# Courier-POP3/IMAP-authentication

## tcambrant

I have a problem regarding the Virtual Mailhosting System Guide. It's really driving me nuts. I have searched the Gentoo forums and there is a lot of talk about this authentication-problem i have, but I can't find a solution that helps me.

I have set up Postfix+Courier IMAP+Cyrus SASL+Apache+MySQL+PAM_MySQL+Squirrelmail exactly as it says in the guide (i think) and it all seems to be working except that I can't login to the Courier IMAP server. Logging in to the POP3-server doesn't work either.

People had problems with this because the Authdaemond-service wasn't running, but I think mine is set up like it is supposed to, and it is running for courier-imapd, courier-imapd-ssl, courier-pop3d and courier-pop3d-ssl.

MySQL, Postfix, Courier IMAP, Courier POP3, Cyrus SASL, Apache, MySQL, phpMyAdmin and Squirrelmail are all running fine, except for the problem with logging in. The MySQL-databases are setup like they are supposed to, and I have checked with other people who have pretty much the same users-table as I have. Postfix can send and recieve mail just fine, so the only thing I can think of that isn't working is the authentication of the username & password. I use the full e-mail-address as a username, such as t@cambrant.com. This results in me not being able to use pop3 to fetch the mail from other computers, and Squirrelmail not working. When I try to login to Squirrelmail it just says that I don't have the right username and password.

I tried logging in to the IMAPd via telnet, but i only get this:

```
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE] Courier-IMAP ready. Copyright 1998-2003 Double Precision, Inc.  See COPYING for distribution information.

1 LOGIN t@cambrant.com password

1 NO Login failed.
```

I'm supposed to use PAM for authentication and the PAM-config files in /etc/pam.d/ seems to be setup just fine. The logs show nothing other than failed logins.

I have no idea what the problem could be, so I was hoping that someone could help me solve my issues. Thanks in advance.Last edited by tcambrant on Tue Nov 11, 2003 4:48 pm; edited 1 time in total

----------

## tcambrant

Please, if someone can help me with this problem, I would be really grateful if you did.

----------

## kashani

There are a few show stopping mistakes you can make here. 

1. line wrap problems in /etc/pam.d/*

Did this one myself the first time I set it up. Make sure that the auth lines aren't broken in imap and pop3.

2. Make sure your mysql password is entered correctly in these files.

Again I got bit by this one and forgot to change one of the $sqlpasswd to the real password.

3. wrong username

The username is the complete email address as listed in the user table of you mysql database.

kashani

----------

## tcambrant

 *kashani wrote:*   

> 1. line wrap problems in /etc/pam.d/*
> 
> Did this one myself the first time I set it up. Make sure that the auth lines aren't broken in imap and pop3.

 

Checked this one really well, but I'm positive that there is nothing wrong with the files, except that the tutorial might have provided erroneous code.

My /etc/pam.d/imap & /etc/pam.d/pop3:

```
auth     optional       pam_mysql.so server=localhost db=mailsql user=mailsql passwd=mypass table=users usercolumn=email passwdcolu

mn=clear crypt=0

account  required       pam_mysql.so server=localhost db=mailsql user=mailsql passwd=mypass table=users usercolumn=email passwdcolu

mn=clear crypt=0
```

 *kashani wrote:*   

> 2. Make sure your mysql password is entered correctly in these files.
> 
> Again I got bit by this one and forgot to change one of the $sqlpasswd to the real password.

 

I logged into the database with the password cut-and-pasted from the file, so this isn't the problem.

 *kashani wrote:*   

> 3. wrong username
> 
> The username is the complete email address as listed in the user table of you mysql database.

 

This was my first doubt. I thought I had read the documentation wrong somewhere, but no, it just won't work.

----------

## tcambrant

I enabled MySQLd-logging, and found out that no attempts to connect to the database is being made at all, which may explain why authentication doesn't work even though all the login data is correct.

What could cause this not to work? MySQL works perfectly otherwise, and I'm running things such as phpMyAdmin and my own website against it. Something tells be this has something to do with pam_mysql.

How can i troubleshoot to find out if pam works or not?

----------

## kashani

It's never the easy stuff.  :Confused: 

If it's not even connecting, you might not have finished the courier config. Check section 10.2 of the vmail guide for the bits you need to do to the authdaemon and double check your syntax. The other possiblity is you didn't compile mysql support into courier, but I think the first is more likely.

kashani

----------

## devi0s

I had the same exact problem.

In /etc/courier-imap/authmysqlrc, the location of the mysqld.sock file is the wrong file and location.

I had to change

MYSQL_SOCKET          /var/mysql/mysql.sock

to

MYSQL_SOCKET            /var/run/mysqld/mysqld.sock

Be sure to check this out.  Hope that fixes your problem too.

However, after I did that, I wound up with a new problem:

I am having problems with my imap server - ERROR : Connection dropped by imap-server - this happens right after I try to login to imap with any imap client, including GUI and netcat.

I get this error message in my /var/log/mail.log file:

imapd: chdir "/my_virtual_domain.com/user": No such file or directory

I am trying to login as a virtual user whose mailbox is at

/home/vmail/my_virtual_domain.com/user

Shouldn't imap pull the uid and gid for the user:group that /home/vmail/my_virtual_domain.com/user is owned by?  I found out that this IS happening correctly using strace.

Use 'ps aux | grep imapd' to find the process number for courier, then use 'strace -f -v -p <pid>' to see what's going on as you try to log into imap with an imap client.

How can I tell what the directory "/my_virtual_domain.com/user" in that error message is relative to (to make sure that imap is actually trying to chdir to /home/vmail/my_virtual_domain.com/user)?

Also, how can I tell what user:group imap is trying to change into that directory with?

Strace output pretty much suggests that courier is trying to chdir to "/my_virt_domain.com/user".  Nothing in the strace output suggests that that is NOT an absolute path. That could be the problem, but I don't know how to verify this or fix it.  It should be chdir'ing into "/home/vmail/my_virt_domain.com/user".

I can see that in the mysql query made by courier includes the homedir and maildir.  The fields returned from mysql that I CAN see data for (in the strace output) all look correct

I see NOTHING in the strace output that shows what the returned values of homedir and maildir are.

I don't know how to test this further and could really use some input here.

Thanks

Devi0s

devios AT comcast DOT net

----------

## devi0s

I fixed my own problem with the help of iggy in the #courier channel on freenode.

In my postfix main.cf file, I had the following:

virtual_mailbox_base = /home/vmail

and in my mysql database, for virtual users, I had

homedir = /my_domain.com/devios

and

maildir = /my_domain.com/devios/.maildir/

The above allowed postfix to work correctly, but courier was unaware of the virtual_mailbox_base = /home/vmail, so courier was not working.

I had to change main.cf to reflect

virtual_mailbox_base = /

and in my mysql database, for virtual users, I set

homedir = /home/vmail/my_domain.com/devios

and

maildir = /home/vmail/my_domain.com/devios/.maildir/

----------

## geforce

how to get rid of "ERROR : Connection dropped by imap-server"

 ???

Thanks

Phil

----------

