# Dovecot POP3/IMAP login issue. Please Help!

## TheCarNinja

Right off the bat I need to say this is not a Gentoo box. Its a CentOS box (I miss gentoo) and their forums are very sparsly populated and nearly unresponsive. Unless of course I really want to wait several months for an answer. Plus, I like it here.  :Smile:  That being said, its a dev box that I need to get email properly working on.

Moving on to my desperate need to have this work.

I've set up postfix with mysql and dovecot and through postfixadmin I am able to add working aliases. Postfixadmin can also add mailboxes, however after creating them, I can't log into dovecot to access them. Postfixadmin claims that they are created properly.

The only output I get is from maillog: Jul 14 10:37:30 server imap-login: Aborted login [24.90.103.121]. Thats my IP and this shows up after thunderbird asks me for my password which the server replies that it is incorrect. It asks again and I cancel (since it wont tell me that I'm right) and then the log pops that output. I can't find any other mention of connections etc from clients asking for pop/imap access.

My suspicion is that the issue lies with Dovecot somewhere. Probably in my config which would be the usual way for this to go.

The following is the configuration.

postfix uid/gid is 89.

2.6.9-34.EL #1 i686 i686 i386 GNU/Linux

postfix.i386 2:2.1.5-4.2.RHEL4.mysq installed

mysql.i386 5.0.18-2.1.c4 installed

dovecot.i386 0.99.11-2.EL4.1 installed

```

---begin main.cf ---

queue_directory = /var/spool/postfix

command_directory = /usr/sbin

daemon_directory = /usr/libexec/postfix

mail_owner = postfix

myhostname = server.blah.com

mydomain = blah.com

myorigin = $mydomain

inet_interfaces = all

mydestination = $myhostname, $mydomain, localhost

local_recipient_maps = unix:passwd.byname $alias_maps

unknown_local_recipient_reject_code = 550

mynetworks_style = host

relay_domains = $mydestination

alias_maps = $alias_database

alias_database = hash:/etc/aliases

home_mailbox = Mailbox

mail_spool_directory = /var/spool/mail

smtpd_banner = $myhostname ESMTP $mail_name

biff = no

append_dot_mydomain = no

debug_peer_level = 2

debugger_command =

PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin

xxgdb $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail.postfix

newaliases_path = /usr/bin/newaliases.postfix

mailq_path = /usr/bin/mailq.postfix

setgid_group = postdrop

html_directory = no

manpage_directory = /usr/share/man

sample_directory = /usr/share/doc/postfix-2.1.5/samples

readme_directory = /usr/share/doc/postfix-2.1.5/README_FILES

virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf

virtual_gid_maps = static:89

virtual_mailbox_base = /home/vmail

virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf

virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf

virtual_minimum_uid = 89

virtual_transport = virtual

virtual_uid_maps = static:89

virtual_mailbox_limit = 51200000

broken_sasl_auth_clients = yes

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_destination, reject_unauth_pipelining, reject_invalid_hostname

smtpd_sasl_auth_enable = yes

smtpd_sasl_local_domain = $myhostname

smtpd_sasl_security_options = noanonymous

smtpd_tls_auth_only = no

smtp_use_tls = yes

smtpd_use_tls = yes

smtp_tls_note_starttls_offer = yes

smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key

smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt

smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem

smtpd_tls_loglevel = 1

smtpd_tls_received_header = yes

smtpd_tls_session_cache_timeout = 3600s

tls_random_source = dev:/dev/urandom

---end main.cf ---

```

```

--begin dovecot.conf--

protocols = imap pop3 imaps pop3s

imap_listen = *

pop3_listen = *

ssl_disable = no

login_dir = /var/run/dovecot-login

login = imap

login = pop3

first_valid_uid = 89

default_mail_env = maildir:/home/vmail/%d/%n

mbox_locks = fcntl

auth = default

auth_mechanisms = plain

auth_userdb = mysql /etc/dovecot/dovecot-mysql.conf

auth_passdb = mysql /etc/dovecot/dovecot-mysql.conf

auth_user = root

--end dovecot.conf--

```

```

--begin dovecot-mysql.conf--

db_host = 127.0.0.1

db_port = 3306

db = postfix

db_user = postfixadmin

db_passwd = PASSWORD

db_client_flags = 0

default_pass_scheme = PLAIN

password_query = SELECT password FROM mailbox WHERE username = '%u'

user_query = SELECT maildir, 89 AS uid, 89 AS gid FROM mailbox WHERE username = '%u'

--end dovecot-mysql.conf--

```

Thanks in advance!

