Hi,
I am trying to configure dovecot/postfix with virtual users and sasl auth but there are so many tutorials with mistakes and subtle differences that at the end I am lost. So I am running Ubuntu server 11.04 (natty) and when I installed my server I had followed the following guide http://workaround.org/ispmail/etch
Then I have migrated to dovecot 2.1 and now I am trying to allow authenticated user to use my smtp server because for the moment I get : Relay access denied
Here is my configuration (first is file hierarchy followed by file contents) and I would like to know what I need to do to allow authenticated user send email. In this tutorial http://library.linode.com/email/postfix/dovecot-mysql-ubuntu-10.04-lucid#sph... it seems I have to add some configuration lines inside /etc/pam.d/smtp and add database configuration inside /etc/postfix/sasl/smtpd.conf. But what I find weird is the fact I have to configure some sql queries from smtpd.conf while normally dovecot has already all the information to do this kind of query. So before to keep on modifying my config I would like to be sure I am following the right way.
Thanks
########################### /etc/postfix ########################### drwxr-xr-x 3 root root 4096 2012-02-12 13:33 ./ drwxr-xr-x 116 root root 4096 2012-02-12 13:21 ../ -rw-r--r-- 1 root root 373 2011-07-24 11:50 dynamicmaps.cf -rw-r--r-- 1 root root 1928 2012-02-12 12:45 main.cf -rw-r--r-- 1 root root 5762 2011-08-03 22:06 master.cf -rw-rw---- 1 root postfix 140 2011-07-24 11:43 mysql-virtual-alias-maps.cf -rw-rw---- 1 root postfix 132 2011-07-24 11:47 mysql-virtual-mailbox-domains.cf -rw-rw---- 1 root postfix 128 2011-07-24 11:47 mysql-virtual-mailbox-maps.cf -rw-r--r-- 1 root root 19509 2011-04-05 06:07 postfix-files -rwxr-xr-x 1 root root 8729 2011-04-05 06:07 postfix-script* -rwxr-xr-x 1 root root 25752 2011-04-05 06:07 post-install* drwxr-xr-x 2 root root 4096 2012-02-12 12:41 sasl/
root@xa-12345:/etc/postfix# ll sasl/ drwxr-xr-x 2 root root 4096 2012-02-12 12:41 ./ drwxr-xr-x 3 root root 4096 2012-02-12 13:33 ../ -rw-r--r-- 1 root root 26 2012-02-12 12:41 smtpd.conf
########################### /etc/dovecot ########################### drwxr-xr-x 3 root root 4096 2011-09-24 11:42 ./ drwxr-xr-x 116 root root 4096 2012-02-12 13:21 ../ drwxr-xr-x 2 root dovecot 4096 2012-02-12 12:03 conf.d/ -rw-r--r-- 1 root dovecot 3693 2011-09-23 15:11 dovecot.conf -rw-r--r-- 1 root dovecot 410 2011-09-23 15:11 dovecot-db.conf.ext -rw-r--r-- 1 root dovecot 782 2011-09-23 15:11 dovecot-dict-sql.conf.ext -rw-r--r-- 1 root dovecot 5508 2011-09-23 15:38 dovecot-sql.conf -rw-r--r-- 1 root dovecot 5348 2011-09-23 15:11 dovecot-sql.conf.ext -rw-r--r-- 1 root dovecot 116 2011-09-23 15:11 README
########################### /etc/default/saslauthd ########################### -rw-r--r-- 1 root root 2043 2012-02-12 11:57 /etc/default/saslauthd
########################### /var/spool/postfix/var/run/ ########################### drwxr-xr-x 3 root root 4096 2012-02-12 12:35 ./ drwxr-xr-x 3 root root 4096 2012-02-12 12:35 ../ drwxr-xr-x 2 root sasl 4096 2012-02-12 12:35 saslauthd/
I have added postfix to the sasl group (don't know if it was necessary but I found this instruction on a website) /etc/group: sasl:x:45:postfix
/etc/default/saslauthd:
START=yes PWDIR="/var/spool/postfix/var/run/saslauthd" PARAMS="-m ${PWDIR}" PIDFILE="${PWDIR}/saslauthd.pid" DESC="SASL Authentication Daemon" NAME="saslauthd" MECHANISMS="pam" MECH_OPTIONS="" THREADS=5 OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"
mkdir -p /var/spool/postfix/var/run/saslauthd chown -R root.sasl /var/spool/postfix/var/run/saslauthd
Then I have checked saslauth is running after restart:
root@xa-12345:/home/vmail# ps -ef | grep saslauthd root 6123 1 0 13:21 ? 00:00:00 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5 root 6124 6123 0 13:21 ? 00:00:00 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5 root 6125 6123 0 13:21 ? 00:00:00 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5 root 6127 6123 0 13:21 ? 00:00:00 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5 root 6128 6123 0 13:21 ? 00:00:00 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
Then when I check after restarting if saslauthd socket is created I don't see anything (don't know if it's normal) root@xa-12345:/home/vmail# ls -lh /var/spool/postfix/var/run/saslauthd total 0
/etc/postfix/sasl/smtpd.conf:
pwcheck_method: saslauthd
/etc/postfix/main.cf:
myorigin = /etc/mailname smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no append_dot_mydomain = no
# TLS parameters smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
myhostname = mail.foobar.com alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = foobar.com mydestination = xa-12345.dadibox.com, localhost.dadibox.com, localhost relayhost = mynetworks = 127.0.0.0/8 80.190.190.190 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all
#virtual domains virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf virtual_mailbox_base = /home/vmail virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf virtual_uid_maps = static:5000 virtual_gid_maps = static:5000 virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf
# Dovecot LDA virtual_transport = dovecot dovecot_destination_recipient_limit = 1
debug_peer_level = 2 debug_peer_list = 127.0.0.1
smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination smtpd_sasl_application_name = smtpd broken_sasl_auth_clients = yes
/etc/dovecot/conf.d/10-auth.conf:
disable_plaintext_auth = no !include auth-sql.conf.ext !include auth-static.conf.ext
/etc/dovecot/conf.d/auth-static.conf.ext:
userdb { driver = static args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes }
/etc/dovecot/conf.d/auth-sql.conf.ext:
passdb { driver = sql args = /etc/dovecot/dovecot-sql.conf }
/etc/dovecot/dovecot-sql.conf:
driver = mysql connect = host=127.0.0.1 dbname=mailserver user=myuser password=mypassword default_pass_scheme = CRAM-MD5 password_query = SELECT email as user, password FROM view_users WHERE email='%u';
/etc/dovecot/conf.d/10-master.conf:
service imap-login { inet_listener imap {
} inet_listener imaps {
} }
service pop3-login { inet_listener pop3 {
} inet_listener pop3s {
} }
service lmtp { unix_listener lmtp {
}
}
service imap {
}
service pop3 {
}
service auth {
unix_listener auth-userdb { mode = 0600 user = vmail #group = }
# Postfix smtp-auth unix_listener /var/spool/postfix/private/auth { mode = 0777 }
}
service auth-worker {
}
service dict { unix_listener dict { mode = 0600 #user = group = vmail } }