SMTP sending problem

12 posts / 0 new
Last post
#1 Mon, 10/09/2017 - 04:17
dhofer

SMTP sending problem

HI Guys

I reinstalled my server and now I have the problem that I'm not able to send mails outside. Some mails can be delivered, some can't. I got every time the error message "Mail relay not allowed".

I'm a mac user and in my mail program I can also see that a login with my user "info.blake-hofer" is possible via IMAP but not via SMTP. I tried also to change the password on my server for this user and changed this also in my mail program. Can anyone tell me why this happens? The server is freshly installed, based on Ubuntu 16.04.3 . In /var/log/auth.log I can see the following error (e.g. timestamp at 11:00.46)

Oct  9 10:56:04 myweb systemd: pam_unix(systemd-user:session): session closed for user blake-hofer
Oct  9 10:56:04 myweb su[8134]: Successful su for blake-hofer by root
Oct  9 10:56:04 myweb su[8134]: + ??? root:blake-hofer
Oct  9 10:56:04 myweb su[8134]: pam_unix(su:session): session opened for user blake-hofer by (uid=0)
Oct  9 10:56:04 myweb systemd-logind[635]: New session c661 of user blake-hofer.
Oct  9 10:56:04 myweb systemd: pam_unix(systemd-user:session): session opened for user blake-hofer by (uid=0)
Oct  9 10:56:04 myweb su[8134]: pam_unix(su:session): session closed for user blake-hofer
Oct  9 10:56:04 myweb systemd-logind[635]: Removed session c661.
Oct  9 10:56:04 myweb systemd: pam_unix(systemd-user:session): session closed for user blake-hofer
Oct  9 11:00:01 myweb CRON[8286]: pam_unix(cron:session): session opened for user root by (uid=0)
Oct  9 11:00:02 myweb CRON[8286]: pam_unix(cron:session): session closed for user root
Oct  9 11:00:46 myweb auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=info.blake-hofer rhost=80.218.125.112  user=info.blake-hofer
Oct  9 11:01:09 myweb auth: message repeated 4 times: [ pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=info.blake-hofer rhost=80.218.125.112  user=info.blake-hofer]
Oct  9 11:01:10 myweb su[8468]: Successful su for blake-hofer by root
Oct  9 11:01:10 myweb su[8468]: + ??? root:blake-hofer
Oct  9 11:01:10 myweb su[8468]: pam_unix(su:session): session opened for user blake-hofer by (uid=0)
Oct  9 11:01:10 myweb systemd-logind[635]: New session c662 of user blake-hofer.
Oct  9 11:01:10 myweb systemd: pam_unix(systemd-user:session): session opened for user blake-hofer by (uid=0)
Oct  9 11:01:10 myweb su[8468]: pam_unix(su:session): session closed for user blake-hofer
Oct  9 11:01:10 myweb systemd-logind[635]: Removed session c662.
Oct  9 11:01:10 myweb systemd: pam_unix(systemd-user:session): session closed for user blake-hofer
Oct  9 11:01:10 myweb su[8479]: Successful su for blake-hofer by root
Oct  9 11:01:10 myweb su[8479]: + ??? root:blake-hofer
Oct  9 11:01:10 myweb su[8479]: pam_unix(su:session): session opened for user blake-hofer by (uid=0)
Oct  9 11:01:10 myweb systemd-logind[635]: New session c663 of user blake-hofer.
Oct  9 11:01:10 myweb systemd: pam_unix(systemd-user:session): session opened for user blake-hofer by (uid=0)
Oct  9 11:01:10 myweb su[8479]: pam_unix(su:session): session closed for user blake-hofer
Oct  9 11:01:10 myweb systemd-logind[635]: Removed session c663.
Oct  9 11:01:10 myweb systemd: pam_unix(systemd-user:session): session closed for user blake-hofer
Oct  9 11:01:12 myweb auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=info.blake-hofer rhost=80.218.125.112  user=info.blake-hofer
Oct  9 11:01:16 myweb auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=info.blake-hofer rhost=80.218.125.112  user=info.blake-hofer
Oct  9 11:01:27 myweb auth: message repeated 3 times: [ pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=info.blake-hofer rhost=80.218.125.112  user=info.blake-hofer] 

Can anyone help me please?

Best Regards Dominique

Mon, 10/09/2017 - 04:27
dhofer

I tried now also to setup Roundcube and I'm able to login with these credentials. But when I try to send a mail I get the error message "SMT Error (535): Authentication failed"

I'm really confused at the moment ... the password is 100% correct ...

Mon, 10/09/2017 - 20:23
Joe
Joe's picture

What does this output:

# systemctl status saslauthd

--

Check out the forum guidelines!

