Linux - Server This forum is for the discussion of Linux Software used in a server related context. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
12-07-2010, 12:23 PM
|
#1
|
LQ Newbie
Registered: Dec 2010
Distribution: Ubuntu 10.10, SuSE 11.2, Debian Lenny, Puppy
Posts: 9
Rep:
|
Postfix one account can't send/receive email, one works fine
Hi, I just set up a new email server on Debian Lenny. It's Postfix for MTA and Dovecot for IMAPS server. I use Dovecot for authentication. I have two UNIX users on the system (except root), one was added before the installation of Postfix and Dovecot. I'm not doing any virtual things, just plain UNIX users and one domain on a dynamic IP.
The first user, "webadmin" can send and receive emails just fine through the server from my mail client. Now I just added a new user, "scarleo", and it turns out I'm unable to send and receive emails with this account. If I log in (SSH) with scarleo I can use bash mail to send emails, works fine. scarleo can also receive emails from webadmin and can connect to Dovecot to read emails. However scarleo cannot send or receive to or from anyone outside the server from my mail client. I have restarted both Postfix and Dovecot after adding the user. Do I have to do something else to make this account work like webadmin's?
A few relevant lines from mail.log: (I've modded my real IP)
Code:
Dec 7 17:44:42 homer dovecot: imap-login: Login: user=<scarleo>, method=PLAIN, rip=96.136.112.229, lip=192.168.0.18, TLS
Dec 7 17:44:42 homer dovecot: imap-login: Login: user=<webadmin>, method=PLAIN, rip=96.136.112.229, lip=192.168.0.18, TLS
Dec 7 17:45:16 homer postfix/smtpd[5915]: connect from bredband.comhem.se[96.136.112.229]
Dec 7 17:45:17 homer postfix/smtpd[5915]: NOQUEUE: reject: RCPT from bredband.comhem.se[96.136.112.229]: 554 5.7.1 <bredband.comhem.se[96.136.112.229]>: Client host rejected: Access denied; from=<scarleo@j-lux.dyndns.org> to=<my.gmail@gmail.com> proto=ESMTP helo=<[192.168.0.11]>
Dec 7 17:45:17 homer postfix/smtpd[5915]: disconnect from bredband.comhem.se[96.136.112.229]
Dec 7 17:48:37 homer postfix/anvil[5917]: statistics: max connection rate 1/60s for (smtps:96.136.112.229) at Dec 7 17:45:16
Dec 7 17:48:37 homer postfix/anvil[5917]: statistics: max connection count 1 for (smtps:96.136.112.229) at Dec 7 17:45:16
Dec 7 17:48:37 homer postfix/anvil[5917]: statistics: max cache size 1 at Dec 7 17:45:16
postfix/main.cf: (just what I have changed)
Code:
# Config added by me
myhostname = homer.domain.dyndns.org
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = domain.dyndns.org
mydestination = homer.domain.dyndns.org, localhost.domain.dyndns.org, domain.dyndns.org, localhost
relayhost = [mailout.comhem.se]:25
mynetworks = 127.0.0.0/8, 192.168.0.0/24
mailbox_command =
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
relay_domains = domain.dyndns.org, homer.domain.dyndns.org, localhost, localhost.domain.dyndns.org
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
# smtpd_sasl_tls_security_options = noanonymous
# smtpd_tls_auth_only = yes
# smtpd_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = reject_invalid_hostname,
reject_unknown_recipient_domain,
reject_rbl_client sbl.spamhaus.org,
permit_sasl_authenticated,
reject_unauth_destination
smtpd_sender_restrictions = permit_sasl_authenticated
# smtpd_helo_restrictions = reject_invalid_helo_hostname,
# reject_non_fqdn_helo_hostname,
# reject_unknown_helo_hostname
home_mailbox = Maildir/
dovecot -n:
Code:
homer:/var/spool/postfix/private# dovecot -n
# 1.0.15: /etc/dovecot/dovecot.conf
log_timestamp: %Y-%m-%d %H:%M:%S
login_dir: /var/run/dovecot/login
login_executable: /usr/lib/dovecot/imap-login
mail_privileged_group: mail
auth default:
mechanisms: plain login
passdb:
driver: pam
userdb:
driver: passwd
socket:
type: listen
client:
path: /var/spool/postfix/private/auth
mode: 432
user: postfix
group: postfix
Please help, and thanks in advance!
