Solved

POP3 Authentication Problems - CentOS 6 - Sendmail - Dovecot - Thunderbird

Posted on 2014-04-24
12
878 Views
Last Modified: 2014-04-28
Greetings All,

I know this question has probably been beat half-ta-death but it is my turn to ask.. sorry.

History:
I obtained a Virtual Private Server from Go-Daddy to act as an Email Server and DNS. So far I have been successful in Implementing the DNS server and, for the most part, the Email server.

The Email server can send Outgoing mail and it can receive Incoming mail.  I can also log onto the Virtual machine and retrieve email (using the 'mail' command) for all current email users.

My problem is with POP3 authentication (and IMAP for that matter).  I am using 'Plain Text' passwords and i am NOT using SSL. It fails to authenticate when using 'Telnet Localhost....' (as a means of testing) and from Thunderbird. (as is to be expected)

I am sure that there is a setting or .config file that I am overlooking. I could sure use another set of eyes on this.

Question: is it possible that I may be missing some data in the 'host.conf' file?? If that is possible what should I look for?

Thanks for any help that you can give.

Rick
0
Comment
Question by:rrbecker
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 9
  • 3
12 Comments
 
LVL 2

Author Comment

by:rrbecker
ID: 40021765
Hi All...

Ok looks like I need help in setting up Dovecot properly. I believe that my problem is with one or more of the dovecot config files..


Again, any help is appreciated

Rick
0
 
LVL 13

Accepted Solution

by:
Sandy earned 500 total points
ID: 40022075
Paste the error msgs pls.

TY/SA
0
 
LVL 2

Author Comment

by:rrbecker
ID: 40022577
Hi Sandy....

There are a few different errors that occur depending on which config files I have 'Changed'. Dovecot has many config files under /etc/dovecot/conf.d and I have been making modification to some of those files in accordance with the information provided by wiki at this site - http://wiki2.dovecot.org/BasicConfiguration.

in particular I am trying to get password authentication working and have been testing via the following: ( error  message )

-----------------------------------------------------------------------
[root@ip-50-62-164-110 dovecot]# telnet localhost pop3
Trying ::1...
Connected to localhost.
Escape character is '^]'.
+OK Dovecot ready.
user flixnmix
+OK
pass flixnmix
-ERR Authentication failed.
---------------------------------------------------------------------

I think my problem has something to do with how to get dovecot to authenticate against the /etc/password file. I think it is trying to use the virtual file /etc/dovecot/user.

also I must admit that I am unclear on the proper syntax used in the dovecot config files

[root@ip-50-62-164-110 conf.d]# ls
10-auth.conf      15-lda.conf     90-quota.conf                auth-sql.conf.ext
10-director.conf  20-imap.conf    auth-checkpassword.conf.ext  auth-static.conf.ext
10-logging.conf   20-lmtp.conf    auth-deny.conf.ext           auth-system.conf.ext
10-mail.conf      20-pop3.conf    auth-ldap.conf.ext           auth-vpopmail.conf.ext
10-master.conf    90-acl.conf     auth-master.conf.ext
10-ssl.conf       90-plugin.conf  auth-passwdfile.conf.ext


NOTE: If there is an easier or better POP3 service then I am willing to try that instead of dovecot....

Please suggest some things to look at and the proper configuration... thanks


OH... BTW... I am NOT using SSL....

Rick
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 2

Author Comment

by:rrbecker
ID: 40022780
OK More Info...

Looks like PAM is the process that does the actual authentication along side of Dovecot...

Can you help me with getting PAM configured correctly to work with Dovecot...


Thanks
0
 
LVL 2

Author Comment

by:rrbecker
ID: 40023092
Greetings... It may be helpful to know that FTP is working fine and it uses a Login a password as well...


Rick
0
 
LVL 13

Expert Comment

by:Sandy
ID: 40023950
Is selinux is running in enforcing mode?  if yes try putting it in permissive mode and test.

setenforce 0

TY/SA
0
 
LVL 2

Author Comment

by:rrbecker
ID: 40023964
Here is a 'dump' of /var/log/maillog.....

