dovecot cram-md5 setting break sending emails

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
35 messages Options
12
Reply | Threaded
Open this post in threaded view
|

dovecot cram-md5 setting break sending emails

Poliman - Serwis
Hi everyone. My postfix configuration (postconf -n):
alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
append_dot_mydomain = no
biff = no
body_checks = regexp:/etc/postfix/body_checks
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = amavis:[127.0.0.1]:10024
dovecot_destination_recipient_limit = 1
greylisting = check_policy_service inet:127.0.0.1:10023
header_checks = regexp:/etc/postfix/header_checks
html_directory = /usr/share/doc/postfix/html
inet_interfaces = all
inet_protocols = all
mailbox_size_limit = 0
maildrop_destination_concurrency_limit = 1
maildrop_destination_recipient_limit = 1
message_size_limit = 0
mime_header_checks = regexp:/etc/postfix/mime_header_checks
mydestination = vps342401.ovh.net, localhost, localhost.localdomain
myhostname = vps342401.ovh.net
mynetworks = 127.0.0.0/8 [::1]/128
myorigin = /etc/mailname
nested_header_checks = regexp:/etc/postfix/nested_header_checks
owner_request_special = no
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
readme_directory = /usr/share/doc/postfix
receive_override_options = no_address_mappings
recipient_delimiter = +
relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
relayhost =
sender_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_outgoing_bcc.cf
smtp_tls_exclude_ciphers = RC4, aNULL
smtp_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtp_tls_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_client_message_rate_limit = 100
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, reject_invalid_hostname, reject_non_fqdn_hostname, check_helo_access regexp:/etc/postfix/blacklist_helo
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_rbl_client zen.spamhaus.org
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
smtpd_restriction_classes = greylisting
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous,noplaintext
smtpd_sasl_tls_security_options = noanonymous,noplaintext
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender_login_maps.cf
smtpd_sender_restrictions = check_sender_access regexp:/etc/postfix/tag_as_originating.re , permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf, check_sender_access regexp:/etc/postfix/tag_as_foreign.re
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_exclude_ciphers = RC4, aNULL
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
smtpd_tls_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
virtual_alias_domains =
virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_gid_maps = mysql:/etc/postfix/mysql-virtual_gids.cf
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_transport = dovecot
virtual_uid_maps = mysql:/etc/postfix/mysql-virtual_uids.cf

All worked fine. Then I added in dovecot.conf file:
auth_mechanisms = plain login cram-md5 #added cram-md5

passdb {
  #args = /etc/dovecot/dovecot-sql.conf
  #driver = sql
   driver = passwd-file
   args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
}

In passdb block commented out default lines and add two (I can put whole dovecot config). All things still worked fine. Then - in dovecot.conf file I changed back setting to default. After this I can't send emails. In log I have:
Feb 23 06:46:49 vps301 postfix/smtps/smtpd[24919]: fatal: no SASL authentication mechanisms
Feb 23 06:47:50 vps301 postfix/smtps/smtpd[24942]: fatal: no SASL authentication mechanisms

Thread on dovecot mailing list about this problem takes 65 sended emails. Still nothing.
--
Pozdrawiam / Best Regards
Piotr Bracha



tel. 534 555 877
[hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: dovecot cram-md5 setting break sending emails

Dominic Raferd
On 23 February 2017 at 07:01, Poliman - Serwis <[hidden email]> wrote:

> ...
> All worked fine. Then I added in dovecot.conf file:
> auth_mechanisms = plain login cram-md5 #added cram-md5
>
> passdb {
>   #args = /etc/dovecot/dovecot-sql.conf
>   #driver = sql
>    driver = passwd-file
>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
> }
>
> In passdb block commented out default lines and add two (I can put whole
> dovecot config). All things still worked fine. Then - in dovecot.conf file I
> changed back setting to default. After this I can't send emails. In log I
> have:
> Feb 23 06:46:49 vps301 postfix/smtps/smtpd[24919]: fatal: no SASL
> authentication mechanisms
> Feb 23 06:47:50 vps301 postfix/smtps/smtpd[24942]: fatal: no SASL
> authentication mechanisms

I suspect it is not permitted to have # comments in dovecot conf files
except on a line of their own, though I admit I can't find this
documented. Try removing '#added cram-md5' or putting it on a line of
its own.
Reply | Threaded
Open this post in threaded view
|

Re: dovecot cram-md5 setting break sending emails

Poliman - Serwis
I removed all comments which I added. It didn't help. Maybe should I put some config files dovecot or postfix or something?

2017-02-23 8:17 GMT+01:00 Dominic Raferd <[hidden email]>:
On 23 February 2017 at 07:01, Poliman - Serwis <[hidden email]> wrote:
> ...
> All worked fine. Then I added in dovecot.conf file:
> auth_mechanisms = plain login cram-md5 #added cram-md5
>
> passdb {
>   #args = /etc/dovecot/dovecot-sql.conf
>   #driver = sql
>    driver = passwd-file
>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
> }
>
> In passdb block commented out default lines and add two (I can put whole
> dovecot config). All things still worked fine. Then - in dovecot.conf file I
> changed back setting to default. After this I can't send emails. In log I
> have:
> Feb 23 06:46:49 vps301 postfix/smtps/smtpd[24919]: fatal: no SASL
> authentication mechanisms
> Feb 23 06:47:50 vps301 postfix/smtps/smtpd[24942]: fatal: no SASL
> authentication mechanisms

I suspect it is not permitted to have # comments in dovecot conf files
except on a line of their own, though I admit I can't find this
documented. Try removing '#added cram-md5' or putting it on a line of
its own.



--
Pozdrawiam / Best Regards
Piotr Bracha



tel. 534 555 877
[hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: dovecot cram-md5 setting break sending emails

Poliman - Serwis
In reply to this post by Dominic Raferd
By the way I did some test. I removed cram-md5 from auth_mechanisms line and I uncommented default lines in passdb block and also left uncommented two lines added by me like below:
auth_mechanisms = plain login

passdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
   driver = passwd-file
   args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
}

I can send emails but I have no idea which setting is used - these two lines:
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql

or these
   driver = passwd-file
   args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd

2017-02-23 8:17 GMT+01:00 Dominic Raferd <[hidden email]>:
On 23 February 2017 at 07:01, Poliman - Serwis <[hidden email]> wrote:
> ...
> All worked fine. Then I added in dovecot.conf file:
> auth_mechanisms = plain login cram-md5 #added cram-md5
>
> passdb {
>   #args = /etc/dovecot/dovecot-sql.conf
>   #driver = sql
>    driver = passwd-file
>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
> }
>
> In passdb block commented out default lines and add two (I can put whole
> dovecot config). All things still worked fine. Then - in dovecot.conf file I
> changed back setting to default. After this I can't send emails. In log I
> have:
> Feb 23 06:46:49 vps301 postfix/smtps/smtpd[24919]: fatal: no SASL
> authentication mechanisms
> Feb 23 06:47:50 vps301 postfix/smtps/smtpd[24942]: fatal: no SASL
> authentication mechanisms

I suspect it is not permitted to have # comments in dovecot conf files
except on a line of their own, though I admit I can't find this
documented. Try removing '#added cram-md5' or putting it on a line of
its own.



--
Pozdrawiam / Best Regards
Piotr Bracha



tel. 534 555 877
[hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: dovecot cram-md5 setting break sending emails

Poliman - Serwis
Hmm. I think that above is not working. Probably I tried sent email too fast after restart dovecot and new settings weren't loaded.

2017-02-23 9:18 GMT+01:00 Poliman - Serwis <[hidden email]>:
By the way I did some test. I removed cram-md5 from auth_mechanisms line and I uncommented default lines in passdb block and also left uncommented two lines added by me like below:
auth_mechanisms = plain login

passdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
   driver = passwd-file
   args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
}

I can send emails but I have no idea which setting is used - these two lines:
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql

or these
   driver = passwd-file
   args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd

2017-02-23 8:17 GMT+01:00 Dominic Raferd <[hidden email]>:
On 23 February 2017 at 07:01, Poliman - Serwis <[hidden email]> wrote:
> ...
> All worked fine. Then I added in dovecot.conf file:
> auth_mechanisms = plain login cram-md5 #added cram-md5
>
> passdb {
>   #args = /etc/dovecot/dovecot-sql.conf
>   #driver = sql
>    driver = passwd-file
>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
> }
>
> In passdb block commented out default lines and add two (I can put whole
> dovecot config). All things still worked fine. Then - in dovecot.conf file I
> changed back setting to default. After this I can't send emails. In log I
> have:
> Feb 23 06:46:49 vps301 postfix/smtps/smtpd[24919]: fatal: no SASL
> authentication mechanisms
> Feb 23 06:47:50 vps301 postfix/smtps/smtpd[24942]: fatal: no SASL
> authentication mechanisms

I suspect it is not permitted to have # comments in dovecot conf files
except on a line of their own, though I admit I can't find this
documented. Try removing '#added cram-md5' or putting it on a line of
its own.



