SASL LOGIN authentication failed: Invalid authentication mechanism on Rails using Postfix and Dovecot on Ubuntu 12.10
I migrate from dovecot to the classical configuration.
When I mean classical I mean I followed this 2010 how-to
On Ubuntu 12.10 you have to change /etc/postfix/main.cf
into this one:
myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name
biff = no
append_dot_mydomain = no
readme_directory = no
mydestination =
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mynetworks_style = host
mailbox_size_limit = 0
virtual_mailbox_limit = 0
recipient_delimiter = +
inet_interfaces = all
message_size_limit = 0
# SMTP Authentication (SASL)
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain =
# Encrypted transfer (SSL/TLS)
smtp_use_tls = yes
smtpd_use_tls = yes
smtpd_tls_cert_file=/etc/apache2/ssl/mail.crt
smtpd_tls_key_file=/etc/apache2/ssl/mail.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# Basic SPAM prevention
smtpd_helo_required = yes
smtpd_delay_reject = yes
disable_vrfy_command = yes
smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks,permit
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
# Force incoming mail to go through Amavis
content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings
# Virtual user mappings
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
virtual_mailbox_base = /var/spool/mail/virtual
virtual_mailbox_maps = mysql:/etc/postfix/maps/user.cf
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
virtual_alias_maps = mysql:/etc/postfix/maps/alias.cf
virtual_mailbox_domains = mysql:/etc/postfix/maps/domain.cf
And it works.
guillemhs
Guillem is a Professional Scrum Developer, DevOps advocate, Software Quality Assurance Engineer, Test Automation Engineer and Release Manager Guillem spends the days working on making software more reliable by driving adoption of best practices, standards, and protocols for software development teams. Guillem is specialised in starting and building Scrum and Agile implementations, release management and software quality assurance. Guillem has an extensive knowledge on automated testing using technology such as Selenium WebDriver and Appium. Guillem has extensive experience with programming in Java, Python and .Net. Guillem is also fully conversant with a number of Development Methods such as Agile, Scrum, Kanban and Lean. He is also an expert on DevOps.
Updated on February 26, 2020Comments
-
guillemhs about 4 years
I have configured an ubuntu 12.10 server with Postfix and Dovecot. Nonetheless, I have SASL Login authentication problem when I try to send emails using a rails web application.
Using RoundCube Webmail, I get this log when I send an email:
Feb 21 21:09:01 ks400054 postfix/qmgr[17883]: 61D4E113: removed Feb 21 21:16:34 ks400054 postfix/smtpd[19157]: connect from ks400054.kimsufi.com[37.59.38.218] Feb 21 21:16:34 ks400054 postfix/smtpd[19157]: 9FA8419: client=ks400054.kimsufi.com[37.59.38.218], sasl_method=CRAM-MD5, [email protected] Feb 21 21:16:34 ks400054 postfix/cleanup[19161]: 9FA8419: message-id=<[email protected]> Feb 21 21:16:34 ks400054 postfix/qmgr[17883]: 9FA8419: from=<[email protected]>, size=723, nrcpt=1 (queue active) Feb 21 21:16:34 ks400054 postfix/smtpd[19157]: disconnect from ks400054.kimsufi.com[37.59.38.218] Feb 21 21:16:35 ks400054 postfix/smtp[19162]: 9FA8419: to=<[email protected]>, relay=gmail-smtp-in.l.google.com[2a00:1450:4013:c01::1b]:25, delay=0.91, delays=0.26/0.02/0.1/0.53, dsn=2.0.0, status=sent (250 2.0.0 OK 1361477795 w41si55958842eel.117 - gsmtp) Feb 21 21:16:35 ks400054 postfix/qmgr[17883]: 9FA8419: removed
However, when I try to send the email using the Rails webapp, I get this log:
Feb 21 21:17:32 ks400054 postfix/smtpd[19157]: connect from ks400054.kimsufi.com[37.59.38.218] Feb 21 21:17:32 ks400054 postfix/smtpd[19157]: warning: ks400054.kimsufi.com[37.59.38.218]: SASL LOGIN authentication failed: Invalid authentication mechanism Feb 21 21:17:32 ks400054 postfix/smtpd[19157]: lost connection after AUTH from ks400054.kimsufi.com[37.59.38.218] Feb 21 21:17:32 ks400054 postfix/smtpd[19157]: disconnect from ks400054.kimsufi.com[37.59.38.218] Feb 21 21:17:33 ks400054 postfix/smtpd[19157]: connect from ks400054.kimsufi.com[37.59.38.218] Feb 21 21:17:33 ks400054 postfix/smtpd[19157]: warning: ks400054.kimsufi.com[37.59.38.218]: SASL LOGIN authentication failed: Invalid authentication mechanism Feb 21 21:17:33 ks400054 postfix/smtpd[19157]: lost connection after AUTH from ks400054.kimsufi.com[37.59.38.218] Feb 21 21:17:33 ks400054 postfix/smtpd[19157]: disconnect from ks400054.kimsufi.com[37.59.38.218]
My Postfix main.cf file is as follows:
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu/GNU) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h myhostname = localhost alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = $myhostname mynetworks = 127.0.0.0/8, 10.0.0.0/24 mailbox_size_limit = 0 home_mailbox = Maildir/ virtual_alias_maps = hash:/etc/postfix/virtual virtual_mailbox_domains = /etc/postfix/vhosts virtual_mailbox_base = /var/vmail virtual_mailbox_maps = hash:/etc/postfix/vmaps virtual_minimum_uid = 1000 virtual_uid_maps = static:5000 virtual_gid_maps = static:5000 recipient_bcc_maps = hash:/etc/postfix/recipient_bcc recipient_delimiter = + inet_interfaces = all smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noplaintext,noanonymous smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth-client virtual_transport=dovecot dovecot_destination_recipient_limit=1
