Uncommented the section on userdb that was commented because it was throwing errors. It’s still throwing an error. Specifically this one:

 

Jan 10 15:42:37 shuttle postfix/smtpd[21046]: connect from pvr[192.168.1.103]

Jan 10 15:42:47 shuttle postfix/smtpd[21046]: fatal: no SASL authentication mechanisms

Jan 10 15:42:48 shuttle postfix/master[18850]: warning: process /usr/libexec/postfix/smtpd pid 21046 exit status 1

Jan 10 15:42:48 shuttle postfix/master[18850]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling

 

I’ve combed Google for information on “no SASL authentication mechanism” with no solution. I appear to have things configured correctly (unless IM missing something, which is entirely possible given that I’m really struggling with this).

 

Saslauthd is running:

 

 

# systemctl status saslauthd

● saslauthd.service - SASL authentication daemon.

   Loaded: loaded (/usr/lib/systemd/system/saslauthd.service; enabled; vendor preset: disabled)

   Active: active (running) since Mon 2020-01-06 19:13:37 MST; 3 days ago

Main PID: 29506 (saslauthd)

   Memory: 1.5M

   CGroup: /system.slice/saslauthd.service

           ─29506 /usr/sbin/saslauthd -m /run/saslauthd -a pam

           ─29507 /usr/sbin/saslauthd -m /run/saslauthd -a pam

           ─29508 /usr/sbin/saslauthd -m /run/saslauthd -a pam

           ─29509 /usr/sbin/saslauthd -m /run/saslauthd -a pam

           └─29510 /usr/sbin/saslauthd -m /run/saslauthd -a pam

 

Jan 06 19:13:37 shuttle systemd[1]: Starting SASL authentication daemon....

Jan 06 19:13:37 shuttle saslauthd[29506]:                 : master pid is: 29506

Jan 06 19:13:37 shuttle systemd[1]: Started SASL authentication daemon..

Jan 06 19:13:37 shuttle saslauthd[29506]:                 : listening on socket: /run/saslauthd/mux

 

 

Dovecot and Postfix are running starting and running okay. /var/spool/postfix/private/auth is present and seems to be correct.

 

Here are my current configs on those items:

 

# postconf -n

command_directory = /usr/sbin

compatibility_level = 2

daemon_directory = /usr/libexec/postfix

data_directory = /var/lib/postfix

html_directory = /usr/share/doc/postfix/html

inet_interfaces = shuttle

inet_protocols = all

lmtp-filter_destination_concurrency_limit = 2

lmtp_sasl_mechanism_filter = plain

mail_owner = postfix

mailbox_transport = dovecot:shuttle:lmtp

mailq_path = /usr/bin/mailq

manpage_directory = /usr/share/man

meta_directory = /etc/postfix

mydestination = mynetworks

myhostname = shuttle

mynetworks = 192.168.1.0/24, 127.0.0.0/8

mynetworks_style = subnet

myorigin = shuttle

newaliases_path = /usr/bin/newaliases

queue_directory = /var/spool/postfix

readme_directory = /usr/share/doc/postfix/README_FILES

sendmail_path = /usr/sbin/sendmail.postfix

setgid_group = postdrop

shlib_directory = /usr/lib64

smtp-filter_destination_concurrency_limit = 2

smtp_bind_address = 192.168.1.105

smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt

smtp_tls_security_level = may

smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) (Mageia Linux)

smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination

smtpd_sasl_auth_enable = yes

smtpd_sasl_authenticated_header = yes

smtpd_sasl_local_domain = $myhostname

smtpd_sasl_path = private/auth

smtpd_sasl_type = dovecot

smtpd_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt

smtpd_tls_cert_file = /etc/pki/tls/certs/adams-lan.mail.pem

smtpd_tls_key_file = /etc/pki/tls/private/adams-lan.mail.key

smtpd_use_tls = yes

unknown_local_recipient_reject_code = 450

virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf

virtual_mailbox_base = /var/spool/mail/vhosts

virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf

virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf

virtual_transport = dovecot

postconf: warning: /etc/postfix/master.cf: unused parameter: flags=

 

 

 

