]: match_list_match: unknown: no match
Nov 11 16:39:31 newinstance postfix/smtpd[23539]: match_list_match: 1.2.3.4: no match
Nov 11 16:39:31 newinstance postfix/smtpd[23539]: send attr request = disconnect
Nov 11 16:39:31 newinstance postfix/smtpd[23539]: send attr ident = smtp:1.2.3.4
Nov 11 16:39:31 newinstance postfix/smtpd[23539]: private/anvil: wanted attribute: status
Nov 11 16:39:31 newinstance postfix/smtpd[23539]: input attribute name: status
Nov 11 16:39:31 newinstance postfix/smtpd[23539]: input attribute value: 0
Nov 11 16:39:31 newinstance postfix/smtpd[23539]: private/anvil: wanted attribute: (list terminator)
Nov 11 16:39:31 newinstance postfix/smtpd[23539]: input attribute name: (end)
Nov 11 16:39:31 newinstance postfix/smtpd[23539]: lost connection after AUTH from unknown[1.2.3.4]
Nov 11 16:39:31 newinstance postfix/smtpd[23539]: disconnect from unknown[1.2.3.4]
Nov 11 16:39:31 newinstance postfix/smtpd[23539]: master_notify: status 1
Nov 11 16:39:31 newinstance postfix/smtpd[23539]: connection closed
0
 
JonMarkGoAuthor Commented:
There is nothing in my mysql query log (of authdaemond checking against the DB)
0
 
artmsCommented:
Just to make sure, as I understood smtp authentification and imap authenfication both fail?
There is option in /usr/lib/sasl2/smtpd.conf:
authdaemond_path:/var/spool/authdaemon/socket

Do you see socket file in /var/spool/authdaemon/?

Please also paste this file /etc/authlib/authdaemonrc
0
 
JonMarkGoAuthor Commented:
Yes, they both fail, though with different errors.
Here is the imap errors in maillog, I don't believe imap even ends up contacting authdaemond for authentication.
Nov 11 17:02:23 newinstance imapd-ssl: Connection, ip=[::ffff:1.2.3.4]
Nov 11 17:02:23 newinstance imapd-ssl: authdaemon: s_connect() failed: Connection refused
Nov 11 17:02:23 newinstance imapd-ssl: [Hint: perhaps authdaemond is not running?]
Nov 11 17:02:23 newinstance imapd-ssl: LOGIN FAILED, method=PLAIN, ip=[::ffff:1.2.3.4]
Nov 11 17:02:23 newinstance imapd-ssl: authentication error: Connection refused
Nov 11 17:02:44 newinstance imapd-ssl: Connection, ip=[::ffff:1.2.3.4]
Nov 11 17:02:44 newinstance imapd-ssl: authdaemon: s_connect() failed: Connection refused
Nov 11 17:02:44 newinstance imapd-ssl: [Hint: perhaps authdaemond is not running?]
Nov 11 17:02:44 newinstance imapd-ssl: LOGIN FAILED, method=PLAIN, ip=[::ffff:1.2.3.4]
Nov 11 17:02:44 newinstance imapd-ssl: authentication error: Connection refused

The socket is there.

Here is authdaemonrc:
##VERSION: $Id: authdaemonrc.in,v 1.13 2005/10/05 00:07:32 mrsam Exp $
#
# Copyright 2000-2005 Double Precision, Inc.  See COPYING for
# distribution information.
#
# authdaemonrc created from authdaemonrc.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# This file configures authdaemond, the resident authentication daemon.
#
# Comments in this file are ignored.  Although this file is intended to
# be sourced as a shell script, authdaemond parses it manually, so
# the acceptable syntax is a bit limited.  Multiline variable contents,
# with the \ continuation character, are not allowed.  Everything must
# fit on one line.  Do not use any additional whitespace for indentation,
# or anything else.