Tue, 10/10/2017 - 02:44
dhofer

Hi

here it is:

root@myweb ~ # systemctl status saslauthd
● saslauthd.service - LSB: saslauthd startup script
   Loaded: loaded (/etc/init.d/saslauthd; bad; vendor preset: enabled)
   Active: active (exited) since Sun 2017-10-08 14:50:34 CEST; 1 day 18h ago
     Docs: man:systemd-sysv-generator(8)

Oct 08 14:50:34 myweb.blake-hofer.net systemd[1]: Starting LSB: saslauthd startup script...
Oct 08 14:50:34 myweb.blake-hofer.net saslauthd[15866]:  * To enable saslauthd, edit /etc/default/saslauthd and set START=yes
Oct 08 14:50:34 myweb.blake-hofer.net systemd[1]: Started LSB: saslauthd startup script.
Oct 08 14:52:22 myweb.blake-hofer.net systemd[1]: Started LSB: saslauthd startup script.
Tue, 10/10/2017 - 16:30
noisemarine

dhofer, have you tried making the change to the file mentioned in the log you posted?

Wed, 10/11/2017 - 00:55
dhofer

oh yes, yes - sorry I forgot to mention it.

I checked it but it was already set to YES:

# Settings for saslauthd daemon
# Please read /usr/share/doc/sasl2-bin/README.Debian for details.
#

# Should saslauthd run automatically on startup? (default: no)
START=yes

# Description of this saslauthd instance. Recommended.
# (suggestion: SASL Authentication Daemon)
DESC="SASL Authentication Daemon"

# Short name of this saslauthd instance. Strongly recommended.
# (suggestion: saslauthd)
NAME="saslauthd"

# Which authentication mechanisms should saslauthd use? (default: pam)
#
# Available options in this Debian package:
# getpwent  -- use the getpwent() library function
# kerberos5 -- use Kerberos 5
# pam       -- use PAM
# rimap     -- use a remote IMAP server
# shadow    -- use the local shadow password file
# sasldb    -- use the local sasldb database file
# ldap      -- use LDAP (configuration is in /etc/saslauthd.conf)
#
# Only one option may be used at a time. See the saslauthd man page
# for more information.
#
# Example: MECHANISMS="pam"
MECHANISMS="pam"

# Additional options for this mechanism. (default: none)
# See the saslauthd man page for information about mech-specific options.
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"

# How many saslauthd processes should we run? (default: 5)
# A value of 0 will fork a new process for each connection.
THREADS=5

# Other options (default: -c -m /var/run/saslauthd)
# Note: You MUST specify the -m option or saslauthd won't run!
#
# WARNING: DO NOT SPECIFY THE -d OPTION.
# The -d option will cause saslauthd to run in the foreground instead of as
# a daemon. This will PREVENT YOUR SYSTEM FROM BOOTING PROPERLY. If you wish
# to run saslauthd in debug mode, please run it by hand to be safe.
#
# See /usr/share/doc/sasl2-bin/README.Debian for Debian-specific information.
# See the saslauthd man page and the output of 'saslauthd -h' for general
# information about these options.
#
# Example for chroot Postfix users: "-c -m /var/spool/postfix/var/run/saslauthd"
# Example for non-chroot Postfix users: "-c -m /var/run/saslauthd"
#
# To know if your Postfix is running chroot, check /etc/postfix/master.cf.
# If it has the line "smtp inet n - y - - smtpd" or "smtp inet n - - - - smtpd"
# then your Postfix is running in a chroot.
# If it has the line "smtp inet n - n - - smtpd" then your Postfix is NOT
# running in a chroot.
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"
PARAMS="-m /var/spool/postfix/var/run/saslauthd -r"
Wed, 10/11/2017 - 05:33
Joe
Joe's picture

Try restarting the saslauthd service and see if that message goes away, and the status of "bad" goes away.

--

Check out the forum guidelines!

Wed, 10/11/2017 - 07:27 (Reply to #7)
Jfro

Uh Joe you say here put the -r flag behind the options.

So not this time see above for the config for this user topic starter ??

https://www.virtualmin.com/comment/785281#comment-785281

Wed, 10/11/2017 - 07:31 (Reply to #8)
Joe
Joe's picture

I don't know. I'm trying to figure it out. Once I have more data from folks, I'll know why it isn't working and can fix it in virtualmin-config.

--

Check out the forum guidelines!

Wed, 10/11/2017 - 07:53 (Reply to #9)
Jfro

Yea they shouldn't make the same mistake as me yum remove postfix after a while searching for solution why not working, messing up Virtualmin and so on. ;)

Ok check also always the LOGS after fresh boot, and also after try sending the mail, sometimes this is not installed ( or some parts from it) to then the sasl is not working:: cyrus-sasl The Cyrus SASL library Running latest 2.1.26-21.el7 Base/7/x86_64

also in dovecot a conf with the old depricated "listen"

and postgrey ;)

IF running CSF firewall then you can check also out of the control panel. View ports on the server that have a running process behind them listening for external connections for the ports there postfix dovecot and services and so on.

smtpd -n smtp -t inet -u -o stress= -s 2 -o smtpd_sasl_auth_enable=yes /usr/libexec/postfix/smtpd

Thu, 10/12/2017 - 06:31
dhofer

Hi Guys

I‘m so sorry about this. I tried to restart the saslauthd service but everytime I tried it failed. What I have done after is to restart the whole server and since them it‘s working without problems. Also a login on my webmail service is working without any problems.

So I don‘t know what the problem was but it seems to be fixed now.

BR Dominique

Thu, 10/12/2017 - 06:44 (Reply to #11)
Jfro

yea ok thanks for reply, that was why i told you to also fresh boot.

Topic locked