----------

## UberLord

dovecot-0.99 is unsupported - anyone on the dovecot mailing list will tell you that.

dovecot-1.0.2-rc2 is proving to be very stable with few outstanding issues. I recommend upgrading if you can.

----------

## Skorgu

Asking for CentOS help on the Gentoo forums...and you call yourself a ninja.  :Wink: 

----------

## TheCarNinja

 *UberLord wrote:*   

> dovecot-0.99 is unsupported - anyone on the dovecot mailing list will tell you that.
> 
> dovecot-1.0.2-rc2 is proving to be very stable with few outstanding issues. I recommend upgrading if you can.

 

Thank you, I'll give that a go. I guess I'll have to get on that mailing list. Man my email is getting full lol.

 *Skorgu wrote:*   

> Asking for CentOS help on the Gentoo forums...and you call yourself a ninja. 

 

I'm a CAR NINJA! Lol, you were really bored at work weren't you. Punk.

----------

## TheCarNinja

I just noticed this output from postfix when I tried to email a user.

```
Jul 17 18:58:41 server postfix/trivial-rewrite[28236]: warning: do not list domain blah.com in BOTH mydestination and virtual_mailbox_domains

Jul 17 18:58:41 server postfix/local[28242]: 3A33510008F: to=<muchogrande@blah.com>, relay=local, delay=0, status=bounced (unknown user: "muchogrande")

```

I'm starting to think that my postfixadmin isn't creating mailboxes in mysql. Suggestions anyone?   :Sad: 

----------

## kashani

Or blah.com being in $mydestination is taking precedence over virtual_domain so that Postfix attempts to deliver to a local user instead of a virtual user. I'd do what the error message says.

kashani

----------

## TheCarNinja

Yeah, that solved ... some of it. I guess the mydomain in main.cf is not supposed to be used with MySQL?

2 more things. 

Dovecot still wont let users log in. No output, other than it logging aborted attempts.

SMTP also wont let users send email.

The following is output from smtp attempts:

```
Jul 18 09:12:58 server postfix/smtpd[9821]: < cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]: AUTH LOGIN

Jul 18 09:12:58 server postfix/smtpd[9821]: smtpd_sasl_authenticate: sasl_method LOGIN

Jul 18 09:12:58 server postfix/smtpd[9821]: smtpd_sasl_authenticate: uncoded challenge: Username:

Jul 18 09:12:58 server postfix/smtpd[9821]: > cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]: 334 VXNlcm5hbWU6

Jul 18 09:12:58 server postfix/smtpd[9821]: < cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]: bXVjaG9ncmFuZGU=

Jul 18 09:12:58 server postfix/smtpd[9821]: smtpd_sasl_authenticate: decoded response: muchogrande

Jul 18 09:12:58 server postfix/smtpd[9821]: smtpd_sasl_authenticate: uncoded challenge: Password:

Jul 18 09:12:58 server postfix/smtpd[9821]: > cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]: 334 UGFzc3dvcmQ6

Jul 18 09:12:59 server postfix/smtpd[9821]: < cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]: dGVzdA==

Jul 18 09:12:59 server postfix/smtpd[9821]: smtpd_sasl_authenticate: decoded response: test

Jul 18 09:12:59 server postfix/smtpd[9821]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory

Jul 18 09:12:59 server postfix/smtpd[9821]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory

Jul 18 09:13:01 server postfix/smtpd[9821]: warning: cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]: SASL LOGIN authentication failed

Jul 18 09:13:01 server postfix/smtpd[9821]: > cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]: 535 Error: authentication failed

```

The password is in fact correct and saslauthd is in fact running. It looks like sasl is using some of its other plugins, and that may be the cause of that error. But then, why is it not authenticating? The virtual tables have been created in mysql, and so have the mailboxes. The mailboxes also recieve email, and yet... 

(Sorry if the solution is a common sense one, I've been working on this box for the last couple of days with a bunch of other stuff and I'm starting to get sick of this issue.)

----------

## kashani

You have not configured sasl to use Mysql. How to configure depends on if you're using dovecot sasl or Cyrus-sasl. 

kashani

----------

## TheCarNinja

Thanks. 

Ok, I think I've configured cyrus-sasl to work with mysql; that error is gone. I also switched over from dovecot to cyrus-imapd trying to get the imap to work. It still doesn't work, but at least the output is better, in the way that I actually have output now.

