• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 975
  • Last Modified:

POP3 Authentication Problems - CentOS 6 - Sendmail - Dovecot - Thunderbird

Greetings All,

I know this question has probably been beat half-ta-death but it is my turn to ask.. sorry.

History:
I obtained a Virtual Private Server from Go-Daddy to act as an Email Server and DNS. So far I have been successful in Implementing the DNS server and, for the most part, the Email server.

The Email server can send Outgoing mail and it can receive Incoming mail.  I can also log onto the Virtual machine and retrieve email (using the 'mail' command) for all current email users.

My problem is with POP3 authentication (and IMAP for that matter).  I am using 'Plain Text' passwords and i am NOT using SSL. It fails to authenticate when using 'Telnet Localhost....' (as a means of testing) and from Thunderbird. (as is to be expected)

I am sure that there is a setting or .config file that I am overlooking. I could sure use another set of eyes on this.

Question: is it possible that I may be missing some data in the 'host.conf' file?? If that is possible what should I look for?

Thanks for any help that you can give.

Rick
0
rrbecker
Asked:
rrbecker
  • 9
  • 3
1 Solution
 
rrbeckerAuthor Commented:
Hi All...

Ok looks like I need help in setting up Dovecot properly. I believe that my problem is with one or more of the dovecot config files..


Again, any help is appreciated

Rick
0
 
SandyCommented:
Paste the error msgs pls.

TY/SA
0
 
rrbeckerAuthor Commented:
Hi Sandy....

There are a few different errors that occur depending on which config files I have 'Changed'. Dovecot has many config files under /etc/dovecot/conf.d and I have been making modification to some of those files in accordance with the information provided by wiki at this site - http://wiki2.dovecot.org/BasicConfiguration.

in particular I am trying to get password authentication working and have been testing via the following: ( error  message )

-----------------------------------------------------------------------
[root@ip-50-62-164-110 dovecot]# telnet localhost pop3
Trying ::1...
Connected to localhost.
Escape character is '^]'.
+OK Dovecot ready.
user flixnmix
+OK
pass flixnmix
-ERR Authentication failed.
---------------------------------------------------------------------

I think my problem has something to do with how to get dovecot to authenticate against the /etc/password file. I think it is trying to use the virtual file /etc/dovecot/user.

also I must admit that I am unclear on the proper syntax used in the dovecot config files

[root@ip-50-62-164-110 conf.d]# ls
10-auth.conf      15-lda.conf     90-quota.conf                auth-sql.conf.ext
10-director.conf  20-imap.conf    auth-checkpassword.conf.ext  auth-static.conf.ext
10-logging.conf   20-lmtp.conf    auth-deny.conf.ext           auth-system.conf.ext
10-mail.conf      20-pop3.conf    auth-ldap.conf.ext           auth-vpopmail.conf.ext
10-master.conf    90-acl.conf     auth-master.conf.ext
10-ssl.conf       90-plugin.conf  auth-passwdfile.conf.ext


NOTE: If there is an easier or better POP3 service then I am willing to try that instead of dovecot....

Please suggest some things to look at and the proper configuration... thanks


OH... BTW... I am NOT using SSL....

Rick
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
rrbeckerAuthor Commented:
OK More Info...

Looks like PAM is the process that does the actual authentication along side of Dovecot...

Can you help me with getting PAM configured correctly to work with Dovecot...


Thanks
0
 
rrbeckerAuthor Commented:
Greetings... It may be helpful to know that FTP is working fine and it uses a Login a password as well...


Rick
0
 
SandyCommented:
Is selinux is running in enforcing mode?  if yes try putting it in permissive mode and test.

setenforce 0

TY/SA
0
 
rrbeckerAuthor Commented:
Here is a 'dump' of /var/log/maillog.....

