[Dovecot] Lost in configuration

forumer at smartmobili.com forumer at smartmobili.com
Sun Feb 12 15:52:54 EET 2012 

Hi,

I am trying to configure dovecot/postfix with virtual users and sasl 
auth but there are so many tutorials
with mistakes and subtle differences that at the end I am lost.
So I am running Ubuntu server 11.04 (natty) and when I installed my 
server I had followed
the following guide http://workaround.org/ispmail/etch

Then I have migrated to dovecot 2.1 and now I am trying to allow 
authenticated user to use my smtp server because
for the moment I get : Relay access denied

Here is my configuration (first is file hierarchy followed by file 
contents) and I would like to know
what I need to do to allow authenticated user send email.
In this tutorial 
http://library.linode.com/email/postfix/dovecot-mysql-ubuntu-10.04-lucid#sph_configure-saslauthd-to-use-mysql
it seems I have to add some configuration lines inside /etc/pam.d/smtp 
and add database configuration inside /etc/postfix/sasl/smtpd.conf.
But what I find weird is the fact I have to configure some sql queries 
from smtpd.conf while normally dovecot has already all the information
to do this kind of query.
So before to keep on modifying my config I would like to be sure I am 
following the right way.

Thanks


###########################
/etc/postfix
###########################
drwxr-xr-x   3 root root     4096 2012-02-12 13:33 ./
drwxr-xr-x 116 root root     4096 2012-02-12 13:21 ../
-rw-r--r--   1 root root      373 2011-07-24 11:50 dynamicmaps.cf
-rw-r--r--   1 root root     1928 2012-02-12 12:45 main.cf
-rw-r--r--   1 root root     5762 2011-08-03 22:06 master.cf
-rw-rw----   1 root postfix   140 2011-07-24 11:43 
mysql-virtual-alias-maps.cf
-rw-rw----   1 root postfix   132 2011-07-24 11:47 
mysql-virtual-mailbox-domains.cf
-rw-rw----   1 root postfix   128 2011-07-24 11:47 
mysql-virtual-mailbox-maps.cf
-rw-r--r--   1 root root    19509 2011-04-05 06:07 postfix-files
-rwxr-xr-x   1 root root     8729 2011-04-05 06:07 postfix-script*
-rwxr-xr-x   1 root root    25752 2011-04-05 06:07 post-install*
drwxr-xr-x   2 root root     4096 2012-02-12 12:41 sasl/

root at xa-12345:/etc/postfix# ll sasl/
drwxr-xr-x 2 root root 4096 2012-02-12 12:41 ./
drwxr-xr-x 3 root root 4096 2012-02-12 13:33 ../
-rw-r--r-- 1 root root   26 2012-02-12 12:41 smtpd.conf

###########################
/etc/dovecot
###########################
drwxr-xr-x   3 root root    4096 2011-09-24 11:42 ./
drwxr-xr-x 116 root root    4096 2012-02-12 13:21 ../
drwxr-xr-x   2 root dovecot 4096 2012-02-12 12:03 conf.d/
-rw-r--r--   1 root dovecot 3693 2011-09-23 15:11 dovecot.conf
-rw-r--r--   1 root dovecot  410 2011-09-23 15:11 dovecot-db.conf.ext
-rw-r--r--   1 root dovecot  782 2011-09-23 15:11 
dovecot-dict-sql.conf.ext
-rw-r--r--   1 root dovecot 5508 2011-09-23 15:38 dovecot-sql.conf
-rw-r--r--   1 root dovecot 5348 2011-09-23 15:11 dovecot-sql.conf.ext
-rw-r--r--   1 root dovecot  116 2011-09-23 15:11 README

###########################
/etc/default/saslauthd
###########################
-rw-r--r-- 1 root root 2043 2012-02-12 11:57 /etc/default/saslauthd

###########################
/var/spool/postfix/var/run/
###########################
drwxr-xr-x 3 root root 4096 2012-02-12 12:35 ./
drwxr-xr-x 3 root root 4096 2012-02-12 12:35 ../
drwxr-xr-x 2 root sasl 4096 2012-02-12 12:35 saslauthd/