--
Pozdrawiam / Best Regards
Piotr Bracha



tel. 534 555 877
[hidden email]



--
Pozdrawiam / Best Regards
Piotr Bracha



tel. 534 555 877
[hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: dovecot cram-md5 setting break sending emails

Poliman - Serwis
When I setup config:
auth_mechanisms = plain login cram-md5

passdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
   driver = passwd-file
   args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
}

Then mails can be send. Without 'cram-md5' in auth_mechanisms I can't send emails when passdb block looks like above pasted.

2017-02-23 9:21 GMT+01:00 Poliman - Serwis <[hidden email]>:
Hmm. I think that above is not working. Probably I tried sent email too fast after restart dovecot and new settings weren't loaded.

2017-02-23 9:18 GMT+01:00 Poliman - Serwis <[hidden email]>:
By the way I did some test. I removed cram-md5 from auth_mechanisms line and I uncommented default lines in passdb block and also left uncommented two lines added by me like below:
auth_mechanisms = plain login

passdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
   driver = passwd-file
   args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
}

I can send emails but I have no idea which setting is used - these two lines:
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql

or these
   driver = passwd-file
   args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd

2017-02-23 8:17 GMT+01:00 Dominic Raferd <[hidden email]>:
On 23 February 2017 at 07:01, Poliman - Serwis <[hidden email]> wrote:
> ...
> All worked fine. Then I added in dovecot.conf file:
> auth_mechanisms = plain login cram-md5 #added cram-md5
>
> passdb {
>   #args = /etc/dovecot/dovecot-sql.conf
>   #driver = sql
>    driver = passwd-file
>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
> }
>
> In passdb block commented out default lines and add two (I can put whole
> dovecot config). All things still worked fine. Then - in dovecot.conf file I
> changed back setting to default. After this I can't send emails. In log I
> have:
> Feb 23 06:46:49 vps301 postfix/smtps/smtpd[24919]: fatal: no SASL
> authentication mechanisms
> Feb 23 06:47:50 vps301 postfix/smtps/smtpd[24942]: fatal: no SASL
> authentication mechanisms

I suspect it is not permitted to have # comments in dovecot conf files
except on a line of their own, though I admit I can't find this
documented. Try removing '#added cram-md5' or putting it on a line of
its own.



--
Pozdrawiam / Best Regards
Piotr Bracha



tel. 534 555 877
[hidden email]



--
Pozdrawiam / Best Regards
Piotr Bracha



tel. 534 555 877
[hidden email]



--
Pozdrawiam / Best Regards
Piotr Bracha



tel. 534 555 877
[hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: dovecot cram-md5 setting break sending emails

Poliman - Serwis
In log I have also these lines:
Feb 23 09:12:55 vps342401 dovecot: auth: Error: read(anvil-auth-penalty) failed: EOF
Feb 23 09:18:40 vps342401 postfix/smtpd[30395]: fatal: no SASL authentication mechanisms
Feb 23 09:19:04 vps342401 postfix/smtps/smtpd[30426]: fatal: no SASL authentication mechanisms
Feb 23 09:20:02 vps342401 postfix/smtpd[30519]: fatal: no SASL authentication mechanisms
Feb 23 09:20:05 vps342401 postfix/smtps/smtpd[30525]: fatal: no SASL authentication mechanisms


2017-02-23 9:26 GMT+01:00 Poliman - Serwis <[hidden email]>:
When I setup config:
auth_mechanisms = plain login cram-md5

passdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
   driver = passwd-file
   args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
}

Then mails can be send. Without 'cram-md5' in auth_mechanisms I can't send emails when passdb block looks like above pasted.

2017-02-23 9:21 GMT+01:00 Poliman - Serwis <[hidden email]>:
Hmm. I think that above is not working. Probably I tried sent email too fast after restart dovecot and new settings weren't loaded.

2017-02-23 9:18 GMT+01:00 Poliman - Serwis <[hidden email]>:
By the way I did some test. I removed cram-md5 from auth_mechanisms line and I uncommented default lines in passdb block and also left uncommented two lines added by me like below:
auth_mechanisms = plain login

passdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
   driver = passwd-file
   args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
}

I can send emails but I have no idea which setting is used - these two lines:
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql

or these
   driver = passwd-file
   args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd

2017-02-23 8:17 GMT+01:00 Dominic Raferd <[hidden email]>:
On 23 February 2017 at 07:01, Poliman - Serwis <[hidden email]> wrote:
> ...
> All worked fine. Then I added in dovecot.conf file:
> auth_mechanisms = plain login cram-md5 #added cram-md5
>
> passdb {
>   #args = /etc/dovecot/dovecot-sql.conf
>   #driver = sql
>    driver = passwd-file
>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
> }
>
> In passdb block commented out default lines and add two (I can put whole
> dovecot config). All things still worked fine. Then - in dovecot.conf file I
> changed back setting to default. After this I can't send emails. In log I
> have:
> Feb 23 06:46:49 vps301 postfix/smtps/smtpd[24919]: fatal: no SASL
> authentication mechanisms
> Feb 23 06:47:50 vps301 postfix/smtps/smtpd[24942]: fatal: no SASL
> authentication mechanisms

I suspect it is not permitted to have # comments in dovecot conf files
except on a line of their own, though I admit I can't find this
documented. Try removing '#added cram-md5' or putting it on a line of
its own.



--
Pozdrawiam / Best Regards
Piotr Bracha



tel. 534 555 877
[hidden email]



--
Pozdrawiam / Best Regards
Piotr Bracha



tel. 534 555 877
[hidden email]



--
Pozdrawiam / Best Regards
Piotr Bracha



tel. 534 555 877
[hidden email]



--
Pozdrawiam / Best Regards
Piotr Bracha



tel. 534 555 877
[hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: dovecot cram-md5 setting break sending emails

Wilfried.Essig@Essignetz.de
In reply to this post by Poliman - Serwis
Hi,


would suggest :
- Try turning off chroot operation in master.cf
- Verbose logging for specific SMTP connections
(see http://www.postfix.org/DEBUG_README.html)


Willi


Am 23.02.2017 um 09:21 schrieb Poliman - Serwis:

> Hmm. I think that above is not working. Probably I tried sent email too
> fast after restart dovecot and new settings weren't loaded.
>
> 2017-02-23 9:18 GMT+01:00 Poliman - Serwis <[hidden email]>:
>
>> By the way I did some test. I removed cram-md5 from auth_mechanisms line
>> and I uncommented default lines in passdb block and also left uncommented
>> two lines added by me like below:
>> auth_mechanisms = plain login
>>
>> passdb {
>>   args = /etc/dovecot/dovecot-sql.conf
>>   driver = sql
>>    driver = passwd-file
>>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>> }
>>
>> I can send emails but I have no idea which setting is used - these two
>> lines:
>>   args = /etc/dovecot/dovecot-sql.conf
>>   driver = sql
>>
>> or these
>>    driver = passwd-file
>>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>
>> 2017-02-23 8:17 GMT+01:00 Dominic Raferd <[hidden email]>:
>>
>>> On 23 February 2017 at 07:01, Poliman - Serwis <[hidden email]> wrote:
>>>> ...
>>>> All worked fine. Then I added in dovecot.conf file:
>>>> auth_mechanisms = plain login cram-md5 #added cram-md5
>>>>
>>>> passdb {
>>>>   #args = /etc/dovecot/dovecot-sql.conf
>>>>   #driver = sql
>>>>    driver = passwd-file
>>>>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>>> }
>>>>
>>>> In passdb block commented out default lines and add two (I can put whole
>>>> dovecot config). All things still worked fine. Then - in dovecot.conf
>>> file I
>>>> changed back setting to default. After this I can't send emails. In log
>>> I
>>>> have:
>>>> Feb 23 06:46:49 vps301 postfix/smtps/smtpd[24919]: fatal: no SASL
>>>> authentication mechanisms
>>>> Feb 23 06:47:50 vps301 postfix/smtps/smtpd[24942]: fatal: no SASL
>>>> authentication mechanisms
>>>
>>> I suspect it is not permitted to have # comments in dovecot conf files
>>> except on a line of their own, though I admit I can't find this
>>> documented. Try removing '#added cram-md5' or putting it on a line of
>>> its own.
>>>
>>
>>
>>
>> --
>>
>> *Pozdrawiam / Best Regards*
>> *Piotr Bracha*
>>
>>
>>
>>
>> *tel. 534 555 877*
>>
>> *[hidden email] <[hidden email]>*
>>
>
>
>

Reply | Threaded
Open this post in threaded view
|

Re: dovecot cram-md5 setting break sending emails

Poliman - Serwis
Ok, so I added in main.cf at the bottom of the file the line:
debug_peer_list = 127.0.0.1,93.X.X.31

and in master.cf (set 'n' in chroot column):
submission inet n       -       n       -       -       smtpd
smtps     inet  n       -       n       -       -       smtpd

What is next step?

