Uncommented the section on userdb that was commented because it was throwing errors. It’s still throwing an error. Specifically this one:

Jan 10 15:42:37 shuttle postfix/smtpd[21046]: connect from pvr[192.168.1.103] Jan 10 15:42:47 shuttle postfix/smtpd[21046]: fatal: no SASL authentication mechanisms Jan 10 15:42:48 shuttle postfix/master[18850]: warning: process /usr/libexec/postfix/smtpd pid 21046 exit status 1 Jan 10 15:42:48 shuttle postfix/master[18850]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling

I’ve combed Google for information on “no SASL authentication mechanism” with no solution. I appear to have things configured correctly (unless IM missing something, which is entirely possible given that I’m really struggling with this).

Saslauthd is running:

systemctl status saslauthd

● saslauthd.service - SASL authentication daemon. Loaded: loaded (/usr/lib/systemd/system/saslauthd.service; enabled; vendor preset: disabled) Active: active (running) since Mon 2020-01-06 19:13:37 MST; 3 days ago Main PID: 29506 (saslauthd) Memory: 1.5M CGroup: /system.slice/saslauthd.service ├─29506 /usr/sbin/saslauthd -m /run/saslauthd -a pam ├─29507 /usr/sbin/saslauthd -m /run/saslauthd -a pam ├─29508 /usr/sbin/saslauthd -m /run/saslauthd -a pam ├─29509 /usr/sbin/saslauthd -m /run/saslauthd -a pam └─29510 /usr/sbin/saslauthd -m /run/saslauthd -a pam

Jan 06 19:13:37 shuttle systemd[1]: Starting SASL authentication daemon.... Jan 06 19:13:37 shuttle saslauthd[29506]: : master pid is: 29506 Jan 06 19:13:37 shuttle systemd[1]: Started SASL authentication daemon.. Jan 06 19:13:37 shuttle saslauthd[29506]: : listening on socket: /run/saslauthd/mux

Dovecot and Postfix are running starting and running okay. /var/spool/postfix/private/auth is present and seems to be correct.

Here are my current configs on those items:

postconf -n

command_directory = /usr/sbin compatibility_level = 2 daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix html_directory = /usr/share/doc/postfix/html inet_interfaces = shuttle inet_protocols = all lmtp-filter_destination_concurrency_limit = 2 lmtp_sasl_mechanism_filter = plain mail_owner = postfix mailbox_transport = dovecot:shuttle:lmtp mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man meta_directory = /etc/postfix mydestination = mynetworks myhostname = shuttle mynetworks = 192.168.1.0/24, 127.0.0.0/8 mynetworks_style = subnet myorigin = shuttle newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix/README_FILES sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop shlib_directory = /usr/lib64 smtp-filter_destination_concurrency_limit = 2 smtp_bind_address = 192.168.1.105 smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt smtp_tls_security_level = may smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) (Mageia Linux) smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt smtpd_tls_cert_file = /etc/pki/tls/certs/adams-lan.mail.pem smtpd_tls_key_file = /etc/pki/tls/private/adams-lan.mail.key smtpd_use_tls = yes unknown_local_recipient_reject_code = 450 virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf virtual_mailbox_base = /var/spool/mail/vhosts virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf virtual_transport = dovecot postconf: warning: /etc/postfix/master.cf: unused parameter: flags=

dovecot -n

2.3.7.2 (3c910f64b): /etc/dovecot/dovecot.conf

OS: Linux 5.4.6-desktop-2.mga7 x86_64 Mageia 7

Hostname: shuttle

auth_debug_passwords = yes auth_mechanisms = plain login cram-md5 auth_username_format = %Ln disable_plaintext_auth = no first_valid_uid = 0 last_valid_uid = 10001 mail_gid = 10001 mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_privileged_group = mail mail_uid = 10001 namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = sql } passdb { args = %s driver = pam } plugin { sieve = file:~/sieve;active=~/.dovecot.sieve } service anvil { unix_listener anvil { group = mail mode = 0666 } } service auth-worker { user = vmail } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { group = mode = 0666 user = $default_internal_user } user = dovecot } service imap-login { inet_listener imap { port = 143 } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } service pop3-login { inet_listener pop3s { port = 995 ssl = yes } } service stats { unix_listener stats-reader { group = mail mode = 0666 } unix_listener stats-writer { group = mail mode = 0666 } } ssl = required ssl_cert = </etc/pki/tls/certs/fullchain.cer ssl_dh = # hidden, use -P to show it ssl_key = # hidden, use -P to show it userdb { driver = passwd } protocol lmtp { hostname = shuttle postmaster_address = postmaster@shuttle

I just need this stuff to move mail on my LAN as it did for years prior to this upgrade. I’m perfectly willing to blow this config away and reinstall from scratch, which I’ve done twice already. I’ve been through at least 4 tutorials on the web and nothing has led to my getting this thing working. Despite all that I’ve learned about Postfix + Dovecot + Mysql, I am still not smart enough to figure this out.