The following output is from trying to send an email through smtp from thunderbird.

```
Jul 19 10:20:33 server postfix/smtpd[21535]: connect from cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]

Jul 19 10:20:33 server postfix/smtpd[21535]: match_list_match: cpe-24-90-103-234.nyc.res.rr.com: no match

Jul 19 10:20:33 server postfix/smtpd[21535]: match_list_match: 24.90.103.234: no match

Jul 19 10:20:33 server postfix/smtpd[21535]: match_list_match: cpe-24-90-103-234.nyc.res.rr.com: no match

Jul 19 10:20:33 server postfix/smtpd[21535]: match_list_match: 24.90.103.234: no match

Jul 19 10:20:33 server postfix/smtpd[21535]: > cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]: 220 server.blah.com ESMTP Postfix

Jul 19 10:20:33 server postfix/smtpd[21535]: watchdog_pat: 0x94737b8

Jul 19 10:20:33 server postfix/smtpd[21535]: < cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]: EHLO [10.0.0.5]

Jul 19 10:20:33 server postfix/smtpd[21535]: > cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]: 250-server.blah.com

Jul 19 10:20:33 server postfix/smtpd[21535]: > cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]: 250-PIPELINING

Jul 19 10:20:33 server postfix/smtpd[21535]: > cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]: 250-SIZE 10240000

Jul 19 10:20:33 server postfix/smtpd[21535]: > cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]: 250-VRFY

Jul 19 10:20:33 server postfix/smtpd[21535]: > cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]: 250-ETRN

Jul 19 10:20:33 server postfix/smtpd[21535]: > cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]: 250-AUTH LOGIN PLAIN

Jul 19 10:20:33 server postfix/smtpd[21535]: > cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]: 250-AUTH=LOGIN PLAIN

Jul 19 10:20:33 server postfix/smtpd[21535]: match_list_match: cpe-24-90-103-234.nyc.res.rr.com: no match

Jul 19 10:20:33 server postfix/smtpd[21535]: match_list_match: 24.90.103.234: no match

Jul 19 10:20:33 server postfix/smtpd[21535]: > cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]: 250 8BITMIME

Jul 19 10:20:33 server postfix/smtpd[21535]: watchdog_pat: 0x94737b8

Jul 19 10:20:33 server postfix/smtpd[21535]: < cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]: AUTH PLAIN AG11Y2hvZ3JhbmRlAHRlc3Q=

Jul 19 10:20:33 server postfix/smtpd[21535]: smtpd_sasl_authenticate: sasl_method PLAIN, init_response AG11Y2hvZ3JhbmRlAHRlc3Q=

Jul 19 10:20:33 server postfix/smtpd[21535]: smtpd_sasl_authenticate: decoded initial response 

Jul 19 10:20:33 server postfix/smtpd[21535]: warning: SASL authentication failure: Password verification failed

Jul 19 10:20:33 server postfix/smtpd[21535]: warning: cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]: SASL PLAIN authentication failed

Jul 19 10:20:33 server postfix/smtpd[21535]: > cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]: 535 Error: authentication failed

Jul 19 10:20:33 server postfix/smtpd[21535]: watchdog_pat: 0x94737b8

Jul 19 10:20:33 server postfix/smtpd[21535]: < cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]: AUTH LOGIN

Jul 19 10:20:33 server postfix/smtpd[21535]: smtpd_sasl_authenticate: sasl_method LOGIN

Jul 19 10:20:33 server postfix/smtpd[21535]: smtpd_sasl_authenticate: uncoded challenge: Username:

Jul 19 10:20:33 server postfix/smtpd[21535]: > cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]: 334 VXNlcm5hbWU6

Jul 19 10:20:33 server postfix/smtpd[21535]: < cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]: bXVjaG9ncmFuZGU=

Jul 19 10:20:33 server postfix/smtpd[21535]: smtpd_sasl_authenticate: decoded response: muchogrande

Jul 19 10:20:33 server postfix/smtpd[21535]: smtpd_sasl_authenticate: uncoded challenge: Password:

Jul 19 10:20:33 server postfix/smtpd[21535]: > cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]: 334 UGFzc3dvcmQ6

Jul 19 10:20:33 server postfix/smtpd[21535]: < cpe-24-90-103-234.nyc.res.rr.com[24.90.103.234]: dGVzdA==

Jul 19 10:20:33 server postfix/smtpd[21535]: smtpd_sasl_authenticate: decoded response: test

Jul 19 10:20:34 server postfix/master[19309]: warning: process /usr/libexec/postfix/smtpd pid 21535 killed by signal 11

Jul 19 10:20:34 server postfix/master[19309]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling

```

I'm pretty sure that my IP addy is being rejected judging from the match_list_match lines. But I don't understand why smtpd is getting killed... 