##NAME: authmodulelist:2
#
# The authentication modules that are linked into authdaemond.  The
# default list is installed.  You may selectively disable modules simply
# by removing them from the following list.  The available modules you
# can use are: authuserdb authpam authpgsql authldap authmysql authcustom authpipe

authmodulelist="authmysql"

#authmodulelist="authuserdb authpam authpgsql authldap authmysql authcustom authpipe"

##NAME: authmodulelistorig:3
#
# This setting is used by Courier's webadmin module, and should be left
# alone

authmodulelistorig="authuserdb authpam authpgsql authldap authmysql authcustom authpipe"

##NAME: daemons:0
#
# The number of daemon processes that are started.  authdaemon is typically
# installed where authentication modules are relatively expensive: such
# as authldap, or authmysql, so it's better to have a number of them running.
# PLEASE NOTE:  Some platforms may experience a problem if there's more than
# one daemon.  Specifically, SystemV derived platforms that use TLI with
# socket emulation.  I'm suspicious of TLI's ability to handle multiple
# processes accepting connections on the same filesystem domain socket.
#
# You may need to increase daemons if as your system load increases.  Symptoms
# include sporadic authentication failures.  If you start getting
# authentication failures, increase daemons.  However, the default of 5
# SHOULD be sufficient.  Bumping up daemon count is only a short-term
# solution.  The permanent solution is to add more resources: RAM, faster
# disks, faster CPUs...

daemons=5

##NAME: authdaemonvar:2
#
# authdaemonvar is here, but is not used directly by authdaemond.  It's
# used by various configuration and build scripts, so don't touch it!

authdaemonvar=/var/spool/authdaemon

##NAME: DEBUG_LOGIN:0
#
# Dump additional diagnostics to syslog
#
# DEBUG_LOGIN=0   - turn off debugging
# DEBUG_LOGIN=1   - turn on debugging
# DEBUG_LOGIN=2   - turn on debugging + log passwords too
#
# ** YES ** - DEBUG_LOGIN=2 places passwords into syslog.
#
# Note that most information is sent to syslog at level 'debug', so
# you may need to modify your /etc/syslog.conf to be able to see it.

DEBUG_LOGIN=2

##NAME: DEFAULTOPTIONS:0
#
# A comma-separated list of option=value pairs. Each option is applied
# to an account if the account does not have its own specific value for
# that option. So for example, you can set
#   DEFAULTOPTIONS="disablewebmail=1,disableimap=1"
# and then enable webmail and/or imap on individual accounts by setting
# disablewebmail=0 and/or disableimap=0 on the account.

DEFAULTOPTIONS=""

##NAME: LOGGEROPTS:0
#
# courierlogger(1) options, e.g. to set syslog facility
#

LOGGEROPTS=""

##NAME: LDAP_TLS_OPTIONS:0
#
# Options documented in ldap.conf(5) can be set here, prefixed with 'LDAP'.
# Examples:
#
#LDAPTLS_CACERT=/path/to/cacert.pem
#LDAPTLS_REQCERT=demand
#LDAPTLS_CERT=/path/to/clientcert.pem
#LDAPTLS_KEY=/path/to/clientkey.pem


Here is authmysqlrc (real mysql password replaced)
MYSQL_SERVER localhost
MYSQL_USERNAME mail_admin
MYSQL_PASSWORD mail_admin_password
MYSQL_PORT 3306
MYSQL_DATABASE mail
MYSQL_USER_TABLE users
MYSQL_CRYPT_PWFIELD password
#MYSQL_CLEAR_PWFIELD password
MYSQL_UID_FIELD 500
MYSQL_GID_FIELD 500
MYSQL_LOGIN_FIELD email
MYSQL_HOME_FIELD "/home/vmail"
MYSQL_MAILDIR_FIELD CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/')
#MYSQL_NAME_FIELD
#MYSQL_QUOTA_FIELD quota
0
 
artmsCommented:
Please check if authdaemond is running. For eg.:
ps -ef |grep authdaemon
or
/etc/init.d/courier-authlib status

Please also write which services are listening:
netstat -aptn | grep LISTEN

Authdaemon should be on that list...