I’m still looking for help and/or options. I’m also wondering if it might not be a good idea to ditch the configs in /etc/dovecot/conf.d (by commenting out “!include conf.d/*.conf” in dovecot.conf). I’m just looking to move mail on my LAN. This should be simple, no?

Thanks again.

Mark

From: Alexander Dalloz<mailto:ad+lists@uni-x.org> Sent: Friday, January 10, 2020 11:34 AM To: Mark ADAMS<mailto:madams9@msn.com> Subject: Re: Unable to authenticate on Dovecot - auth-userdb issue?

Mark,

first of all: please take care to whom you reply. Do not communicate directly with my list mail address. Please keep the discussion on the dovecot list. Thanks.

Am 09.01.2020 um 18:29 schrieb Mark ADAMS:

At this point, passdb does not support lookups according to the log. Is there something else I should be looking at?

I’ve worked on this and seem to be making little progress. A sample transaction log looks like this:

Jan 09 10:22:32 shuttle dovecot[26851]: master: Warning: SIGHUP received - reloading configuration Jan 09 10:23:04 shuttle postfix/smtpd[5448]: connect from pvr[192.168.1.103] Jan 09 10:23:04 shuttle dovecot[5432]: auth: Debug: Loading modules from directory: /usr/lib64/dovecot/modules/auth Jan 09 10:23:04 shuttle dovecot[5432]: auth: Debug: Module loaded: /usr/lib64/dovecot/modules/auth/lib20_auth_var_expand_crypt.so Jan 09 10:23:04 shuttle dovecot[5432]: auth: Debug: Read auth token secret from /run/dovecot/auth-token-secret.dat Jan 09 10:23:04 shuttle dovecot[5432]: auth: Debug: auth client connected (pid=0) Jan 09 10:23:20 shuttle postfix/smtpd[5448]: 0C6BF4A6302: client=pvr[192.168.1.103] Jan 09 10:23:30 shuttle postfix/cleanup[5459]: 0C6BF4A6302: message-id=<> Jan 09 10:23:30 shuttle postfix/qmgr[1385]: 0C6BF4A6302: from=<madams@pvr>, size=180, nrcpt=1 (queue active) Jan 09 10:23:30 shuttle dovecot[5432]: auth: Debug: master in: USER 1 root@shuttle service=lda Jan 09 10:23:30 shuttle dovecot[5432]: auth: Debug: static(root): Performing userdb lookup Jan 09 10:23:30 shuttle dovecot[5432]: auth: Debug: pam(root): Performing passdb lookup Jan 09 10:23:30 shuttle dovecot[5432]: auth: Debug: pam(root): passdb doesn't support credential lookups Jan 09 10:23:30 shuttle dovecot[5432]: auth: Debug: pam(root): Finished passdb lookup Jan 09 10:23:30 shuttle dovecot[5432]: auth: Error: static(root): passdb doesn't support lookups, can't verify user's existence Jan 09 10:23:30 shuttle dovecot[5432]: auth: Debug: static(root): Finished userdb lookup Jan 09 10:23:30 shuttle dovecot[5432]: auth: Debug: userdb out: FAIL 1 Jan 09 10:23:30 shuttle dovecot[5466]: lda(root@shuttle)<5466><>: Error: auth-master: userdb lookup(root@shuttle): Auth USER lookup failed Jan 09 10:23:30 shuttle dovecot[5466]: lda: Fatal: Internal error occurred. Refer to server log for more information. Jan 09 10:23:30 shuttle postfix/pipe[5465]: 0C6BF4A6302: to=<root@shuttle>, relay=dovecot, delay=17, delays=17/0.01/0/0.06, dsn=4.3.0, status=deferred (tempora> Jan 09 10:23:31 shuttle sshd[5468]: Connection closed by 192.168.1.100 port 48324 [preauth] Jan 09 10:23:31 shuttle postfix/smtpd[5448]: disconnect from pvr[192.168.1.103] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5