# dovecot -n

# 2.3.7.2 (3c910f64b): /etc/dovecot/dovecot.conf

# OS: Linux 5.4.6-desktop-2.mga7 x86_64 Mageia 7

# Hostname: shuttle

auth_debug_passwords = yes

auth_mechanisms = plain login cram-md5

auth_username_format = %Ln

disable_plaintext_auth = no

first_valid_uid = 0

last_valid_uid = 10001

mail_gid = 10001

mail_location = mbox:~/mail:INBOX=/var/mail/%u

mail_privileged_group = mail

mail_uid = 10001

namespace inbox {

  inbox = yes

  location =

  mailbox Drafts {

    special_use = \Drafts

  }

  mailbox Junk {

    special_use = \Junk

  }

  mailbox Sent {

    special_use = \Sent

  }

  mailbox "Sent Messages" {

    special_use = \Sent

  }

  mailbox Trash {

    special_use = \Trash

  }

  prefix =

}

passdb {

  driver = sql

}

passdb {

  args = %s

  driver = pam

}

plugin {

  sieve = file:~/sieve;active=~/.dovecot.sieve

}

service anvil {

  unix_listener anvil {

    group = mail

    mode = 0666

  }

}

service auth-worker {

  user = vmail

}

service auth {

  unix_listener /var/spool/postfix/private/auth {

    group = postfix

    mode = 0666

    user = postfix

  }

  unix_listener auth-userdb {

    group =

    mode = 0666

    user = $default_internal_user

 }

  user = dovecot

}

service imap-login {

  inet_listener imap {

    port = 143

  }

}

service lmtp {

  unix_listener /var/spool/postfix/private/dovecot-lmtp {

    group = postfix

    mode = 0600

    user = postfix

  }

}

service pop3-login {

  inet_listener pop3s {

    port = 995

    ssl = yes

  }

}

service stats {

  unix_listener stats-reader {

    group = mail

    mode = 0666

  }

  unix_listener stats-writer {

    group = mail

    mode = 0666

  }

}

ssl = required

ssl_cert = </etc/pki/tls/certs/fullchain.cer

ssl_dh = # hidden, use -P to show it

ssl_key = # hidden, use -P to show it

userdb {

  driver = passwd

}

protocol lmtp {

  hostname = shuttle

  postmaster_address = postmaster@shuttle

 

 

 

I just need this stuff to move mail on my LAN as it did for years prior to this upgrade. I’m perfectly willing to blow this config away and reinstall from scratch, which I’ve done twice already. I’ve been through at least 4 tutorials on the web and nothing has led to my getting this thing working. Despite all that I’ve learned about Postfix + Dovecot + Mysql, I am still not smart enough to figure this out.

 

I’m still looking for help and/or options.  I’m also wondering if it might not be a good idea to ditch the configs in /etc/dovecot/conf.d (by commenting out “!include conf.d/*.conf” in dovecot.conf). I’m just looking to move mail on my LAN. This should be simple, no?

 

Thanks again.

 

Mark

 

 

 

From: Alexander Dalloz
Sent: Friday, January 10, 2020 11:34 AM
To: Mark ADAMS
Subject: Re: Unable to authenticate on Dovecot - auth-userdb issue?

 

Mark,

first of all: please take care to whom you reply. Do not communicate
directly with my list mail address. Please keep the discussion on the
dovecot list. Thanks.