2017-02-23 9:42 GMT+01:00 [hidden email] <[hidden email]>:
Hi,


would suggest :
- Try turning off chroot operation in master.cf
- Verbose logging for specific SMTP connections
(see http://www.postfix.org/DEBUG_README.html)


Willi


Am 23.02.2017 um 09:21 schrieb Poliman - Serwis:
> Hmm. I think that above is not working. Probably I tried sent email too
> fast after restart dovecot and new settings weren't loaded.
>
> 2017-02-23 9:18 GMT+01:00 Poliman - Serwis <[hidden email]>:
>
>> By the way I did some test. I removed cram-md5 from auth_mechanisms line
>> and I uncommented default lines in passdb block and also left uncommented
>> two lines added by me like below:
>> auth_mechanisms = plain login
>>
>> passdb {
>>   args = /etc/dovecot/dovecot-sql.conf
>>   driver = sql
>>    driver = passwd-file
>>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>> }
>>
>> I can send emails but I have no idea which setting is used - these two
>> lines:
>>   args = /etc/dovecot/dovecot-sql.conf
>>   driver = sql
>>
>> or these
>>    driver = passwd-file
>>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>
>> 2017-02-23 8:17 GMT+01:00 Dominic Raferd <[hidden email]>:
>>
>>> On 23 February 2017 at 07:01, Poliman - Serwis <[hidden email]> wrote:
>>>> ...
>>>> All worked fine. Then I added in dovecot.conf file:
>>>> auth_mechanisms = plain login cram-md5 #added cram-md5
>>>>
>>>> passdb {
>>>>   #args = /etc/dovecot/dovecot-sql.conf
>>>>   #driver = sql
>>>>    driver = passwd-file
>>>>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>>> }
>>>>
>>>> In passdb block commented out default lines and add two (I can put whole
>>>> dovecot config). All things still worked fine. Then - in dovecot.conf
>>> file I
>>>> changed back setting to default. After this I can't send emails. In log
>>> I
>>>> have:
>>>> Feb 23 06:46:49 vps301 postfix/smtps/smtpd[24919]: fatal: no SASL
>>>> authentication mechanisms
>>>> Feb 23 06:47:50 vps301 postfix/smtps/smtpd[24942]: fatal: no SASL
>>>> authentication mechanisms
>>>
>>> I suspect it is not permitted to have # comments in dovecot conf files
>>> except on a line of their own, though I admit I can't find this
>>> documented. Try removing '#added cram-md5' or putting it on a line of
>>> its own.
>>>
>>
>>
>>
>> --
>>
>> *Pozdrawiam / Best Regards*
>> *Piotr Bracha*
>>
>>
>>
>>
>> *tel. 534 555 877*
>>
>> *[hidden email] <[hidden email]>*
>>
>
>
>




--
Pozdrawiam / Best Regards
Piotr Bracha



tel. 534 555 877
[hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: dovecot cram-md5 setting break sending emails

Poliman - Serwis
I also turned on verbose log in dovecot and below is output in mail.log:
Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]: xsasl_dovecot_server_connect: auth reply: DONE
Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]: xsasl_dovecot_server_mech_filter: skip mechanism: PLAIN
Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]: xsasl_dovecot_server_mech_filter: skip mechanism: LOGIN
Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]: fatal: no SASL authentication mechanisms
Feb 23 10:03:52 vps342401 postfix/master[25124]: warning: process /usr/lib/postfix/smtpd pid 3640 exit status 1
Feb 23 10:03:52 vps342401 postfix/master[25124]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max connection rate 27/60s for (submission:54.175.125.239) at Feb 23 09:58:20
Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max connection count 1 for (submission:54.175.125.239) at Feb 23 09:58:08
Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max message rate 1/60s for (smtps:93.X.X.31) at Feb 23 10:00:37
Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max cache size 3 at Feb 23 09:58:21


2017-02-23 9:59 GMT+01:00 Poliman - Serwis <[hidden email]>:
Ok, so I added in main.cf at the bottom of the file the line:
debug_peer_list = 127.0.0.1,93.X.X.31

and in master.cf (set 'n' in chroot column):
submission inet n       -       n       -       -       smtpd
smtps     inet  n       -       n       -       -       smtpd

What is next step?

2017-02-23 9:42 GMT+01:00 [hidden email] <[hidden email]>:
Hi,


would suggest :
- Try turning off chroot operation in master.cf
- Verbose logging for specific SMTP connections
(see http://www.postfix.org/DEBUG_README.html)


Willi


Am 23.02.2017 um 09:21 schrieb Poliman - Serwis:
> Hmm. I think that above is not working. Probably I tried sent email too
> fast after restart dovecot and new settings weren't loaded.
>
> 2017-02-23 9:18 GMT+01:00 Poliman - Serwis <[hidden email]>:
>
>> By the way I did some test. I removed cram-md5 from auth_mechanisms line
>> and I uncommented default lines in passdb block and also left uncommented
>> two lines added by me like below:
>> auth_mechanisms = plain login
>>
>> passdb {
>>   args = /etc/dovecot/dovecot-sql.conf
>>   driver = sql
>>    driver = passwd-file
>>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>> }
>>
>> I can send emails but I have no idea which setting is used - these two
>> lines:
>>   args = /etc/dovecot/dovecot-sql.conf
>>   driver = sql
>>
>> or these
>>    driver = passwd-file
>>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>
>> 2017-02-23 8:17 GMT+01:00 Dominic Raferd <[hidden email]>:
>>
>>> On 23 February 2017 at 07:01, Poliman - Serwis <[hidden email]> wrote:
>>>> ...
>>>> All worked fine. Then I added in dovecot.conf file:
>>>> auth_mechanisms = plain login cram-md5 #added cram-md5
>>>>
>>>> passdb {
>>>>   #args = /etc/dovecot/dovecot-sql.conf
>>>>   #driver = sql
>>>>    driver = passwd-file
>>>>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>>> }
>>>>
>>>> In passdb block commented out default lines and add two (I can put whole
>>>> dovecot config). All things still worked fine. Then - in dovecot.conf
>>> file I
>>>> changed back setting to default. After this I can't send emails. In log
>>> I
>>>> have:
>>>> Feb 23 06:46:49 vps301 postfix/smtps/smtpd[24919]: fatal: no SASL
>>>> authentication mechanisms
>>>> Feb 23 06:47:50 vps301 postfix/smtps/smtpd[24942]: fatal: no SASL
>>>> authentication mechanisms
>>>
>>> I suspect it is not permitted to have # comments in dovecot conf files
>>> except on a line of their own, though I admit I can't find this
>>> documented. Try removing '#added cram-md5' or putting it on a line of
>>> its own.
>>>
>>
>>
>>
>> --
>>
>> *Pozdrawiam / Best Regards*
>> *Piotr Bracha*
>>
>>
>>
>>
>> *tel. 534 555 877*
>>
>> *[hidden email] <[hidden email]>*
>>
>
>
>




--
Pozdrawiam / Best Regards
Piotr Bracha



tel. 534 555 877
[hidden email]



--
Pozdrawiam / Best Regards
Piotr Bracha



tel. 534 555 877
[hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: dovecot cram-md5 setting break sending emails

Wilfried.Essig@Essignetz.de
In reply to this post by Poliman - Serwis
Am 23.02.2017 um 09:59 schrieb Poliman - Serwis:
> Ok, so I added in main.cf at the bottom of the file the line:
> debug_peer_list = 127.0.0.1,93.X.X.31

Only for shure: you didn't really wrote "X" in main.cf?

> and in master.cf (set 'n' in chroot column):
> submission inet n       -       n       -       -       smtpd
> smtps     inet  n       -       n       -       -       smtpd
>
> What is next step?

