[Dovecot] Lost in configuration
Hi,
I am trying to configure dovecot/postfix with virtual users and sasl auth but there are so many tutorials with mistakes and subtle differences that at the end I am lost. So I am running Ubuntu server 11.04 (natty) and when I installed my server I had followed the following guide http://workaround.org/ispmail/etch
Then I have migrated to dovecot 2.1 and now I am trying to allow authenticated user to use my smtp server because for the moment I get : Relay access denied
Here is my configuration (first is file hierarchy followed by file contents) and I would like to know what I need to do to allow authenticated user send email. In this tutorial http://library.linode.com/email/postfix/dovecot-mysql-ubuntu-10.04-lucid#sph... it seems I have to add some configuration lines inside /etc/pam.d/smtp and add database configuration inside /etc/postfix/sasl/smtpd.conf. But what I find weird is the fact I have to configure some sql queries from smtpd.conf while normally dovecot has already all the information to do this kind of query. So before to keep on modifying my config I would like to be sure I am following the right way.
Thanks
########################### /etc/postfix ########################### drwxr-xr-x 3 root root 4096 2012-02-12 13:33 ./ drwxr-xr-x 116 root root 4096 2012-02-12 13:21 ../ -rw-r--r-- 1 root root 373 2011-07-24 11:50 dynamicmaps.cf -rw-r--r-- 1 root root 1928 2012-02-12 12:45 main.cf -rw-r--r-- 1 root root 5762 2011-08-03 22:06 master.cf -rw-rw---- 1 root postfix 140 2011-07-24 11:43 mysql-virtual-alias-maps.cf -rw-rw---- 1 root postfix 132 2011-07-24 11:47 mysql-virtual-mailbox-domains.cf -rw-rw---- 1 root postfix 128 2011-07-24 11:47 mysql-virtual-mailbox-maps.cf -rw-r--r-- 1 root root 19509 2011-04-05 06:07 postfix-files -rwxr-xr-x 1 root root 8729 2011-04-05 06:07 postfix-script* -rwxr-xr-x 1 root root 25752 2011-04-05 06:07 post-install* drwxr-xr-x 2 root root 4096 2012-02-12 12:41 sasl/
root@xa-12345:/etc/postfix# ll sasl/ drwxr-xr-x 2 root root 4096 2012-02-12 12:41 ./ drwxr-xr-x 3 root root 4096 2012-02-12 13:33 ../ -rw-r--r-- 1 root root 26 2012-02-12 12:41 smtpd.conf
########################### /etc/dovecot ########################### drwxr-xr-x 3 root root 4096 2011-09-24 11:42 ./ drwxr-xr-x 116 root root 4096 2012-02-12 13:21 ../ drwxr-xr-x 2 root dovecot 4096 2012-02-12 12:03 conf.d/ -rw-r--r-- 1 root dovecot 3693 2011-09-23 15:11 dovecot.conf -rw-r--r-- 1 root dovecot 410 2011-09-23 15:11 dovecot-db.conf.ext -rw-r--r-- 1 root dovecot 782 2011-09-23 15:11 dovecot-dict-sql.conf.ext -rw-r--r-- 1 root dovecot 5508 2011-09-23 15:38 dovecot-sql.conf -rw-r--r-- 1 root dovecot 5348 2011-09-23 15:11 dovecot-sql.conf.ext -rw-r--r-- 1 root dovecot 116 2011-09-23 15:11 README
########################### /etc/default/saslauthd ########################### -rw-r--r-- 1 root root 2043 2012-02-12 11:57 /etc/default/saslauthd
########################### /var/spool/postfix/var/run/ ########################### drwxr-xr-x 3 root root 4096 2012-02-12 12:35 ./ drwxr-xr-x 3 root root 4096 2012-02-12 12:35 ../ drwxr-xr-x 2 root sasl 4096 2012-02-12 12:35 saslauthd/
I have added postfix to the sasl group (don't know if it was necessary but I found this instruction on a website) /etc/group: sasl:x:45:postfix
/etc/default/saslauthd:
START=yes PWDIR="/var/spool/postfix/var/run/saslauthd" PARAMS="-m ${PWDIR}" PIDFILE="${PWDIR}/saslauthd.pid" DESC="SASL Authentication Daemon" NAME="saslauthd" MECHANISMS="pam" MECH_OPTIONS="" THREADS=5 OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"
mkdir -p /var/spool/postfix/var/run/saslauthd chown -R root.sasl /var/spool/postfix/var/run/saslauthd
Then I have checked saslauth is running after restart:
root@xa-12345:/home/vmail# ps -ef | grep saslauthd root 6123 1 0 13:21 ? 00:00:00 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5 root 6124 6123 0 13:21 ? 00:00:00 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5 root 6125 6123 0 13:21 ? 00:00:00 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5 root 6127 6123 0 13:21 ? 00:00:00 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5 root 6128 6123 0 13:21 ? 00:00:00 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