My Postfix master.cf file is as follows:
# # # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master"). # # Do not forget to execute "postfix reload" after editing this file. # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - - - - smtpd smtps inet n - - - - smtpd -o smtpd_tls_wrappermode=yes submission inet n - - - - smtpd pickup fifo n - - 60 1 pickup -o content_filter= -o receive_override_options=no_header_body_checks cleanup unix n - - - 0 cleanup qmgr fifo n - n 300 1 qmgr tlsmgr unix - - - 1000? 1 tlsmgr rewrite unix - - - - - trivial-rewrite bounce unix - - - - 0 bounce defer unix - - - - 0 bounce trace unix - - - - 0 bounce verify unix - - - - 1 verify flush unix n - - 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - - - - smtp # When relaying mail as backup MX, disable fallback_relay to avoid MX loops relay unix - - - - - smtp -o smtp_fallback_relay= showq unix n - - - - showq error unix - - - - - error retry unix - - - - - error discard unix - - - - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - - - - lmtp anvil unix - - - - 1 anvil scache unix - - - - 1 scache # # ==================================================================== # Interfaces to non-Postfix software. Be sure to examine the manual # pages of the non-Postfix software to find out what options it wants. # # Many of the following services use the Postfix pipe(8) delivery # agent. See the pipe(8) man page for information about ${recipient} # and other message envelope options. # ==================================================================== # # maildrop. See the Postfix MAILDROP_README file for details. # Also specify in main.cf: maildrop_destination_recipient_limit=1 # maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} # # See the Postfix UUCP_README file for configuration details. # uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) # # Other external delivery methods. # ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient scalemail-backend unix - n n - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} mailman unix - n n - - pipe flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user} amavis unix - - - - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes -o max_use=20 127.0.0.1:10025 inet n - - - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_delay_reject=no -o smtpd_client_restrictions=permit_mynetworks,reject -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o smtpd_data_restrictions=reject_unauth_pipelining -o smtpd_end_of_data_restrictions= -o mynetworks=127.0.0.0/8 -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o smtpd_client_connection_rate_limit=0 -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks # AV scan filter (used by content_filter) scan unix - - n - 16 smtp -o smtp_send_xforward_command=yes # For injecting mail back into postfix from the filter 127.0.0.1:10025 inet n - n - 16 smtpd -o content_filter= -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o smtpd_helo_restrictions= -o smtpd_client_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks_style=host -o smtpd_authorized_xforward_hosts=127.0.0.0/8 dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient}
And my Dovecot configuration file, my dovecot.conf is as follows:
auth_mechanisms = plain cram-md5 auth_verbose = yes base_dir = /var/run/dovecot/ info_log_path = /var/log/dovecot.info log_path = /var/log/dovecot log_timestamp = "%Y-%m-%d %H:%M:%S " mail_location = maildir:/var/vmail/%d/%n passdb { args = /etc/dovecot/passwd driver = passwd-file } protocols = imap pop3 service auth { executable = /usr/lib/dovecot/auth user = root } service imap-login { chroot = login executable = /usr/lib/dovecot/imap-login user = dovecot } service imap { executable = /usr/lib/dovecot/imap } service pop3-login { chroot = login executable = /usr/lib/dovecot/pop3-login user = dovecot } service pop3 { executable = /usr/lib/dovecot/pop3 } ssl = no userdb { args = /etc/dovecot/users driver = passwd-file } valid_chroot_dirs = /var/spool/vmail protocol pop3 { pop3_uidl_format = %08Xu%08Xv } auth default { mechanisms = plain cram-md5 passdb passwd-file { args = /etc/dovecot/passwd } userdb passwd-file { args = /etc/dovecot/users } user = root socket listen { client { # The client socket is generally safe to export to everyone. Typical use # is to export it to your SMTP server so it can do SMTP AUTH lookups # using it. path = /var/spool/postfix/private/auth-client mode = 0660 user = postfix group = postfix } } }
Then, the mail configuration on the Rails app is as follows:
config.action_mailer.smtp_settings = { :address => "ks400054.kimsufi.com" , :port => 25, :domain => "ks400054.kimsufi.com" , :user_name => "[email protected]" , :password => "THE_CORRECT_PASSWORD", :authentication => :cram_md5, :enable_starttls_auto => true, :tls => true }
I don't know why I can not login using the Rails webapp.
What am I missing? Is it something on the configuration?