This output is an Imap attempt to login:

```
Jul 19 10:44:22 server imap[19319]: accepted connection

Jul 19 10:44:22 server master[22695]: about to exec /usr/lib/cyrus-imapd/imapd

Jul 19 10:44:22 server imap[22695]: executed

Jul 19 10:44:22 server imap[19319]: starttls: TLSv1 with cipher AES256-SHA (256/256 bits reused) no authentication

Jul 19 10:44:26 server imap[19319]: badlogin: cpe-24-90-103-234.nyc.res.rr.com [24.90.103.234] plain [SASL(-13): authentication failure: Password verification failed]

Jul 19 10:44:31 server imap[19319]: badlogin: cpe-24-90-103-234.nyc.res.rr.com [24.90.103.234] plaintext muchogrande SASL(-13): authentication failure: checkpass failed

```

This makes it seem like Cyrus-imapd is using a different database and obviously doesn't have the login/pass or one of the two. I don't know what else to configure for this.

```
#/usr/lib/sasl2/smtpd.conf

pwcheck_method: auxprop

auxprop_plugin: sql

sql_engine: mysql

mech_list: sql plain login

sql_hostnames: localhost

sql_user: postfixadmin

sql_passwd: <<password>>

sql_database: postfix

sql_statement: SELECT clear FROM postfix_smtp WHERE email = '%u@%r'

sql_verbose: yes

```

```
#/etc/imapd.conf

configdirectory: /var/lib/imap

partition-default: /var/spool/imap

#admins: cyrus

sievedir: /var/lib/imap/sieve

sendmail: /usr/sbin/sendmail

sasl_pwcheck_method: saslauthd

sasl_mech_list: PLAIN

postmaster: postmaster

allowanonymouslogin: no

allowplaintext: yes

servername: server.blah.com

autocreatequota: 10000

reject8bit: no

quotawarn: 90

timeout: 30

poptimeout: 10

dracinterval: 0

drachost: localhost

sieve_maxscriptsize: 32

sieve_maxscripts: 5

tls_ca_file: /var/imap/server.pem

tls_cert_file: /var/imap/server.pem

tls_key_file: /var/imap/server.pem

```

```
#/etc/postfix/main.cf          

queue_directory = /var/spool/postfix

command_directory = /usr/sbin

daemon_directory = /usr/libexec/postfix

mail_owner = postfix

myhostname = server.blah.com

myorigin = $mydomain

inet_interfaces = all

#mydestination = $myhostname, $mydomain, localhost

mydestination = $myhostname, localhost, #$mydomain

local_recipient_maps = unix:passwd.byname $alias_maps $virtual_mailbox_maps

unknown_local_recipient_reject_code = 550

mynetworks_style = host

relay_domains = $mydestination

alias_maps = $alias_database

alias_database = hash:/etc/aliases

home_mailbox = Mailbox

mail_spool_directory = /var/spool/mail

mailbox_transport = cyrus

smtpd_banner = $myhostname ESMTP $mail_name

biff = no

append_dot_mydomain = no

debug_peer_level = 2

debugger_command =

         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin

         xxgdb $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail.postfix

newaliases_path = /usr/bin/newaliases.postfix

mailq_path = /usr/bin/mailq.postfix

setgid_group = postdrop

html_directory = no

manpage_directory = /usr/share/man

sample_directory = /usr/share/doc/postfix-2.1.5/samples

readme_directory = /usr/share/doc/postfix-2.1.5/README_FILES

virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf

virtual_gid_maps = static:89

virtual_mailbox_base = /home/vmail

virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf  

virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf

virtual_minimum_uid = 89

virtual_transport = virtual

virtual_uid_maps = static:89

virtual_mailbox_limit = 51200000

broken_sasl_auth_clients = yes

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unauth_pipelining, reject_invalid_hostname

#reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient,    

smtpd_sasl_auth_enable = yes

smtpd_sasl_local_domain = 

smtpd_sasl_security_options = noanonymous

```

Where is my config wrong?

----------

## TheCarNinja

*bump*   :Sad: 

----------

## TheCarNinja

*bump*

----------