I have added postfix to the sasl group (don't know if it was necessary 
but I found this instruction on a website)
/etc/group:
sasl:x:45:postfix


/etc/default/saslauthd:
----------------------
START=yes
PWDIR="/var/spool/postfix/var/run/saslauthd"
PARAMS="-m ${PWDIR}"
PIDFILE="${PWDIR}/saslauthd.pid"
DESC="SASL Authentication Daemon"
NAME="saslauthd"
MECHANISMS="pam"
MECH_OPTIONS=""
THREADS=5
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"


mkdir -p /var/spool/postfix/var/run/saslauthd
chown -R root.sasl /var/spool/postfix/var/run/saslauthd

Then I have checked saslauth is running after restart:

root at xa-12345:/home/vmail# ps -ef | grep saslauthd
root      6123     1  0 13:21 ?        00:00:00 /usr/sbin/saslauthd -a 
pam -c -m /var/run/saslauthd -n 5
root      6124  6123  0 13:21 ?        00:00:00 /usr/sbin/saslauthd -a 
pam -c -m /var/run/saslauthd -n 5
root      6125  6123  0 13:21 ?        00:00:00 /usr/sbin/saslauthd -a 
pam -c -m /var/run/saslauthd -n 5
root      6127  6123  0 13:21 ?        00:00:00 /usr/sbin/saslauthd -a 
pam -c -m /var/run/saslauthd -n 5
root      6128  6123  0 13:21 ?        00:00:00 /usr/sbin/saslauthd -a 
pam -c -m /var/run/saslauthd -n 5

Then when I check after restarting if saslauthd socket is created I 
don't see anything (don't know if it's normal)
root at xa-12345:/home/vmail# ls -lh /var/spool/postfix/var/run/saslauthd
total 0


/etc/postfix/sasl/smtpd.conf:
-----------------------------
pwcheck_method: saslauthd


/etc/postfix/main.cf:
---------------------
myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
append_dot_mydomain = no

# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = 
btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

myhostname = mail.foobar.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = foobar.com
mydestination = xa-12345.dadibox.com, localhost.dadibox.com, localhost
relayhost =
mynetworks = 127.0.0.0/8 80.190.190.190
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

#virtual domains
virtual_mailbox_domains = 
mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_base = /home/vmail
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf

# Dovecot LDA
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1

debug_peer_level = 2
debug_peer_list = 127.0.0.1

smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = 
permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
smtpd_sasl_application_name = smtpd
broken_sasl_auth_clients = yes


/etc/dovecot/conf.d/10-auth.conf:
--------------------------------------
disable_plaintext_auth = no
!include auth-sql.conf.ext
!include auth-static.conf.ext



/etc/dovecot/conf.d/auth-static.conf.ext:
----------------------------------------
userdb {
   driver = static
     args = uid=5000 gid=5000 home=/home/vmail/%d/%n allow_all_users=yes
}


/etc/dovecot/conf.d/auth-sql.conf.ext:
--------------------------------------
passdb {
      driver = sql
      args = /etc/dovecot/dovecot-sql.conf
    }



/etc/dovecot/dovecot-sql.conf:
------------------------------
driver = mysql
connect = host=127.0.0.1 dbname=mailserver user=myuser 
password=mypassword
default_pass_scheme = CRAM-MD5
password_query = SELECT email as user, password FROM view_users WHERE 
email='%u';

/etc/dovecot/conf.d/10-master.conf:
----------------------------------
service imap-login {
   inet_listener imap {

   }
   inet_listener imaps {

   }
}

service pop3-login {
   inet_listener pop3 {

   }
   inet_listener pop3s {

   }
}

service lmtp {
   unix_listener lmtp {

   }

}

service imap {

}

service pop3 {

}


service auth {

   unix_listener auth-userdb {
     mode = 0600
     user = vmail
     #group =
   }

   # Postfix smtp-auth
   unix_listener /var/spool/postfix/private/auth {
     mode = 0777
   }

}

service auth-worker {

}

service dict {
   unix_listener dict {
     mode = 0600
     #user =
     group = vmail
   }
}

More information about the dovecot mailing list