##########################################################
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: Loading modules from directory: /usr/lib64/dovecot/auth
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libauthdb_ldap.so
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.so
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libmech_gssapi.so
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: auth client connected (pid=26049)
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=pop3#011lip=50.62.164.110#011rip=75.166.177.83#011lport=110#011rport=24720
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: client out: CONT#0111#011
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: client in: CONT<hidden>
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: Loading modules from directory: /usr/lib64/dovecot/auth
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libauthdb_ldap.so
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.so
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libmech_gssapi.so
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: pam(flixnmix,75.166.177.83): lookup service=pop3
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Error: pam(flixnmix,75.166.177.83): pam_authenticate() failed: Authentication failure (/etc/pam.d/pop3 missing?)
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: pam(flixnmix,75.166.177.83): lookup service=dovecot
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: pam(flixnmix,75.166.177.83): #1/1 style=1 msg=Password:
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Error: pam(flixnmix,75.166.177.83): pam_open_session() failed: Cannot make/remove an entry for the specified session
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: passwd(flixnmix,75.166.177.83): lookup
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: passwd(flixnmix,75.166.177.83): Password mismatch
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: Debug: shadow(flixnmix,75.166.177.83): lookup
Apr 25 17:35:10 ip-50-62-164-110 dovecot: auth: shadow(flixnmix,75.166.177.83): unknown user
Apr 25 17:35:12 ip-50-62-164-110 dovecot: auth: Debug: client out: FAIL#0111#011user=flixnmix
Apr 25 17:35:12 ip-50-62-164-110 dovecot: auth: Debug: client in: AUTH#0112#011PLAIN#011service=pop3#011lip=50.62.164.110#011rip=75.166.177.83#011lport=110#011rport=24720#011resp=<hidden>
Apr 25 17:35:16 ip-50-62-164-110 dovecot: auth: Debug: pam(flixnmix,75.166.177.83): lookup service=pop3
Apr 25 17:35:16 ip-50-62-164-110 dovecot: auth: pam(flixnmix,75.166.177.83): pam_authenticate() failed: Authentication failure (password mismatch?)
Apr 25 17:35:16 ip-50-62-164-110 dovecot: auth: Debug: pam(flixnmix,75.166.177.83): lookup service=dovecot
Apr 25 17:35:16 ip-50-62-164-110 dovecot: auth: Debug: pam(flixnmix,75.166.177.83): #1/1 style=1 msg=Password:
Apr 25 17:35:16 ip-50-62-164-110 dovecot: auth: Error: pam(flixnmix,75.166.177.83): pam_open_session() failed: Cannot make/remove an entry for the specified session
Apr 25 17:35:16 ip-50-62-164-110 dovecot: auth: Debug: passwd(flixnmix,75.166.177.83): lookup
Apr 25 17:35:16 ip-50-62-164-110 dovecot: auth: passwd(flixnmix,75.166.177.83): Password mismatch
Apr 25 17:35:16 ip-50-62-164-110 dovecot: auth: Debug: shadow(flixnmix,75.166.177.83): lookup
Apr 25 17:35:16 ip-50-62-164-110 dovecot: auth: shadow(flixnmix,75.166.177.83): unknown user
Apr 25 17:35:18 ip-50-62-164-110 dovecot: auth: Debug: client out: FAIL#0112#011user=flixnmix


##########################################################
0
 
LVL 2

Author Comment

by:rrbecker
ID: 40023973
Sandy, selinux is NOT running on this system, so it can not be part of the problem...

Or is it??



If you look a the maillog I think you will see that I may have a problem with the Password Files. Where does PAM/Dovecot look for password files? I thought I had it configured to look at /etc/passwd...

It seems to think that I am sending a password that is different from the one found in /etc/passwd. How do I resolve this conflict??


Rick
0
 
LVL 13

Expert Comment

by:Sandy
ID: 40023991
Paste /etc/nsswitch.conf
0
 
LVL 2

Author Comment

by:rrbecker
ID: 40024031
[root@ip-50-62-164-110 etc]# cat nsswitch.conf
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Valid entries include:
#
#      nisplus                  Use NIS+ (NIS version 3)
#      nis                  Use NIS (NIS version 2), also called YP
#      dns                  Use DNS (Domain Name Service)
#      files                  Use the local files
#      db                  Use the local database (.db) files
#      compat                  Use NIS on compat mode
#      hesiod                  Use Hesiod for user lookups
#      [NOTFOUND=return]      Stop searching if not found so far
#

# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd:    db files nisplus nis
#shadow:    db files nisplus nis
#group:     db files nisplus nis

passwd:     files
shadow:     files
group:      files

#hosts:     db files nisplus nis dns
hosts:      files dns

# Example - obey only what nisplus tells us...
#services:   nisplus [NOTFOUND=return] files
#networks:   nisplus [NOTFOUND=return] files
#protocols:  nisplus [NOTFOUND=return] files
#rpc:        nisplus [NOTFOUND=return] files
#ethers:     nisplus [NOTFOUND=return] files
#netmasks:   nisplus [NOTFOUND=return] files    

bootparams: nisplus [NOTFOUND=return] files

ethers:     files
netmasks:   files
networks:   files
protocols:  files
rpc:        files
services:   files

netgroup:   nisplus

publickey:  nisplus

automount:  files nisplus
aliases:    files nisplus
0
 
LVL 2

Author Comment

by:rrbecker
ID: 40026686
Sandy...

Well I have got the password authentication problem resolved but now I have another issue.

Since it is not an authentication issue I will close this request and post another request for help.  

While I did not resolve my issue with your help I will award you the points anyway.  Maybe you can help  me with my next issue.

Rick
0
 
LVL 2

Author Closing Comment

by:rrbecker
ID: 40026688
Issue was resolved but there was very little input provide.
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Ubuntu not booting - How get past GRUB? 3 83
open source backup solution 1 45
RHEL 6.7 Gnome Desktop on VMware 6 VM 9 113
IMAP copying tool 14 47
A high-level exploration of how our ever-increasing access to information has changed the way we do our jobs.
Are you using email marketing software? If not, you're missing out on effortless marketing and the reaching of desired conversion rates through email marketing software.
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question