Am 09.01.2020 um 18:29 schrieb Mark ADAMS:
> At this point, passdb does not support lookups according to the log. Is there something else I should be looking at?
>
> I’ve worked on this and seem to be making little progress. A sample transaction log looks like this:
>
>
> Jan 09 10:22:32 shuttle dovecot[26851]: master: Warning: SIGHUP received - reloading configuration
> Jan 09 10:23:04 shuttle postfix/smtpd[5448]: connect from pvr[192.168.1.103]
> Jan 09 10:23:04 shuttle dovecot[5432]: auth: Debug: Loading modules from directory: /usr/lib64/dovecot/modules/auth
> Jan 09 10:23:04 shuttle dovecot[5432]: auth: Debug: Module loaded: /usr/lib64/dovecot/modules/auth/lib20_auth_var_expand_crypt.so
> Jan 09 10:23:04 shuttle dovecot[5432]: auth: Debug: Read auth token secret from /run/dovecot/auth-token-secret.dat
> Jan 09 10:23:04 shuttle dovecot[5432]: auth: Debug: auth client connected (pid=0)
> Jan 09 10:23:20 shuttle postfix/smtpd[5448]: 0C6BF4A6302: client=pvr[192.168.1.103]
> Jan 09 10:23:30 shuttle postfix/cleanup[5459]: 0C6BF4A6302: message-id=<>
> Jan 09 10:23:30 shuttle postfix/qmgr[1385]: 0C6BF4A6302: from=<madams@pvr>, size=180, nrcpt=1 (queue active)
> Jan 09 10:23:30 shuttle dovecot[5432]: auth: Debug: master in: USER        1        root@shuttle        service=lda
> Jan 09 10:23:30 shuttle dovecot[5432]: auth: Debug: static(root): Performing userdb lookup
> Jan 09 10:23:30 shuttle dovecot[5432]: auth: Debug: pam(root): Performing passdb lookup
> Jan 09 10:23:30 shuttle dovecot[5432]: auth: Debug: pam(root): passdb doesn't support credential lookups
> Jan 09 10:23:30 shuttle dovecot[5432]: auth: Debug: pam(root): Finished passdb lookup
> Jan 09 10:23:30 shuttle dovecot[5432]: auth: Error: static(root): passdb doesn't support lookups, can't verify user's existence
> Jan 09 10:23:30 shuttle dovecot[5432]: auth: Debug: static(root): Finished userdb lookup
> Jan 09 10:23:30 shuttle dovecot[5432]: auth: Debug: userdb out: FAIL        1
> Jan 09 10:23:30 shuttle dovecot[5466]: lda(root@shuttle)<5466><>: Error: auth-master: userdb lookup(root@shuttle): Auth USER lookup failed
> Jan 09 10:23:30 shuttle dovecot[5466]: lda: Fatal: Internal error occurred. Refer to server log for more information.
> Jan 09 10:23:30 shuttle postfix/pipe[5465]: 0C6BF4A6302: to=<root@shuttle>, relay=dovecot, delay=17, delays=17/0.01/0/0.06, dsn=4.3.0, status=deferred (tempora>
> Jan 09 10:23:31 shuttle sshd[5468]: Connection closed by 192.168.1.100 port 48324 [preauth]
> Jan 09 10:23:31 shuttle postfix/smtpd[5448]: disconnect from pvr[192.168.1.103] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
>
>
> My current dovecot configuration looks like this:
>
> # 2.3.7.2 (3c910f64b): /etc/dovecot/dovecot.conf
> # OS: Linux 5.4.6-desktop-2.mga7 x86_64 Mageia 7
> # Hostname: shuttle
> auth_debug_passwords = yes
> auth_username_format = %Ln
> disable_plaintext_auth = no
> first_valid_uid = 0
> last_valid_uid = 10001
> mail_gid = 10001
> mail_location = mbox:~/mail:INBOX=/var/mail/%u
> mail_privileged_group = mail
> mail_uid = 10001
> namespace inbox {
>    inbox = yes
>    location =
>    mailbox Drafts {
>      special_use = \Drafts
>    }
>    mailbox Junk {
>      special_use = \Junk
>    }
>    mailbox Sent {
>      special_use = \Sent
>    }
>    mailbox "Sent Messages" {
>      special_use = \Sent
>    }
>    mailbox Trash {
>      special_use = \Trash
>    }
>    prefix =
> }
> passdb {
>    args = %s
>    driver = pam
> }
> plugin {
>    sieve = file:~/sieve;active=~/.dovecot.sieve
> }
> service anvil {
>    unix_listener anvil {
>      group = mail
>      mode = 0666
>    }
> }
> service auth-worker {
>    user = vmail
> }
> service auth {
>    unix_listener /var/spool/postfix/private/auth {
>      group = postfix
>      mode = 0666
>      user = postfix
>    }
>    unix_listener auth-userdb {
>      group =
>      mode = 0666
>      user = $default_internal_user
>    }
>    user = dovecot
> }
> service imap-login {
>    inet_listener imap {
>      port = 143
>    }
> }
> service lmtp {
>    unix_listener /var/spool/postfix/private/dovecot-lmtp {
>      group = postfix
>      mode = 0600
>      user = postfix
>    }
> }
> service pop3-login {
>    inet_listener pop3s {
>      port = 995
>      ssl = yes
>    }
> }
> service stats {
>    unix_listener stats-reader {
>      group = mail
>      mode = 0666
>    }
>    unix_listener stats-writer {
>      group = mail
>      mode = 0666
>    }
> }
> ssl = required
> ssl_cert = </etc/pki/tls/certs/fullchain.cer
> ssl_dh = # hidden, use -P to show it
> ssl_key = # hidden, use -P to show it
> protocol lmtp {
>    hostname = shuttle
>    postmaster_address = postmaster@shuttle
> }
>
>
> As always I appreciate the help and any assistance is appreciated.
>
> Mark