0
 
JonMarkGoAuthor Commented:
[root@mail1 ~]# ps -ef |grep authdaemon
root     23575     1  0 16:47 ?        00:00:00 /usr/sbin/courierlogger -pid=/var/spool/authdaemon/pid -start /usr/libexec/courier-authlib/authdaemond
root     23576 23575  0 16:47 ?        00:00:00 /usr/libexec/courier-authlib/authdaemond
root     23799 23576  0 17:18 ?        00:00:00 /usr/libexec/courier-authlib/authdaemond
root     23800 23576  0 17:18 ?        00:00:00 /usr/libexec/courier-authlib/authdaemond
root     23801 23576  0 17:18 ?        00:00:00 /usr/libexec/courier-authlib/authdaemond
root     23802 23576  0 17:18 ?        00:00:00 /usr/libexec/courier-authlib/authdaemond
root     23803 23576  0 17:18 ?        00:00:00 /usr/libexec/courier-authlib/authdaemond
root     25177 25145  0 19:50 pts/6    00:00:00 grep authdaemon

[root@mail1 ~]# /etc/init.d/courier-authlib status
[root@mail1 ~]#

[root@mail1 ~]# netstat -aptn | grep LISTEN
tcp        0      0 127.0.0.1:10024             0.0.0.0:*                   LISTEN      4774/amavisd (maste
tcp        0      0 127.0.0.1:10025             0.0.0.0:*                   LISTEN      23868/master
tcp        0      0 0.0.0.0:3306                0.0.0.0:*                   LISTEN      6659/mysqld
tcp        0      0 0.0.0.0:587                 0.0.0.0:*                   LISTEN      23868/master
tcp        0      0 127.0.0.1:3310              0.0.0.0:*                   LISTEN      609/clamd
tcp        0      0 0.0.0.0:111                 0.0.0.0:*                   LISTEN      1265/portmap
tcp        0      0 0.0.0.0:855                 0.0.0.0:*                   LISTEN      32049/rpc.statd
tcp        0      0 0.0.0.0:25                  0.0.0.0:*                   LISTEN      23868/master
tcp        0      0 :::993                      :::*                        LISTEN      450/couriertcpd
tcp        0      0 :::995                      :::*                        LISTEN      471/couriertcpd
tcp        0      0 :::110                      :::*                        LISTEN      456/couriertcpd
tcp        0      0 :::143                      :::*                        LISTEN      434/couriertcpd
tcp        0      0 :::80                       :::*                        LISTEN      32549/httpd
tcp        0      0 :::22                       :::*                        LISTEN      32082/sshd
0
 
artmsCommented:
Hmm please check i /var/spool/authdaemon/socket is accessible by courier:
ls -l /var/spool/authdaemon/

Also selinux might interfere, please enter this command:
sestatus

If Current mode is enforcing, please try changing it into permissive:
setenforce permissive
If this helps (please restart all needed services just to make sure), then make that setting permanent by editing
/etc/selinux/config

change option:
SELINUX=enforcing
to
SELINUX=permissive
0
 
JonMarkGoAuthor Commented:
[root@mail1 ~]# ls -l /var/spool/authdaemon/
total 4
-rw-r--r-- 1 root root 6 Nov 11 16:47 pid
-rw------- 1 root root 0 Nov 10 17:05 pid.lock
srwxrwxrwx 1 root root 0 Nov 11 16:47 socket

[root@mail1 ~]# sestatus
SELinux status:                 disabled
0
 
artmsCommented:
Did you solve the problem with "libauthmysql.so: cannot open shared object file:"
If not please make a symlink of libauthmysql.so in /usr/lib64/ directory, maybe some path are wrong.
0
 
JonMarkGoAuthor Commented:
Yes, I solved that problem by starting up authdaemond from /usr/sbin/authdaemond instead of where I was starting it from before.
0
 
JonMarkGoAuthor Commented:
The log now properly says:
Nov 11 16:37:14 newinstance authdaemond: modules="authmysql", daemons=5
Nov 11 16:37:14 newinstance authdaemond: Installing libauthmysql
Nov 11 16:37:14 newinstance authdaemond: Installation complete: authmysql
0
 
artmsCommented:
Can you enter this command:
ls -l /var/spool/

I'm trying to figure out if socket is really accessible by courier and other daemons.