Then when I check after restarting if saslauthd socket is created I don't see anything (don't know if it's normal) root@xa-12345:/home/vmail# ls -lh /var/spool/postfix/var/run/saslauthd total 0
/etc/postfix/sasl/smtpd.conf:
pwcheck_method: saslauthd
/etc/postfix/main.cf:
myorigin = /etc/mailname smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no append_dot_mydomain = no
TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
myhostname = mail.foobar.com alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = foobar.com mydestination = xa-12345.dadibox.com, localhost.dadibox.com, localhost relayhost = mynetworks = 127.0.0.0/8 80.190.190.190 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all
#virtual domains virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf virtual_mailbox_base = /home/vmail virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf virtual_uid_maps = static:5000 virtual_gid_maps = static:5000 virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf
Dovecot LDA
virtual_transport = dovecot dovecot_destination_recipient_limit = 1
debug_peer_level = 2 debug_peer_list = 127.0.0.1
smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination smtpd_sasl_application_name = smtpd broken_sasl_auth_clients = yes
/etc/dovecot/conf.d/10-auth.conf:
disable_plaintext_auth = no !include auth-sql.conf.ext !include auth-static.conf.ext
/etc/dovecot/conf.d/auth-static.conf.ext:
userdb { driver = static args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes }
/etc/dovecot/conf.d/auth-sql.conf.ext:
passdb { driver = sql args = /etc/dovecot/dovecot-sql.conf }
/etc/dovecot/dovecot-sql.conf:
driver = mysql connect = host=127.0.0.1 dbname=mailserver user=myuser password=mypassword default_pass_scheme = CRAM-MD5 password_query = SELECT email as user, password FROM view_users WHERE email='%u';
/etc/dovecot/conf.d/10-master.conf:
service imap-login { inet_listener imap {
} inet_listener imaps {
} }
service pop3-login { inet_listener pop3 {
} inet_listener pop3s {
} }
service lmtp { unix_listener lmtp {
}
}
service imap {
}
service pop3 {
}
service auth {
unix_listener auth-userdb { mode = 0600 user = vmail #group = }
Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth { mode = 0777 }
}
service auth-worker {
}
service dict { unix_listener dict { mode = 0600 #user = group = vmail } }
IN my previous email ignore the information about the missing socket because it's actually created -rw------- 1 root root 5 2012-02-12 15:28 saslauthd.pid
On Sun, Feb 12, 2012 at 02:52:54PM +0100, forumer@smartmobili.com wrote:
All the more reason to stick to each project's official documentation. The sad reality is that most such tutorials you will find are written by people who should not be writing documentation.
One of the better ones; I know the author, and he is reasonably competent. But are you sure you need and "ISP-style" mail server? Perhaps something simpler makes sense to begin with.
http://www.postfix.org/BASIC_CONFIGURATION_README.html
A Postfix issue, or possibly somewhat on topic here if you are using Dovecot SASL. You do not seem to know whether you are or not. This might be because you are mixing and confusing different tutorials without understanding what they are doing and why.
http://www.postfix.org/SASL_README.html#server_dovecot http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL
In this tutorial http://library.linode.com/email/postfix/dovecot-mysql-ubuntu-10.04-lucid#sph...
I have not reviewed this one, but the anchor title is patently absurd. If you are using Postfix and Dovecot, there is NEVER any reason to use Cyrus SASL's saslauthd. Consider that one useless.
The rest of this is not worth answering. You went off on a Cyrus tangent which is pointless (and never on topic for this list!) Start over with a better understanding of what you need.
http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
participants (2)
-
/dev/rob0
-
forumer@smartmobili.com