Trying to get this mail sever up has eaten up a good chunk of 2 days and I’ve made some headway but this specific error has persisted throughout. I’m using a Debian server with Postfix + Dovecot + Postgres. If I try to send an email from my gmail account to an email account on the server, the following errors get logged in /var/log/mail.log
Jun 5 10:57:32 6r6n-6vh7 postfix/smtpd[748]: connect from mail-oi0-f45.google.com[209.85.218.45]
Jun 5 10:57:32 6r6n-6vh7 postfix/smtpd[748]: warning: SASL: Connect to private/auth failed: Connection refused
Jun 5 10:57:32 6r6n-6vh7 postfix/smtpd[748]: fatal: no SASL authentication mechanisms
Jun 5 10:57:33 6r6n-6vh7 postfix/master[32593]: warning: process /usr/lib/postfix/smtpd pid 748 exit status 1
Jun 5 10:57:33 6r6n-6vh7 postfix/master[32593]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
So the culprit seems to be postfix/smtpd[748]: warning: SASL: Connect to private/auth failed: Connection refused
Any ideas on what could be causing it? I’ve generated the .pem files and placed them in the appropriate folders but it seems like authentication is still failing. Included below are some config files I’ve modified over the course of setting this up. To save you guys from the avalanche of text, I’m posting mostly partial config files that don’t include any defaults I didn’t change.
Postfix Configs
/etc/postfix/main.cf (whole file)
myhostname = mail.myserver.net
myorigin = </var/mail/vhosts
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = mail.myserver.net, myserver.net,localhost,localhost.localdomain
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recepient_delimiter = +
inet_interfaces = all
smtpd_tls_cert_file = /etc/ssl/certs/mailcert.pem
smtpd_tls_key_file = /etc/ssl/private/mail.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_security_level=may
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_auth_only = yes
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
biff = no
append_dot_mydomain = no
readme_directory = no
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions =
permit_sasl_authenticated,
permit_mynetworks,
reject_unauth_destination
#Handing off local delivery to Dovecot's LMTP, and telling it where to store mail
virtual_transport = lmtp:unix:private/dovecot-lmtp
#Virtual domains, users, and aliases
virtual_mailbox_domains = pgsql:/etc/postfix/pgsql-virtual-mailbox-domains.cf
virtual_mailbox_maps = pgsql:/etc/postfix/pgsql-virtual-mailbox-maps.cf
virtual_alias_maps = pgsql:/etc/postfix/pgsql-virtual-alias-maps.cf
/etc/postfix/master.cf (partial)
submission inet n - - - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
smtps inet n - - - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
Dovecot Configs
/etc/dovecot/dovecot.conf (partial)
mail_location = maildir:/var/mail/vhosts/%d/%n
mail_privileged_group = mail
/etc/dovecot/conf.d/10-auth.conf (partial)
disable_plaintext_auth = yes
auth_mechanisms = plain login
!include auth-sql.conf.ext
/etc/dovecot/conf.d/auth-sql.conf.ext (partial)
userdb {
driver = static
args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n
}
passdb {
driver = sql
# Path for SQL configuration file, see example-config/dovecot-sql.conf.ext
args = /etc/dovecot/dovecot-sql.conf.ext
}
/etc/dovecot/dovecot-sql.conf.ext (partial)
driver = pgsql
connect = host=localhost dbname=XXX user=YYY password=ZZZ
default_pass_scheme = SHA512
password_query = SELECT \
CONCAT(username,'@',domain) as user, \
password, \
'vmail' AS userdb_uid, \
'vmail' AS userdb_gid, \
'/var/mail/vhosts/%d/%u' as userdb_home \
FROM virtual_users \
WHERE concat(username,'@',domain) = '%u';
user_query = SELECT username, \
CONCAT('maildir:/var/mail/vhosts/%d/',username,'@',domain) as mail, \
'/var/mail/vhosts/%d/%u' as home, \
'vmail' as uid, \
'vmail' as gid \
FROM virtual_users \
WHERE concat(username,'@',domain) = '%u';
/etc/dovecot/conf.d/10-master.conf (partial)
service imap-login {
inet_listener imap {
#port = 143
}
inet_listener imaps {
port = 993
ssl = yes
}
}
service pop3-login {
inet_listener pop3 {
#port = 110
}
inet_listener pop3s {
port = 995
ssl = yes
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
mode = 0600
user = postfix
group = postfix
}
}
service auth {
unix_listener auth-userdb {
mode = 0600
user = vmail
#group =
}
unix_listener auth-master {
mode = 0660
user = vmail(minu konfis peab olema kasutaja postfix)
group = vmail(minu konfis peab olema kasutaja postfix)
} # Postfix smtp-auth unix_listener /var/spool/postfix/private/auth { mode = 0666 user=postfix group=postfix } # Auth process is run as this user. user = dovecot } service auth-worker { user = vmail }
/etc/dovecot/conf.d/10-ssl.conf (partial)
ssl = required
ssl_cert = </etc/dovecot/dovecot.pem
ssl_key = </etc/dovecot/private/dovecot.pem
log_path = /var/log/dovecot.log
verbose_ssl = yes