##########################################################
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: Loading modules from directory: /usr/lib64/dovecot/auth
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libauthdb_ldap.so
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.so
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libmech_gssapi.so
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: auth client connected (pid=26049)
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=pop3#011lip=50.62.164.110#011rip=75.166.177.83#011lport=110#011rport=24720
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: client out: CONT#0111#011
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: client in: CONT<hidden>
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: Loading modules from directory: /usr/lib64/dovecot/auth
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libauthdb_ldap.so
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.so
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libmech_gssapi.so
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: pam(flixnmix,75.166.177.83): lookup service=pop3
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Error: pam(flixnmix,75.166.177.83): pam_authenticate() failed: Authentication failure (/etc/pam.d/pop3 missing?)
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: pam(flixnmix,75.166.177.83): lookup service=dovecot
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: pam(flixnmix,75.166.177.83): #1/1 style=1 msg=Password:
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Error: pam(flixnmix,75.166.177.83): pam_open_session() failed: Cannot make/remove an entry for the specified session
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: passwd(flixnmix,75.166.177.83): lookup
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: passwd(flixnmix,75.166.177.83): Password mismatch
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: shadow(flixnmix,75.166.177.83): lookup
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: shadow(flixnmix,75.166.177.83): unknown user
Apr 25 17:35:12 ip-50-62-164-110 dovecot: auth: Debug: client out: FAIL#0111#011user=flixnmix
Apr 25 17:35:12 ip-50-62-164-110 dovecot: auth: Debug: client in: AUTH#0112#011PLAIN#011service=pop3#011lip=50.62.164.110#011rip=75.166.177.83#011lport=110#011rport=24720#011resp=<hidden>
Apr 25 17:35:16 ip-50-62-164-110 dovecot: auth: Debug: pam(flixnmix,75.166.177.83): lookup service=pop3
Apr 25 17:35:16 ip-50-62-164-110 dovecot: auth: pam(flixnmix,75.166.177.83): pam_authenticate() failed: Authentication failure (password mismatch?)
Apr 25 17:35:16 ip-50-62-164-110 dovecot: auth: Debug: pam(flixnmix,75.166.177.83): lookup service=dovecot
Apr 25 17:35:16 ip-50-62-164-110 dovecot: auth: Debug: pam(flixnmix,75.166.177.83): #1/1 style=1 msg=Password:
Apr 25 17:35:16 ip-50-62-164-110 dovecot: auth: Error: pam(flixnmix,75.166.177.83): pam_open_session() failed: Cannot make/remove an entry for the specified session
Apr 25 17:35:16 ip-50-62-164-110 dovecot: auth: Debug: passwd(flixnmix,75.166.177.83): lookup
Apr 25 17:35:16 ip-50-62-164-110 dovecot: auth: passwd(flixnmix,75.166.177.83): Password mismatch
Apr 25 17:35:16 ip-50-62-164-110 dovecot: auth: Debug: shadow(flixnmix,75.166.177.83): lookup
Apr 25 17:35:16 ip-50-62-164-110 dovecot: auth: shadow(flixnmix,75.166.177.83): unknown user
Apr 25 17:35:18 ip-50-62-164-110 dovecot: auth: Debug: client out: FAIL#0112#011user=flixnmix


##########################################################
0
 
rrbeckerAuthor Commented:
Sandy, selinux is NOT running on this system, so it can not be part of the problem...

Or is it??



If you look a the maillog I think you will see that I may have a problem with the Password Files. Where does PAM/Dovecot look for password files? I thought I had it configured to look at /etc/passwd...

It seems to think that I am sending a password that is different from the one found in /etc/passwd. How do I resolve this conflict??


Rick
0
 
SandyCommented:
Paste /etc/nsswitch.conf
0
 
rrbeckerAuthor Commented:
[root@ip-50-62-164-110 etc]# cat nsswitch.conf
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Valid entries include:
#
#      nisplus                  Use NIS+ (NIS version 3)
#      nis                  Use NIS (NIS version 2), also called YP
#      dns                  Use DNS (Domain Name Service)
#      files                  Use the local files
#      db                  Use the local database (.db) files
#      compat                  Use NIS on compat mode
#      hesiod                  Use Hesiod for user lookups
#      [NOTFOUND=return]      Stop searching if not found so far
#

# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd:    db files nisplus nis
#shadow:    db files nisplus nis
#group:     db files nisplus nis

passwd:     files
shadow:     files
group:      files

#hosts:     db files nisplus nis dns
hosts:      files dns

# Example - obey only what nisplus tells us...
#services:   nisplus [NOTFOUND=return] files
#networks:   nisplus [NOTFOUND=return] files
#protocols:  nisplus [NOTFOUND=return] files
#rpc:        nisplus [NOTFOUND=return] files
#ethers:     nisplus [NOTFOUND=return] files
#netmasks:   nisplus [NOTFOUND=return] files    

bootparams: nisplus [NOTFOUND=return] files

ethers:     files
netmasks:   files
networks:   files
protocols:  files
rpc:        files
services:   files

netgroup:   nisplus

publickey:  nisplus

automount:  files nisplus
aliases:    files nisplus
0
 
rrbeckerAuthor Commented:
Sandy...

Well I have got the password authentication problem resolved but now I have another issue.

Since it is not an authentication issue I will close this request and post another request for help.  

While I did not resolve my issue with your help I will award you the points anyway.  Maybe you can help  me with my next issue.

Rick
0
 
rrbeckerAuthor Commented:
Issue was resolved but there was very little input provide.
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

  • 9
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now