# Setting up postfix, fails to authenticate

## Letharion

I've set up postfix according to the gentoo docs: http://www.gentoo.org/doc/en/virt-mail-howto.xml

Sending e-mails work well, and after adding postfix to :vmail and giving g+rw to the stuff under /home/vmail I got the server to recieve e-mails without any complaints.

Now however, I would also like to be able to get them, and here I'm stuck.

```
telnet mail.letharion.se 110

Trying 94.247.168.189...

Connected to mail.letharion.se.

Escape character is '^]'.

+OK Hello there.

USER letharion

+OK Password required.

PASS $mypasshere

-ERR Login failed.

Connection closed by foreign host.
```

I've tried typing the password many times and it just doesn't work. Most likely I've done something trivial wrong, like specified a table name incorrectly or somesuch, but the logs aren't very helpful:

```
authdaemond: pam_unix(pop3:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=  user=letharion
```

Wow, now I know _exactly_ what went wrong  :Wink: 

So I've been trying to use strace to find out more. First I figured I'd see, "Is mysql even asked about the password?"

Running

strace -p $(ps -C mysqld -o pid=)

I get stuck at "select(15, [13 14], NULL, NULL, NULL" until I complete the USER/PASS messages in a telnet terminal, when a large chunk of information is printed. Unfortunately it doesn't really tell me much. I see a bnuch of fcntl, so there's disc access, but I can't see anything about the actual data being transferred

When looking at some of the authdemond's, I get:

```
# strace -p 1803

Process 1803 attached - interrupt to quit

select(6, [3 5], NULL, NULL, {237, 756000}) = 1 (in [5], left {233, 213000})

accept(5, 0x7fffd21441b0, [16])         = -1 EAGAIN (Resource temporarily unavailable)

select(6, [3 5], NULL, NULL, {300, 0}
```

Not sure if I should care about the "Resource temporarily unavailable", it sure looks like a potential problem?

The courier and sasl processes give me nothing interesting, if anything at all.

Setting up an MTA is a "character building experience", to say the least  :Wink: 

----------

## Anarcho

Try setting 

DEBUG_LOGIN=1

(maybe even to 2, this logs passwords as well)

in /etc/courier/authlib/authdaemonrc and restart the courier daemons. Maybe this helps.

EDIT: what I didn't like in the HOWTO above is the storing of plaintext passwords in the database. I changed this to using SHA1 Hash values.

----------

## Letharion

Thanks for the suggestion.

I set the debugging:

# grep "^DEBUG_LOGIN=" /etc/courier/authlib/authdaemonrc

DEBUG_LOGIN=2

And I restarted all 4 courier daemons (And took postfix and sasl while I was at it)

The comments say that this info will be dumped into debug, which in turn goes to /var/log/debug but I see nothing of interest there.

I completely agree about the plaintext passwords, but I want to get any authentication at all working first  :Wink: 

----------

## Anarcho

If I remember correctly, it was logged into one of the mail logfiles (e.g. /var/log/mail.log) but I think it depends on your syslog setup.

You could try "grep authdaemon /var/log/*" to find the logfile.

----------

## Letharion

For POP3, the error was trivial. I'm used to logging in as "letharion", but the MTA (obviously) needed me to log in as "letharion@letharion.se".   :Embarassed:  I realised this when I started logging mysql queries.

Something is still wrong with IMAP-auth, which I'm gonna look into as well, but that has a bit lower priority.

Thanks a lot Anarcho  :Smile: 

----------