Next steps :
- try sending mails
- looking up the logs (for finding error or to make shure you didn't
open your system up completely)


Willi

>
> 2017-02-23 9:42 GMT+01:00 [hidden email] <
> [hidden email]>:
>
>> Hi,
>>
>>
>> would suggest :
>> - Try turning off chroot operation in master.cf
>> - Verbose logging for specific SMTP connections
>> (see http://www.postfix.org/DEBUG_README.html)
>>
>>
>> Willi
>>
>>
>> Am 23.02.2017 um 09:21 schrieb Poliman - Serwis:
>>> Hmm. I think that above is not working. Probably I tried sent email too
>>> fast after restart dovecot and new settings weren't loaded.
>>>
>>> 2017-02-23 9:18 GMT+01:00 Poliman - Serwis <[hidden email]>:
>>>
>>>> By the way I did some test. I removed cram-md5 from auth_mechanisms line
>>>> and I uncommented default lines in passdb block and also left
>> uncommented
>>>> two lines added by me like below:
>>>> auth_mechanisms = plain login
>>>>
>>>> passdb {
>>>>   args = /etc/dovecot/dovecot-sql.conf
>>>>   driver = sql
>>>>    driver = passwd-file
>>>>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>>> }
>>>>
>>>> I can send emails but I have no idea which setting is used - these two
>>>> lines:
>>>>   args = /etc/dovecot/dovecot-sql.conf
>>>>   driver = sql
>>>>
>>>> or these
>>>>    driver = passwd-file
>>>>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>>>
>>>> 2017-02-23 8:17 GMT+01:00 Dominic Raferd <[hidden email]>:
>>>>
>>>>> On 23 February 2017 at 07:01, Poliman - Serwis <[hidden email]>
>> wrote:
>>>>>> ...
>>>>>> All worked fine. Then I added in dovecot.conf file:
>>>>>> auth_mechanisms = plain login cram-md5 #added cram-md5
>>>>>>
>>>>>> passdb {
>>>>>>   #args = /etc/dovecot/dovecot-sql.conf
>>>>>>   #driver = sql
>>>>>>    driver = passwd-file
>>>>>>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>>>>> }
>>>>>>
>>>>>> In passdb block commented out default lines and add two (I can put
>> whole
>>>>>> dovecot config). All things still worked fine. Then - in dovecot.conf
>>>>> file I
>>>>>> changed back setting to default. After this I can't send emails. In
>> log
>>>>> I
>>>>>> have:
>>>>>> Feb 23 06:46:49 vps301 postfix/smtps/smtpd[24919]: fatal: no SASL
>>>>>> authentication mechanisms
>>>>>> Feb 23 06:47:50 vps301 postfix/smtps/smtpd[24942]: fatal: no SASL
>>>>>> authentication mechanisms
>>>>>
>>>>> I suspect it is not permitted to have # comments in dovecot conf files
>>>>> except on a line of their own, though I admit I can't find this
>>>>> documented. Try removing '#added cram-md5' or putting it on a line of
>>>>> its own.
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>>
>>>> *Pozdrawiam / Best Regards*
>>>> *Piotr Bracha*
>>>>
>>>>
>>>>
>>>>
>>>> *tel. 534 555 877*
>>>>
>>>> *[hidden email] <[hidden email]>*
>>>>
>>>
>>>
>>>
>>
>>
>
>

Reply | Threaded
Open this post in threaded view
|

Re: dovecot cram-md5 setting break sending emails

Dominic Raferd
In reply to this post by Poliman - Serwis
On 23/02/2017 09:06, Poliman - Serwis wrote:
I also turned on verbose log in dovecot and below is output in mail.log:
Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]: xsasl_dovecot_server_connect: auth reply: DONE
Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]: xsasl_dovecot_server_mech_filter: skip mechanism: PLAIN
Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]: xsasl_dovecot_server_mech_filter: skip mechanism: LOGIN
Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]: fatal: no SASL authentication mechanisms
Feb 23 10:03:52 vps342401 postfix/master[25124]: warning: process /usr/lib/postfix/smtpd pid 3640 exit status 1
Feb 23 10:03:52 vps342401 postfix/master[25124]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max connection rate 27/60s for (submission:54.175.125.239) at Feb 23 09:58:20
Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max connection count 1 for (submission:54.175.125.239) at Feb 23 09:58:08
Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max message rate 1/60s for (<a class="moz-txt-link-freetext" href="smtps:93.X.X.31">smtps:93.X.X.31) at Feb 23 10:00:37
Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max cache size 3 at Feb 23 09:58:21

These seem to be from postfix, not from dovecot. You can get more info from dovecot by enabling debug_log_path = path/to/debug/log and by ensuring that the changes you've made to the configuration are actually seen by dovecot. The easiest way to verify what dovecot is actually using at runtime is the doveconf command, dovecot -a will show you these values. Are you using fail2ban? (suggestions cribbed from http://serverfault.com/questions/588391/how-to-get-doveconf-to-reload-its-config-or-read-from-etc-dovecot)
Reply | Threaded
Open this post in threaded view
|

Re: dovecot cram-md5 setting break sending emails

Poliman - Serwis
In reply to this post by Wilfried.Essig@Essignetz.de
Hehe I didn't put there X, only here for public place. ;) I sent emails but it not working when I do in dovecot.conf file (which is default settings):
auth_mechanisms = plain login
passdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
  # driver = passwd-file
  # args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
}

I can send emails when I set in dovecot.conf file:
auth_mechanisms = plain login cram-md5

passdb {
  #args = /etc/dovecot/dovecot-sql.conf
  #driver = sql
   driver = passwd-file
   args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
}



2017-02-23 10:08 GMT+01:00 [hidden email] <[hidden email]>:
Am 23.02.2017 um 09:59 schrieb Poliman - Serwis:
> Ok, so I added in main.cf at the bottom of the file the line:
> debug_peer_list = 127.0.0.1,93.X.X.31

Only for shure: you didn't really wrote "X" in main.cf?

> and in master.cf (set 'n' in chroot column):
> submission inet n       -       n       -       -       smtpd
> smtps     inet  n       -       n       -       -       smtpd
>
> What is next step?

Next steps :
- try sending mails
- looking up the logs (for finding error or to make shure you didn't
open your system up completely)


Willi

>
> 2017-02-23 9:42 GMT+01:00 [hidden email] <
> [hidden email]>:
>
>> Hi,
>>
>>
>> would suggest :
>> - Try turning off chroot operation in master.cf
>> - Verbose logging for specific SMTP connections
>> (see http://www.postfix.org/DEBUG_README.html)
>>
>>
>> Willi
>>
>>
>> Am 23.02.2017 um 09:21 schrieb Poliman - Serwis:
>>> Hmm. I think that above is not working. Probably I tried sent email too
>>> fast after restart dovecot and new settings weren't loaded.
>>>
>>> 2017-02-23 9:18 GMT+01:00 Poliman - Serwis <[hidden email]>:
>>>
>>>> By the way I did some test. I removed cram-md5 from auth_mechanisms line
>>>> and I uncommented default lines in passdb block and also left
>> uncommented
>>>> two lines added by me like below:
>>>> auth_mechanisms = plain login
>>>>
>>>> passdb {
>>>>   args = /etc/dovecot/dovecot-sql.conf
>>>>   driver = sql
>>>>    driver = passwd-file
>>>>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>>> }
>>>>
>>>> I can send emails but I have no idea which setting is used - these two
>>>> lines:
>>>>   args = /etc/dovecot/dovecot-sql.conf
>>>>   driver = sql
>>>>
>>>> or these
>>>>    driver = passwd-file
>>>>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>>>
>>>> 2017-02-23 8:17 GMT+01:00 Dominic Raferd <[hidden email]>:
>>>>
>>>>> On 23 February 2017 at 07:01, Poliman - Serwis <[hidden email]>
>> wrote:
>>>>>> ...
>>>>>> All worked fine. Then I added in dovecot.conf file:
>>>>>> auth_mechanisms = plain login cram-md5 #added cram-md5
>>>>>>
>>>>>> passdb {
>>>>>>   #args = /etc/dovecot/dovecot-sql.conf
>>>>>>   #driver = sql
>>>>>>    driver = passwd-file
>>>>>>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>>>>> }
>>>>>>
>>>>>> In passdb block commented out default lines and add two (I can put
>> whole
>>>>>> dovecot config). All things still worked fine. Then - in dovecot.conf
>>>>> file I
>>>>>> changed back setting to default. After this I can't send emails. In
>> log
>>>>> I
>>>>>> have:
>>>>>> Feb 23 06:46:49 vps301 postfix/smtps/smtpd[24919]: fatal: no SASL
>>>>>> authentication mechanisms
>>>>>> Feb 23 06:47:50 vps301 postfix/smtps/smtpd[24942]: fatal: no SASL
>>>>>> authentication mechanisms
>>>>>
>>>>> I suspect it is not permitted to have # comments in dovecot conf files
>>>>> except on a line of their own, though I admit I can't find this
>>>>> documented. Try removing '#added cram-md5' or putting it on a line of
>>>>> its own.
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>>
>>>> *Pozdrawiam / Best Regards*
>>>> *Piotr Bracha*
>>>>
>>>>
>>>>
>>>>
>>>> *tel. 534 555 877*
>>>>
>>>> *[hidden email] <[hidden email]>*
>>>>
>>>
>>>
>>>
>>
>>
>
>