My current dovecot configuration looks like this:

2.3.7.2 (3c910f64b): /etc/dovecot/dovecot.conf

OS: Linux 5.4.6-desktop-2.mga7 x86_64 Mageia 7

Hostname: shuttle

auth_debug_passwords = yes auth_username_format = %Ln disable_plaintext_auth = no first_valid_uid = 0 last_valid_uid = 10001 mail_gid = 10001 mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_privileged_group = mail mail_uid = 10001 namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = %s driver = pam } plugin { sieve = file:~/sieve;active=~/.dovecot.sieve } service anvil { unix_listener anvil { group = mail mode = 0666 } } service auth-worker { user = vmail } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { group = mode = 0666 user = $default_internal_user } user = dovecot } service imap-login { inet_listener imap { port = 143 } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } service pop3-login { inet_listener pop3s { port = 995 ssl = yes } } service stats { unix_listener stats-reader { group = mail mode = 0666 } unix_listener stats-writer { group = mail mode = 0666 } } ssl = required ssl_cert = </etc/pki/tls/certs/fullchain.cer ssl_dh = # hidden, use -P to show it ssl_key = # hidden, use -P to show it protocol lmtp { hostname = shuttle postmaster_address = postmaster@shuttle }

As always I appreciate the help and any assistance is appreciated.

Mark

According to your "doveconf -n" output you have no userdb defined. Just do that.

https://doc.dovecot.org/configuration_manual/authentication/user_databases_u...

Maybe this one fits your current system setup

https://doc.dovecot.org/configuration_manual/authentication/passwd/#authenti...

Alexander

From: Alexander Dalloz<mailto:ad+lists@uni-x.org> Sent: Friday, January 3, 2020 5:26 AM To: dovecot@dovecot.org<mailto:dovecot@dovecot.org> Subject: Re: Unable to authenticate on Dovecot - auth-userdb issue?

Am 03.01.2020 um 03:27 schrieb Mark ADAMS:

...

Jan 02 18:47:37 shuttle dovecot[6744]: lda(root@shuttle)<6744><>: Error: auth-master: userdb lookup(root@shuttle): connect(/run/dovecot/auth-userdb) failed: Permission denied (euid=8(mail) egid=12(mail) missing +r perm: /run/dovecot/auth-userdb, dir owned by 0:0 mode=0755)

Run "namei -lv /run/dovecot/auth-userdb" to check the permissions of the complete path. The auth-userdb socket actually is owned mail:mail according to your error logging. Is dovecot member of the mail group?

Actually it does not match the config details you have pasted:

unix_listener auth-userdb {
  group = dovecot
  mode = 0600
  user = vmail
}

On my side it looks like this and I have not custom configured that part. The defaults are:

unix_listener auth-userdb {
  group =
  mode = 0666
  user = $default_internal_user
}

So on my system the permissions look like this:

namei -lv /var/run/dovecot/auth-userdb

f: /var/run/dovecot/auth-userdb dr-xr-xr-x root root / drwxr-xr-x root root var drwxr-xr-x root root run drwxr-xr-x root dovecot dovecot srw-rw-rw- dovecot root auth-userdb

...

Jan 02 18:47:37 shuttle dovecot[6744]: lda: Fatal: Internal error occurred. Refer to server log for more information. Jan 02 18:47:37 shuttle postfix/pipe[6743]: 6345D4A4A97: to=<root@shuttle>, relay=dovecot, delay=1.1, delays=1.1/0.01/0/0.06, dsn=4.3.0, status=deferred (temporary failure. Command output: lda(root@shuttle): Error: net_connect_unix(/run/dovecot/stats-writer) failed: Permission denied ) ^C

Note: this error references "/run/dovecot/auth-userdb". That isn't even supposed to be the location of that file. I have no idea why that location shows up. The correct location should be "/etc/dovecot/auth-userdb". The file does exist at that location.

Mark,

I have no idea why you expect the dovecot sockets to be located inside /etc/dovecot/. /etc is the FHS location for configurations. /run or /var/run (typically a symlink on modern linux distributions) is the right location for runtime files like service sockets.

You say /etc/dovecot/auth-userdb exists. Am I correct to guess that you have created that manually with whatever content?

Alexander