0
 
JonMarkGoAuthor Commented:
[root@mail1 ~]# ls -l /var/spool/
total 48
drwxr-xr-x  2 amavis  amavis  4096 Nov 10 17:15 amavisd
drwxr-xr-x  2 root    root    4096 Feb  6  2008 anacron
drwx------  3 daemon  daemon  4096 Feb  6  2008 at
drwxr-xr-x  2 courier courier 4096 Nov 11 16:47 authdaemon
drwxrwx---  2 smmsp   smmsp   4096 Nov 11 04:02 clientmqueue
drwx------  2 root    root    4096 Nov 10  2007 cron
drwxr-xr-x  2 root    root    4096 Mar 29  2007 lpd
drwxrwxr-x  2 root    mail    4096 Nov 11 04:02 mail
drwx------  2 root    mail    4096 Oct 29 02:24 mqueue
drwxr-xr-x 17 root    root    4096 Nov 10 16:53 postfix
drwxr-xr-x  2 rpm     rpm     4096 May 24 18:37 repackage
drwxr-xr-x  3 root    root    4096 Oct 30 17:42 squirrelmail


The authdaemond log shows that it is being accessed by postfix (though not courier), and then gives the error about pam auth failing:
Nov 11 17:34:13 mail1 saslauthd[24769]: do_auth         : auth failure: [user=jon@we-care.com] [service=smtp] [realm=mydomain.com] [mech=pam] [reason=PAM auth error]
0
 
artmsCommented:
Did you use cyrus-sasl package from centos repository or did you compile it separately, if separately, please provide what configure statement you entered? Centos cyrus-sasl provided does not support authdaemon, it was not compiled with that feature enabled, you will have to compile it your self.
0
 
JonMarkGoAuthor Commented:
I ran yum install ntp httpd mysql-server php php-mysql php-mbstring php-mcrypt phpmyadmin rpm-build gcc mysql-devel openssl-devel cyrus-sasl-devel pkgconfig zlib-devel pcre-devel openldap-devel postgresql-devel expect libtool-ltdl-devel openldap-servers libtool gdbm-devel pam-devel gamin-devel

So what do I need to do to fix it?
0
 
artmsCommented:
Download this package http://mirror.centos.org/centos/5/os/SRPMS/cyrus-sasl-2.1.22-4.src.rpm

Install this packages:
yum install autoconf automake libtool gdbm-devel krb5-devel openssl-devel pam-devel pkgconfig mysql-devel postgresql-devel zlib-devel openldap-devel rpm-build

Then
rpm -i cyrus-sasl-2.1.22-4.src.rpm

Go to /usr/src/redhat/SPEC/

And copy there file I attached, it has a modified configure to enable authdaemon and gssapi plugin removed, because I was unable to successfully compile it (you might have similar problem...)

Rename it to cyrus-sasl.spec
After that run:
rpmbuild -ba cyrus-sasl.spec

Wait 5-10minutes to finish the process(depends on server), after finishing the process go to /usr/src/redhat/RPMS/x86_64/

And install cyrus-sasl, cyrus-sasl-lib, cyrus-sasl-plain packages
rpm -Uhv cyrus-sasl-2.1.22-4authdaemon.x86_64.rpm cyrus-lib-2.1.22-4authdaemon.x86_64.rpm cyrus-plain-2.1.22-4authdaemon.x86_64.rpm
cyrus-sasl.txt
0
 
JonMarkGoAuthor Commented:
I did all of that, and it all worked as expected. But I still cannot authenticate... Still getting:
Nov 12 00:05:22 mail1 saslauthd[15569]: do_auth         : auth failure: [user=jon@mydomain.com] [service=smtp] [realm=mydomain.com] [mech=pam] [reason=PAM auth error]
0
 
JonMarkGoAuthor Commented:
If it helps at all, this is what I used to install courier, etc.: http://www.howtoforge.com/installing-courier-imap-courier-authlib-maildrop-fedora-redhat-centos

But I'm worried more about SMTP at this point and would like to fix that first.
0
 
JonMarkGoAuthor Commented:
The problem was that postfix was still trying to use saslauthd, not authdaemond. Now that I fixed it, smtp works. Now to fix imap...
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 18
  • 9
Tackle projects and never again get stuck behind a technical roadblock.
Join Now