--
Pozdrawiam / Best Regards
Piotr Bracha



tel. 534 555 877
[hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: dovecot cram-md5 setting break sending emails

Poliman - Serwis
In reply to this post by Dominic Raferd
Strange thing, I can't send emails when I do in dovecot.conf file (which is default settings):
auth_mechanisms = plain login
passdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
  # driver = passwd-file
  # args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
}

I can send emails when I set in dovecot.conf file:

auth_mechanisms = plain login cram-md5

passdb {
  #args = /etc/dovecot/dovecot-sql.conf
  #driver = sql
   driver = passwd-file
   args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
}

Besides in dovecot.conf file I added:
auth_debug=yes
auth_verbose=yes

I attach file with dovecot -a output.

2017-02-23 10:11 GMT+01:00 Dominic Raferd <[hidden email]>:
On 23/02/2017 09:06, Poliman - Serwis wrote:
I also turned on verbose log in dovecot and below is output in mail.log:
Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]: xsasl_dovecot_server_connect: auth reply: DONE
Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]: xsasl_dovecot_server_mech_filter: skip mechanism: PLAIN
Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]: xsasl_dovecot_server_mech_filter: skip mechanism: LOGIN
Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]: fatal: no SASL authentication mechanisms
Feb 23 10:03:52 vps342401 postfix/master[25124]: warning: process /usr/lib/postfix/smtpd pid 3640 exit status 1
Feb 23 10:03:52 vps342401 postfix/master[25124]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max connection rate 27/60s for (submission:54.175.125.239) at Feb 23 09:58:20
Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max connection count 1 for (submission:54.175.125.239) at Feb 23 09:58:08
Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max message rate 1/60s for (smtps:93.X.X.31) at Feb 23 10:00:37
Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max cache size 3 at Feb 23 09:58:21

These seem to be from postfix, not from dovecot. You can get more info from dovecot by enabling debug_log_path = path/to/debug/log and by ensuring that the changes you've made to the configuration are actually seen by dovecot. The easiest way to verify what dovecot is actually using at runtime is the doveconf command, dovecot -a will show you these values. Are you using fail2ban? (suggestions cribbed from http://serverfault.com/questions/588391/how-to-get-doveconf-to-reload-its-config-or-read-from-etc-dovecot)



--
Pozdrawiam / Best Regards
Piotr Bracha



tel. 534 555 877
[hidden email]

dovecot -a.txt (26K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: dovecot cram-md5 setting break sending emails

Wilfried.Essig@Essignetz.de
In reply to this post by Poliman - Serwis


Am 23.02.2017 um 10:06 schrieb Poliman - Serwis:
> I also turned on verbose log in dovecot and below is output in mail.log:
> Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]:
> xsasl_dovecot_server_connect: auth reply: DONE
> Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]:
> xsasl_dovecot_server_mech_filter: skip mechanism: PLAIN
> Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]:
> xsasl_dovecot_server_mech_filter: skip mechanism: LOGIN
> Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]: fatal: no SASL
> authentication mechanisms
I'm no dovecot brain - but there is cram-md5 missing.


Seems to less loglines for debug_peer_list active. Did you reload postfix?

Can you also add the postfix loglines according to the sending client?


Willi


> Feb 23 10:03:52 vps342401 postfix/master[25124]: warning: process
> /usr/lib/postfix/smtpd pid 3640 exit status 1
> Feb 23 10:03:52 vps342401 postfix/master[25124]: warning:
> /usr/lib/postfix/smtpd: bad command startup -- throttling
> Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max connection
> rate 27/60s for (submission:54.175.125.239) at Feb 23 09:58:20
> Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max connection
> count 1 for (submission:54.175.125.239) at Feb 23 09:58:08
> Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max message rate
> 1/60s for (smtps:93.X.X.31) at Feb 23 10:00:37
> Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max cache size 3
> at Feb 23 09:58:21
>
>
> 2017-02-23 9:59 GMT+01:00 Poliman - Serwis <[hidden email]>:
>
>> Ok, so I added in main.cf at the bottom of the file the line:
>> debug_peer_list = 127.0.0.1,93.X.X.31
>>
>> and in master.cf (set 'n' in chroot column):
>> submission inet n       -       n       -       -       smtpd
>> smtps     inet  n       -       n       -       -       smtpd
>>
>> What is next step?
>>
>> 2017-02-23 9:42 GMT+01:00 [hidden email] <
>> [hidden email]>:
>>
>>> Hi,
>>>
>>>
>>> would suggest :
>>> - Try turning off chroot operation in master.cf
>>> - Verbose logging for specific SMTP connections
>>> (see http://www.postfix.org/DEBUG_README.html)
>>>
>>>
>>> Willi
>>>
>>>
>>> Am 23.02.2017 um 09:21 schrieb Poliman - Serwis:
>>>> Hmm. I think that above is not working. Probably I tried sent email too
>>>> fast after restart dovecot and new settings weren't loaded.
>>>>
>>>> 2017-02-23 9:18 GMT+01:00 Poliman - Serwis <[hidden email]>:
>>>>
>>>>> By the way I did some test. I removed cram-md5 from auth_mechanisms
>>> line
>>>>> and I uncommented default lines in passdb block and also left
>>> uncommented
>>>>> two lines added by me like below:
>>>>> auth_mechanisms = plain login
>>>>>
>>>>> passdb {
>>>>>   args = /etc/dovecot/dovecot-sql.conf
>>>>>   driver = sql
>>>>>    driver = passwd-file
>>>>>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>>>> }
>>>>>
>>>>> I can send emails but I have no idea which setting is used - these two
>>>>> lines:
>>>>>   args = /etc/dovecot/dovecot-sql.conf
>>>>>   driver = sql
>>>>>
>>>>> or these
>>>>>    driver = passwd-file
>>>>>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>>>>
>>>>> 2017-02-23 8:17 GMT+01:00 Dominic Raferd <[hidden email]>:
>>>>>
>>>>>> On 23 February 2017 at 07:01, Poliman - Serwis <[hidden email]>
>>> wrote:
>>>>>>> ...
>>>>>>> All worked fine. Then I added in dovecot.conf file:
>>>>>>> auth_mechanisms = plain login cram-md5 #added cram-md5
>>>>>>>
>>>>>>> passdb {
>>>>>>>   #args = /etc/dovecot/dovecot-sql.conf
>>>>>>>   #driver = sql
>>>>>>>    driver = passwd-file
>>>>>>>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>>>>>> }
>>>>>>>
>>>>>>> In passdb block commented out default lines and add two (I can put
>>> whole
>>>>>>> dovecot config). All things still worked fine. Then - in dovecot.conf
>>>>>> file I
>>>>>>> changed back setting to default. After this I can't send emails. In
>>> log
>>>>>> I
>>>>>>> have:
>>>>>>> Feb 23 06:46:49 vps301 postfix/smtps/smtpd[24919]: fatal: no SASL
>>>>>>> authentication mechanisms
>>>>>>> Feb 23 06:47:50 vps301 postfix/smtps/smtpd[24942]: fatal: no SASL
>>>>>>> authentication mechanisms
>>>>>>
>>>>>> I suspect it is not permitted to have # comments in dovecot conf files
>>>>>> except on a line of their own, though I admit I can't find this
>>>>>> documented. Try removing '#added cram-md5' or putting it on a line of
>>>>>> its own.
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>>
>>>>> *Pozdrawiam / Best Regards*
>>>>> *Piotr Bracha*
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> *tel. 534 555 877*
>>>>>
>>>>> *[hidden email] <[hidden email]>*
>>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>> --
>>
>> *Pozdrawiam / Best Regards*
>> *Piotr Bracha*
>>
>>
>>
>>
>> *tel. 534 555 877*
>>
>> *[hidden email] <[hidden email]>*
>>
>
>
>

Reply | Threaded
Open this post in threaded view
|

Re: dovecot cram-md5 setting break sending emails

Poliman - Serwis
Yes, You have right. These logs show when I setup default lines in dovecot.conf:
auth_mechanisms = plain login
passdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
  # driver = passwd-file
  # args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
}

I can send emails (and then no errors/warnings on logs) when I have (these are custom settings from tutorial https://wiki2.dovecot.org/HowTo/CRAM-MD5)
auth_mechanisms = plain login cram-md5
passdb {
  #args = /etc/dovecot/dovecot-sql.conf
  #driver = sql
   driver = passwd-file
   args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
}

Yes, I reloaded postfix like author said in documentation to which You put link. Dovecot/postfix log lines are in main.log and mail.err files on ubuntu. I paste all what I have there.