Best regards, scarleo
|
|
|
12-07-2010, 12:51 PM
|
#2
|
Senior Member
Registered: Jul 2007
Distribution: Gentoo
Posts: 2,125
|
Quote:
NOQUEUE: reject: RCPT from bredband.comhem.se[96.136.112.229]: 554 5.7.1 <bredband.comhem.se[96.136.112.229]>: Client host rejected: Access denied; from=<scarleo@j-lux.dyndns.org>
|
Postfix does not see this as being from an authenticated user. Postfix (+ Dovecot) uses Dovecot for the SASL authentication. It looks like you are trying to use the Linux user account for your Dovecot authentication, which should work. Unfortunately, I don't know how to tell you to configure such as setup, but my guess would be that some password database was 'hashed' when you initially created the system and the added user didn't get added to this 'hash'.
You might also want to turn on password debugging in Dovecot (there are a couple of places to do this from what I remember), which should tell you why it doesn't recognize this user.
|
|
|
12-07-2010, 01:20 PM
|
#3
|
LQ Newbie
Registered: Dec 2010
Distribution: Ubuntu 10.10, SuSE 11.2, Debian Lenny, Puppy
Posts: 9
Original Poster
Rep:
|
Thanks for your answer. I was researching down that line as well, however I think Dovecot actually authenticates the user correctly, as I can login to my IMAP account with "scarleo". This must mean that Dovecot auth is correct, right?
Also I use "userdb:
driver: passwd"
which according to Dovecot wiki looks in /etc/passwd, so it should work.
It's as if only auth requests from Postfix fails in Dovecot auth.
Quote:
You might also want to turn on password debugging in Dovecot (there are a couple of places to do this from what I remember), which should tell you why it doesn't recognize this user.
|
I will check it out.
Last edited by scarleo; 12-07-2010 at 01:22 PM.
|
|
|
12-07-2010, 01:46 PM
|
#4
|
LQ Newbie
Registered: Dec 2010
Distribution: Ubuntu 10.10, SuSE 11.2, Debian Lenny, Puppy
Posts: 9
Original Poster
Rep:
|
Ok, I did a new test with auth_debug=yes and auth_debug_passwords=yes. When sending with webadmin account I get a lot of info from dovecot: auth(default) in my log, but when trying with scarleo account there is just output from postfix, like above:
Code:
Dec 7 19:27:39 homer postfix/smtpd[9040]: connect from bredband.comhem.se[96.136.112.229]
Dec 7 19:27:40 homer postfix/smtpd[9040]: NOQUEUE: reject: RCPT from bredband.comhem.se[96.136.112.229]: 554 5.7.1 <.bredband.comhem.se[96.136.112.229]>: Client host rejected: Access denied; from=<scarleo@domain.dyndns.org> to=<my.gmail@gmail.com> proto=ESMTP helo=<[192.168.0.11]>
Dec 7 19:27:40 homer postfix/smtpd[9040]: disconnect from bredband.comhem.se[96.136.112.229]
So Postfix doesn't seem to use Dovecot for auth for this account.
|
|
|
12-07-2010, 05:03 PM
|
#5
|
Senior Member
Registered: Jul 2007
Distribution: Gentoo
Posts: 2,125
|
I would venture a guess it is because it does not see bredband.comhem.se as being one of its authenticated domains. Consequently, it thinks you are attempting to relay, which you do not want. As the connection is not from a recognized domain, it isn't even connecting to dovecot to try and authenticate the user.
I am not sure what exactly to recommend at the moment. You said this is happening when you try to connect with your mail client outside of your domain. I know in my mail client, my user name is the user@domain - the full account name, which is what is authenticated. Perhaps the domain is being tacked on automatically and you could address the problem with a configuration in your mail client.
If the one account is working fine, I would run a comparison with the password debug turned on and then look at logs to compare. You might see something that points you towards a solution.
|
|
|
All times are GMT -5. The time now is 12:50 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|