SASL LOGIN authentication issue

Hello

I am getting the error:

warning: unknown[1.210.20.73]: SASL LOGIN authentication failed: authentication failure

but when I check

[root@ conf.d]# testsaslauthd -u alok@qbc.in -p qbc@123 0: OK “Success.”

Status: 
Closed (won't fix)
Virtualmin version: 
6.16
Webmin version: 
1.973

Comments

Is anything else logged to /var/log/mail.log or /var/log/secure or /var/log/authlog ?

In /var/log/maillog

Apr 28 11:09:07 web2 postfix/smtpd[4226]: warning: unknown[12.70.149.5]: SASL LOGIN authentication failed: authentication failure

and in tail -f /var/log/secure

Apr 28 11:08:34 web2 auth: pam_unix(dovecot:auth): check pass; user unknown Apr 28 11:08:34 web2 auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=long@abc.in rhost=14.94.14.97 Apr 28 11:08:53 web2 sshd[8234]: Accepted password for root from 103.212.156.161 port 61429 ssh2 Apr 28 11:08:53 web2 sshd[8234]: pam_unix(sshd:session): session opened for user root by (uid=0) Apr 28 11:08:58 web2 auth: pam_unix(dovecot:auth): check pass; user unknown Apr 28 11:08:58 web2 auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=ofx@abc.in rhost=14.94.14.97

Is long@abc.in actually the correct username? Normally Virtualmin will create a user like long-abc for the email address long@abc.in

But in the dovecot logs, it looks like the mail client is trying to login as long@abc.in

yes, even this error ("SASL LOGIN authentication failed: authentication failure") shows with valid-user. so can you tell me the solution?

I have this setting in my /etc/sysconfig/saslauthd

Directory in which to place saslauthd's listening socket, pid file, and so on. This directory must already exist.

SOCKETDIR=/run/saslauthd

Mechanism to use when checking passwords. Run "saslauthd -v" to get a list of which mechanism your installation was compiled with the ablity to use. MECH=pam

MECH="rimap -r"

Additional flags to pass to saslauthd on the command line. See saslauthd(8) for the list of accepted flags. FLAGS="-r"

FLAGS = "-O webmail2.abc.in"

OPTIONS="-c -m /var/run/saslauthd -r" PARAMS="-m /var/run/saslauthd -r" [root@webmail2 ~]#

Did you customize anything in /etc/sysconfig/saslauthd after the default install?

I don't remember, can you help me with the default setting?

I can check on another system ... are you running CentOS 7?

Yes i am running CentOS 7

The file should just contain :

# Directory in which to place saslauthd's listening socket, pid file, and so
# on.  This directory must already exist.
SOCKETDIR=/run/saslauthd

# Mechanism to use when checking passwords.  Run "saslauthd -v" to get a list
# of which mechanism your installation was compiled with the ablity to use.
MECH=pam

# Additional flags to pass to saslauthd on the command line.  See saslauthd(8)
# for the list of accepted flags.
FLAGS="-r"

Hello

I have added this files but i am getting the same error:

[root@webmail2 styles]# systemctl status saslauthd ● saslauthd.service - SASL authentication daemon. Loaded: loaded (/usr/lib/systemd/system/saslauthd.service; enabled; vendor preset: disabled) Active: active (running) since Thu 2021-05-06 09:48:31 IST; 9s ago Process: 31861 ExecStart=/usr/sbin/saslauthd -m $SOCKETDIR -a $MECH $FLAGS (code=exited, status=0/SUCCESS) Main PID: 31862 (saslauthd) CGroup: /system.slice/saslauthd.service ├─31862 /usr/sbin/saslauthd -m /run/saslauthd -a pam -r ├─31863 /usr/sbin/saslauthd -m /run/saslauthd -a pam -r ├─31864 /usr/sbin/saslauthd -m /run/saslauthd -a pam -r ├─31865 /usr/sbin/saslauthd -m /run/saslauthd -a pam -r └─31866 /usr/sbin/saslauthd -m /run/saslauthd -a pam -r

May 06 09:48:35 webmail2.abc saslauthd[31862]: pam_unix(smtp:auth): check pass; user unknown May 06 09:48:35 webmail2.abc saslauthd[31862]: pam_unix(smtp:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= May 06 09:48:37 webmail2.abc saslauthd[31862]: DEBUG: auth_pam: pam_authenticate failed: User not known to the underlying authentication module May 06 09:48:37 webmail2.abc saslauthd[31862]: do_auth : auth failure: [user=test] [service=smtp] [realm=] [mech=pam] [reason=PAM auth error] May 06 09:48:37 webmail2.abc saslauthd[31865]: pam_unix(smtp:auth): check pass; user unknown May 06 09:48:37 webmail2.abc saslauthd[31865]: pam_unix(smtp:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= May 06 09:48:40 webmail2.abc saslauthd[31865]: DEBUG: auth_pam: pam_authenticate failed: User not known to the underlying authentication module May 06 09:48:40 webmail2.abc saslauthd[31865]: do_auth : auth failure: [user=test] [service=smtp] [realm=] [mech=pam] [reason=PAM auth error] May 06 09:48:40 webmail2.abc saslauthd[31864]: pam_unix(smtp:auth): check pass; user unknown May 06 09:48:40 webmail2.abc saslauthd[31864]: pam_unix(smtp:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=

in maillog

May 6 09:49:09 webmail2 postfix/smtpd[31682]: warning: unknown[15.231.143.11]: SASL LOGIN authentication failed: authentication failure May 6 09:49:10 webmail2 postfix/smtpd[31682]: lost connection after AUTH from unknown[15.231.143.11] May 6 09:49:10 webmail2 postfix/smtpd[31682]: disconnect from unknown[15.231.143.11] May 6 09:49:10 webmail2 postfix/smtpd[30269]: connect from unknown[15.231.143.11] May 6 09:49:12 webmail2 postfix/smtpd[30269]: warning: unknown[15.231.143.11]: SASL LOGIN authentication failed: authentication failure May 6 09:49:12 webmail2 postfix/smtpd[30269]: lost connection after AUTH from unknown[15.231.143.11]

If doesn't appear that you're experiencing a bug there.

We're sorry, but as you're using Virtualmin GPL there, if you had any additional questions, you'd want to use the Forums for support.

We monitor the Forums, along with lots of wonderful folks in the community.

Thanks!