2017-02-23 10:17 GMT+01:00 [hidden email] <[hidden email]>:


Am 23.02.2017 um 10:06 schrieb Poliman - Serwis:
> I also turned on verbose log in dovecot and below is output in mail.log:
> Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]:
> xsasl_dovecot_server_connect: auth reply: DONE
> Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]:
> xsasl_dovecot_server_mech_filter: skip mechanism: PLAIN
> Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]:
> xsasl_dovecot_server_mech_filter: skip mechanism: LOGIN
> Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]: fatal: no SASL
> authentication mechanisms
I'm no dovecot brain - but there is cram-md5 missing.


Seems to less loglines for debug_peer_list active. Did you reload postfix?

Can you also add the postfix loglines according to the sending client?


Willi


> Feb 23 10:03:52 vps342401 postfix/master[25124]: warning: process
> /usr/lib/postfix/smtpd pid 3640 exit status 1
> Feb 23 10:03:52 vps342401 postfix/master[25124]: warning:
> /usr/lib/postfix/smtpd: bad command startup -- throttling
> Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max connection
> rate 27/60s for (submission:54.175.125.239) at Feb 23 09:58:20
> Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max connection
> count 1 for (submission:54.175.125.239) at Feb 23 09:58:08
> Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max message rate
> 1/60s for (smtps:93.X.X.31) at Feb 23 10:00:37
> Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max cache size 3
> at Feb 23 09:58:21
>
>
> 2017-02-23 9:59 GMT+01:00 Poliman - Serwis <[hidden email]>:
>
>> Ok, so I added in main.cf at the bottom of the file the line:
>> debug_peer_list = 127.0.0.1,93.X.X.31
>>
>> and in master.cf (set 'n' in chroot column):
>> submission inet n       -       n       -       -       smtpd
>> smtps     inet  n       -       n       -       -       smtpd
>>
>> What is next step?
>>
>> 2017-02-23 9:42 GMT+01:00 [hidden email] <
>> [hidden email]>:
>>
>>> Hi,
>>>
>>>
>>> would suggest :
>>> - Try turning off chroot operation in master.cf
>>> - Verbose logging for specific SMTP connections
>>> (see http://www.postfix.org/DEBUG_README.html)
>>>
>>>
>>> Willi
>>>
>>>
>>> Am 23.02.2017 um 09:21 schrieb Poliman - Serwis:
>>>> Hmm. I think that above is not working. Probably I tried sent email too
>>>> fast after restart dovecot and new settings weren't loaded.
>>>>
>>>> 2017-02-23 9:18 GMT+01:00 Poliman - Serwis <[hidden email]>:
>>>>
>>>>> By the way I did some test. I removed cram-md5 from auth_mechanisms
>>> line
>>>>> and I uncommented default lines in passdb block and also left
>>> uncommented
>>>>> two lines added by me like below:
>>>>> auth_mechanisms = plain login
>>>>>
>>>>> passdb {
>>>>>   args = /etc/dovecot/dovecot-sql.conf
>>>>>   driver = sql
>>>>>    driver = passwd-file
>>>>>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>>>> }
>>>>>
>>>>> I can send emails but I have no idea which setting is used - these two
>>>>> lines:
>>>>>   args = /etc/dovecot/dovecot-sql.conf
>>>>>   driver = sql
>>>>>
>>>>> or these
>>>>>    driver = passwd-file
>>>>>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>>>>
>>>>> 2017-02-23 8:17 GMT+01:00 Dominic Raferd <[hidden email]>:
>>>>>
>>>>>> On 23 February 2017 at 07:01, Poliman - Serwis <[hidden email]>
>>> wrote:
>>>>>>> ...
>>>>>>> All worked fine. Then I added in dovecot.conf file:
>>>>>>> auth_mechanisms = plain login cram-md5 #added cram-md5
>>>>>>>
>>>>>>> passdb {
>>>>>>>   #args = /etc/dovecot/dovecot-sql.conf
>>>>>>>   #driver = sql
>>>>>>>    driver = passwd-file
>>>>>>>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>>>>>> }
>>>>>>>
>>>>>>> In passdb block commented out default lines and add two (I can put
>>> whole
>>>>>>> dovecot config). All things still worked fine. Then - in dovecot.conf
>>>>>> file I
>>>>>>> changed back setting to default. After this I can't send emails. In
>>> log
>>>>>> I
>>>>>>> have:
>>>>>>> Feb 23 06:46:49 vps301 postfix/smtps/smtpd[24919]: fatal: no SASL
>>>>>>> authentication mechanisms
>>>>>>> Feb 23 06:47:50 vps301 postfix/smtps/smtpd[24942]: fatal: no SASL
>>>>>>> authentication mechanisms
>>>>>>
>>>>>> I suspect it is not permitted to have # comments in dovecot conf files
>>>>>> except on a line of their own, though I admit I can't find this
>>>>>> documented. Try removing '#added cram-md5' or putting it on a line of
>>>>>> its own.
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>>
>>>>> *Pozdrawiam / Best Regards*
>>>>> *Piotr Bracha*
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> *tel. 534 555 877*
>>>>>
>>>>> *[hidden email] <[hidden email]>*
>>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>> --
>>
>> *Pozdrawiam / Best Regards*
>> *Piotr Bracha*
>>
>>
>>
>>
>> *tel. 534 555 877*
>>
>> *[hidden email] <[hidden email]>*
>>
>
>
>




--
Pozdrawiam / Best Regards
Piotr Bracha



tel. 534 555 877
[hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: dovecot cram-md5 setting break sending emails

Christian Kivalo
In reply to this post by Poliman - Serwis


On 2017-02-23 10:06, Poliman - Serwis wrote:

> I also turned on verbose log in dovecot and below is output in
> mail.log:
> Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]:
> xsasl_dovecot_server_connect: auth reply: DONE
> Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]:
> xsasl_dovecot_server_mech_filter: skip mechanism: PLAIN
> Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]:
> xsasl_dovecot_server_mech_filter: skip mechanism: LOGIN
> Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]: fatal: no SASL
> authentication mechanisms
 From your postconf -n you disabled the use of mechanisms that use
plaintext password
smtpd_sasl_security_options = noanonymous,noplaintext
smtpd_sasl_tls_security_options = noanonymous,noplaintext
The default for both is "noanonymous" see
http://www.postfix.org/postconf.5.html#smtpd_sasl_security_options
Postfix defaults to use the cyrus sasl implementation with saslauthd and
probably the cram-md5 is module is not installed.
You should be using the dovecot sasl implementation in postfix, from
your postconf -n i don't see that you are using the dovecot sasl
implementation.