According to your "doveconf -n" output you have no userdb defined. Just
do that.

https://doc.dovecot.org/configuration_manual/authentication/user_databases_userdb/

Maybe this one fits your current system setup

https://doc.dovecot.org/configuration_manual/authentication/passwd/#authentication-passwd

Alexander



> From: Alexander Dalloz<mailto:ad+lists@uni-x.org>
> Sent: Friday, January 3, 2020 5:26 AM
> To: dovecot@dovecot.org<mailto:dovecot@dovecot.org>
> Subject: Re: Unable to authenticate on Dovecot - auth-userdb issue?
>
> Am 03.01.2020 um 03:27 schrieb Mark ADAMS:
>> Jan 02 18:47:37 shuttle dovecot[6744]: lda(root@shuttle)<6744><>: Error: auth-master: userdb lookup(root@shuttle): connect(/run/dovecot/auth-userdb) failed: Permission denied (euid=8(mail) egid=12(mail) missing +r perm: /run/dovecot/auth-userdb, dir owned by 0:0 mode=0755)
>
> Run "namei -lv /run/dovecot/auth-userdb" to check the permissions of the
> complete path. The auth-userdb socket actually is owned mail:mail
> according to your error logging. Is dovecot member of the mail group?
>
> Actually it does not match the config details you have pasted:
>
>     unix_listener auth-userdb {
>       group = dovecot
>       mode = 0600
>       user = vmail
>     }
>
> On my side it looks like this and I have not custom configured that
> part. The defaults are:
>
>     unix_listener auth-userdb {
>       group =
>       mode = 0666
>       user = $default_internal_user
>     }
>
> So on my system the permissions look like this:
>
> # namei -lv /var/run/dovecot/auth-userdb
> f: /var/run/dovecot/auth-userdb
> dr-xr-xr-x root    root    /
> drwxr-xr-x root    root    var
> drwxr-xr-x root    root    run
> drwxr-xr-x root    dovecot dovecot
> srw-rw-rw- dovecot root    auth-userdb
>
>> Jan 02 18:47:37 shuttle dovecot[6744]: lda: Fatal: Internal error occurred. Refer to server log for more information.
>> Jan 02 18:47:37 shuttle postfix/pipe[6743]: 6345D4A4A97: to=<root@shuttle>, relay=dovecot, delay=1.1, delays=1.1/0.01/0/0.06, dsn=4.3.0, status=deferred (temporary failure. Command output: lda(root@shuttle): Error: net_connect_unix(/run/dovecot/stats-writer) failed: Permission denied )
>> ^C
>>
>>
>>
>> Note: this error references "/run/dovecot/auth-userdb". That isn't even supposed to be the location of that file. I have no idea why that location shows up.  The correct location should be "/etc/dovecot/auth-userdb". The file does exist at that location.
>
> Mark,
>
> I have no idea why you expect the dovecot sockets to be located inside
> /etc/dovecot/. /etc is the FHS location for configurations. /run or
> /var/run (typically a symlink on modern linux distributions) is the
> right location for runtime files like service sockets.
>
> You say /etc/dovecot/auth-userdb exists. Am I correct to guess that you
> have created that manually with whatever content?
>
> Alexander
>
>