In main.cf set (from:
http://www.postfix.org/SASL_README.html#server_sasl_enable ):

smtpd_sasl_type = dovecot

and if you configured the dovecot auth socket in
/var/spool/postfix/private/auth

smtpd_sasl_path = private/auth

from: http://www.postfix.org/SASL_README.html#server_dovecot

> Feb 23 10:03:52 vps342401 postfix/master[25124]: warning: process
> /usr/lib/postfix/smtpd pid 3640 exit status 1
> Feb 23 10:03:52 vps342401 postfix/master[25124]: warning:
> /usr/lib/postfix/smtpd: bad command startup -- throttling
> Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max
> connection rate 27/60s for (submission:54.175.125.239) at Feb 23
> 09:58:20
> Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max
> connection count 1 for (submission:54.175.125.239) at Feb 23 09:58:08
> Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max message
> rate 1/60s for (smtps:93.X.X.31) at Feb 23 10:00:37
> Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max cache
> size 3 at Feb 23 09:58:21
>
> 2017-02-23 9:59 GMT+01:00 Poliman - Serwis <[hidden email]>:
>
>> Ok, so I added in main.cf [3] at the bottom of the file the line:
>> debug_peer_list = 127.0.0.1,93.X.X.31
>>
>> and in master.cf [1] (set 'n' in chroot column):
>> submission inet n       -       n       -       -       smtpd
>> smtps     inet  n       -       n       -       -       smtpd
>>
>> What is next step?
>>
>> 2017-02-23 9:42 GMT+01:00 [hidden email]
>> <[hidden email]>:
>>
>>> Hi,
>>>
>>> would suggest :
>>> - Try turning off chroot operation in master.cf [1]
>>> - Verbose logging for specific SMTP connections
>>> (see http://www.postfix.org/DEBUG_README.html [2])
>>>
>>> Willi
>>>
>>> Am 23.02.2017 um 09:21 schrieb Poliman - Serwis:
>>>> Hmm. I think that above is not working. Probably I tried sent
>>> email too
>>>> fast after restart dovecot and new settings weren't loaded.
>>>>
>>>> 2017-02-23 9:18 GMT+01:00 Poliman - Serwis <[hidden email]>:
>>>>
>>>>> By the way I did some test. I removed cram-md5 from
>>> auth_mechanisms line
>>>>> and I uncommented default lines in passdb block and also left
>>> uncommented
>>>>> two lines added by me like below:
>>>>> auth_mechanisms = plain login
>>>>>
>>>>> passdb {
>>>>> args = /etc/dovecot/dovecot-sql.conf
>>>>> driver = sql
>>>>> driver = passwd-file
>>>>> args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>>>> }
>>>>>
>>>>> I can send emails but I have no idea which setting is used -
>>> these two
>>>>> lines:
>>>>> args = /etc/dovecot/dovecot-sql.conf
>>>>> driver = sql
>>>>>
>>>>> or these
>>>
>>>>> driver = passwd-file
>>>>> args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>>>>
>>>>> 2017-02-23 8:17 GMT+01:00 Dominic Raferd
>>> <[hidden email]>:
>>>>>
>>>>>> On 23 February 2017 at 07:01, Poliman - Serwis
>>> <[hidden email]> wrote:
>>>>>>> ...
>>>>>>> All worked fine. Then I added in dovecot.conf file:
>>>>>>> auth_mechanisms = plain login cram-md5 #added cram-md5
>>>>>>>
>>>>>>> passdb {
>>>>>>> #args = /etc/dovecot/dovecot-sql.conf
>>>>>>> #driver = sql
>>>>>>> driver = passwd-file
>>>>>>> args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
>>>>>>> }
>>>>>>>
>>>>>>> In passdb block commented out default lines and add two (I
>>> can put whole
>>>>>>> dovecot config). All things still worked fine. Then - in
>>> dovecot.conf
>>>>>> file I
>>>>>>> changed back setting to default. After this I can't send
>>> emails. In log
>>>>>> I
>>>>>>> have:
>>>>>>> Feb 23 06:46:49 vps301 postfix/smtps/smtpd[24919]: fatal: no
>>> SASL
>>>>>>> authentication mechanisms
>>>>>>> Feb 23 06:47:50 vps301 postfix/smtps/smtpd[24942]: fatal: no
>>> SASL
>>>>>>> authentication mechanisms
>>>>>>
>>>>>> I suspect it is not permitted to have # comments in dovecot
>>> conf files
>>>>>> except on a line of their own, though I admit I can't find
>>> this
>>>>>> documented. Try removing '#added cram-md5' or putting it on a
>>> line of
>>>>>> its own.
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>>
>>>>> *Pozdrawiam / Best Regards*
>>>>> *Piotr Bracha*
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> *tel. 534 555 877*
>>>>>
>>>>> *[hidden email] <[hidden email]>*
>>>>>
>>>>
>>>>
>>>>
>>
>> --
>>
>> Pozdrawiam / Best Regards
>> _Piotr Bracha_
>>
>> tel. 534 555 877
>> [hidden email]
>
> --
>
> Pozdrawiam / Best Regards
> _Piotr Bracha_
>
> tel. 534 555 877
> [hidden email]
>
>
> Links:
> ------
> [1] http://master.cf
> [2] http://www.postfix.org/DEBUG_README.html
> [3] http://main.cf

--
  Christian Kivalo
Reply | Threaded
Open this post in threaded view
|

Re: dovecot cram-md5 setting break sending emails

Poliman - Serwis
You have right, I added 'noplaintext'. But main thing what I want to get - no cram-md5 in dovecot and ability to send emails. All worked fine until I set in dovecot.conf:
auth_mechanisms = plain login cram-md5
passdb {
  #args = /etc/dovecot/dovecot-sql.conf
  #driver = sql
   driver = passwd-file
   args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
}

Where default is:
auth_mechanisms = plain login
passdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
  # driver = passwd-file
  # args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
}

and after I checked that sending emails worked I set again default settings in dovecot.conf. After this change I can't send emails.

2017-02-23 10:24 GMT+01:00 Christian Kivalo <[hidden email]>:


On 2017-02-23 10:06, Poliman - Serwis wrote:
I also turned on verbose log in dovecot and below is output in
mail.log:
Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]:
xsasl_dovecot_server_connect: auth reply: DONE
Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]:
xsasl_dovecot_server_mech_filter: skip mechanism: PLAIN
Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]:
xsasl_dovecot_server_mech_filter: skip mechanism: LOGIN
Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]: fatal: no SASL
authentication mechanisms
From your postconf -n you disabled the use of mechanisms that use plaintext password
smtpd_sasl_security_options = noanonymous,noplaintext
smtpd_sasl_tls_security_options = noanonymous,noplaintext
The default for both is "noanonymous" see http://www.postfix.org/postconf.5.html#smtpd_sasl_security_options
Postfix defaults to use the cyrus sasl implementation with saslauthd and probably the cram-md5 is module is not installed.
You should be using the dovecot sasl implementation in postfix, from your postconf -n i don't see that you are using the dovecot sasl implementation.

In main.cf set (from: http://www.postfix.org/SASL_README.html#server_sasl_enable ):

smtpd_sasl_type = dovecot

and if you configured the dovecot auth socket in /var/spool/postfix/private/auth

smtpd_sasl_path = private/auth

from: http://www.postfix.org/SASL_README.html#server_dovecot
Feb 23 10:03:52 vps342401 postfix/master[25124]: warning: process
/usr/lib/postfix/smtpd pid 3640 exit status 1
Feb 23 10:03:52 vps342401 postfix/master[25124]: warning:
/usr/lib/postfix/smtpd: bad command startup -- throttling
Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max
connection rate 27/60s for (submission:54.175.125.239) at Feb 23
09:58:20
Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max
connection count 1 for (submission:54.175.125.239) at Feb 23 09:58:08
Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max message
rate 1/60s for (smtps:93.X.X.31) at Feb 23 10:00:37
Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max cache
size 3 at Feb 23 09:58:21

2017-02-23 9:59 GMT+01:00 Poliman - Serwis <[hidden email]>:

Ok, so I added in main.cf [3] at the bottom of the file the line:
debug_peer_list = 127.0.0.1,93.X.X.31

and in master.cf [1] (set 'n' in chroot column):
submission inet n       -       n       -       -       smtpd
smtps     inet  n       -       n       -       -       smtpd

What is next step?

2017-02-23 9:42 GMT+01:00 [hidden email]
<[hidden email]>:

Hi,

would suggest :
- Try turning off chroot operation in master.cf [1]
- Verbose logging for specific SMTP connections
(see http://www.postfix.org/DEBUG_README.html [2])


Willi

Am 23.02.2017 um 09:21 schrieb Poliman - Serwis:
Hmm. I think that above is not working. Probably I tried sent
email too
fast after restart dovecot and new settings weren't loaded.

2017-02-23 9:18 GMT+01:00 Poliman - Serwis <[hidden email]>:

By the way I did some test. I removed cram-md5 from
auth_mechanisms line
and I uncommented default lines in passdb block and also left
uncommented
two lines added by me like below:
auth_mechanisms = plain login

passdb {
args = /etc/dovecot/dovecot-sql.conf
driver = sql
driver = passwd-file
args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
}

I can send emails but I have no idea which setting is used -
these two
lines:
args = /etc/dovecot/dovecot-sql.conf
driver = sql

or these

driver = passwd-file
args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd

2017-02-23 8:17 GMT+01:00 Dominic Raferd
<[hidden email]>:

On 23 February 2017 at 07:01, Poliman - Serwis
<[hidden email]> wrote:
...
All worked fine. Then I added in dovecot.conf file:
auth_mechanisms = plain login cram-md5 #added cram-md5

passdb {
#args = /etc/dovecot/dovecot-sql.conf
#driver = sql
driver = passwd-file
args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
}

In passdb block commented out default lines and add two (I
can put whole
dovecot config). All things still worked fine. Then - in
dovecot.conf
file I
changed back setting to default. After this I can't send
emails. In log
I
have:
Feb 23 06:46:49 vps301 postfix/smtps/smtpd[24919]: fatal: no
SASL
authentication mechanisms
Feb 23 06:47:50 vps301 postfix/smtps/smtpd[24942]: fatal: no
SASL
authentication mechanisms

I suspect it is not permitted to have # comments in dovecot
conf files
except on a line of their own, though I admit I can't find
this
documented. Try removing '#added cram-md5' or putting it on a
line of
its own.




--

*Pozdrawiam / Best Regards*
*Piotr Bracha*




*tel. 534 555 877*

*[hidden email] <[hidden email]>*





--

Pozdrawiam / Best Regards
_Piotr Bracha_

tel. 534 555 877
[hidden email]

--

Pozdrawiam / Best Regards
_Piotr Bracha_

tel. 534 555 877
[hidden email]


Links:
------
[1] http://master.cf
[2] http://www.postfix.org/DEBUG_README.html
[3] http://main.cf

--
 Christian Kivalo



--
Pozdrawiam / Best Regards
Piotr Bracha



tel. 534 555 877
[hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: dovecot cram-md5 setting break sending emails

Poliman - Serwis
And in main.cf I have default setting (after installation it was as below):
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth

Is it possible that dovecot not see these two?

2017-02-23 10:30 GMT+01:00 Poliman - Serwis <[hidden email]>:
You have right, I added 'noplaintext'. But main thing what I want to get - no cram-md5 in dovecot and ability to send emails. All worked fine until I set in dovecot.conf:
auth_mechanisms = plain login cram-md5
passdb {
  #args = /etc/dovecot/dovecot-sql.conf
  #driver = sql
   driver = passwd-file
   args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
}

Where default is:
auth_mechanisms = plain login
passdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
  # driver = passwd-file
  # args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
}

and after I checked that sending emails worked I set again default settings in dovecot.conf. After this change I can't send emails.

2017-02-23 10:24 GMT+01:00 Christian Kivalo <[hidden email]>:


On 2017-02-23 10:06, Poliman - Serwis wrote:
I also turned on verbose log in dovecot and below is output in
mail.log:
Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]:
xsasl_dovecot_server_connect: auth reply: DONE
Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]:
xsasl_dovecot_server_mech_filter: skip mechanism: PLAIN
Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]:
xsasl_dovecot_server_mech_filter: skip mechanism: LOGIN
Feb 23 10:03:51 vps342401 postfix/smtps/smtpd[3640]: fatal: no SASL
authentication mechanisms
From your postconf -n you disabled the use of mechanisms that use plaintext password
smtpd_sasl_security_options = noanonymous,noplaintext
smtpd_sasl_tls_security_options = noanonymous,noplaintext
The default for both is "noanonymous" see http://www.postfix.org/postconf.5.html#smtpd_sasl_security_options
Postfix defaults to use the cyrus sasl implementation with saslauthd and probably the cram-md5 is module is not installed.
You should be using the dovecot sasl implementation in postfix, from your postconf -n i don't see that you are using the dovecot sasl implementation.

In main.cf set (from: http://www.postfix.org/SASL_README.html#server_sasl_enable ):

smtpd_sasl_type = dovecot

and if you configured the dovecot auth socket in /var/spool/postfix/private/auth

smtpd_sasl_path = private/auth

from: http://www.postfix.org/SASL_README.html#server_dovecot
Feb 23 10:03:52 vps342401 postfix/master[25124]: warning: process
/usr/lib/postfix/smtpd pid 3640 exit status 1
Feb 23 10:03:52 vps342401 postfix/master[25124]: warning:
/usr/lib/postfix/smtpd: bad command startup -- throttling
Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max
connection rate 27/60s for (submission:54.175.125.239) at Feb 23
09:58:20
Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max
connection count 1 for (submission:54.175.125.239) at Feb 23 09:58:08
Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max message
rate 1/60s for (smtps:93.X.X.31) at Feb 23 10:00:37
Feb 23 10:04:12 vps342401 postfix/anvil[3328]: statistics: max cache
size 3 at Feb 23 09:58:21

2017-02-23 9:59 GMT+01:00 Poliman - Serwis <[hidden email]>:

Ok, so I added in main.cf [3] at the bottom of the file the line:
debug_peer_list = 127.0.0.1,93.X.X.31

and in master.cf [1] (set 'n' in chroot column):
submission inet n       -       n       -       -       smtpd
smtps     inet  n       -       n       -       -       smtpd

What is next step?

2017-02-23 9:42 GMT+01:00 [hidden email]
<[hidden email]>:

Hi,

would suggest :
- Try turning off chroot operation in master.cf [1]
- Verbose logging for specific SMTP connections
(see http://www.postfix.org/DEBUG_README.html [2])


Willi

Am 23.02.2017 um 09:21 schrieb Poliman - Serwis:
Hmm. I think that above is not working. Probably I tried sent
email too
fast after restart dovecot and new settings weren't loaded.

2017-02-23 9:18 GMT+01:00 Poliman - Serwis <[hidden email]>:

By the way I did some test. I removed cram-md5 from
auth_mechanisms line
and I uncommented default lines in passdb block and also left
uncommented
two lines added by me like below:
auth_mechanisms = plain login

passdb {
args = /etc/dovecot/dovecot-sql.conf
driver = sql
driver = passwd-file
args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
}

I can send emails but I have no idea which setting is used -
these two
lines:
args = /etc/dovecot/dovecot-sql.conf
driver = sql

or these

driver = passwd-file
args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd

2017-02-23 8:17 GMT+01:00 Dominic Raferd
<[hidden email]>:

On 23 February 2017 at 07:01, Poliman - Serwis
<[hidden email]> wrote:
...
All worked fine. Then I added in dovecot.conf file:
auth_mechanisms = plain login cram-md5 #added cram-md5

passdb {
#args = /etc/dovecot/dovecot-sql.conf
#driver = sql
driver = passwd-file
args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
}

In passdb block commented out default lines and add two (I
can put whole
dovecot config). All things still worked fine. Then - in
dovecot.conf
file I
changed back setting to default. After this I can't send
emails. In log
I
have:
Feb 23 06:46:49 vps301 postfix/smtps/smtpd[24919]: fatal: no
SASL
authentication mechanisms
Feb 23 06:47:50 vps301 postfix/smtps/smtpd[24942]: fatal: no
SASL
authentication mechanisms

I suspect it is not permitted to have # comments in dovecot
conf files
except on a line of their own, though I admit I can't find
this
documented. Try removing '#added cram-md5' or putting it on a
line of
its own.




--

*Pozdrawiam / Best Regards*
*Piotr Bracha*




*tel. 534 555 877*

*[hidden email] <[hidden email]>*





--

Pozdrawiam / Best Regards
_Piotr Bracha_

tel. 534 555 877
[hidden email]

--

Pozdrawiam / Best Regards
_Piotr Bracha_

tel. 534 555 877
[hidden email]


Links:
------
[1] http://master.cf
[2] http://www.postfix.org/DEBUG_README.html
[3] http://main.cf

--
 Christian Kivalo



--
Pozdrawiam / Best Regards
Piotr Bracha



tel. 534 555 877
[hidden email]



--
Pozdrawiam / Best Regards
Piotr Bracha



tel. 534 555 877
[hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: dovecot cram-md5 setting break sending emails

Wilfried.Essig@Essignetz.de
In reply to this post by Poliman - Serwis
I wonderd about how dovecot would deside, which "args" belongs to wich
"driver" line. So looked over
http://wiki.dovecot.org/Authentication/MultipleDatabases.

Possibly you should write something like:

passdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
}

passdb {
   driver = passwd-file
   args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
}


Willi


Am 23.02.2017 um 10:30 schrieb Poliman - Serwis:

> You have right, I added 'noplaintext'. But main thing what I want to get -
> no cram-md5 in dovecot and ability to send emails. All worked fine until I
> set in dovecot.conf:
> auth_mechanisms = plain login cram-md5
> passdb {
>   #args = /etc/dovecot/dovecot-sql.conf
>   #driver = sql
>    driver = passwd-file
>    args = scheme=cram-md5 /etc/dovecot/cram-md5.pwd
> }

12