# [solved]dovecot sasl auth

## bartlm

Hi there.

Im trying to set up a "home" mail server. I want to use postfix with dovecot.

I want to send mail via my ISP. Everything seems to work fine.

But if my mailserver tries to send mail, my logfile tell me:

```

Aug 23 10:02:28 mailsrv postfix/smtp[25479]: warning: SASL authentication failure: No worthy mechs found

Aug 23 10:02:28 mailsrv postfix/smtp[25479]: CE7B6C1528: SASL authentication failed; cannot authenticate to server smtp.myisp.de[194.25.134.114]: no mechanism available

```

I suppose i used the wrong use flags while emerging postfix and/or dovecot.

My use-flags:

```

USE="dynamicplugin sasl ssl postgres pop3d pam dovecot-sasl"

```

Id be very happy if anybody could help me out with this.

Thanks a lot!

Regards,

Markus[/code]Last edited by bartlm on Fri Aug 29, 2008 6:03 pm; edited 1 time in total

----------

## notHerbert

In your /etc/dovecot/dovecot.conf, do you have something like this

```
auth default {

  mechanisms = plain login

}
```

Then in /etc/postfix/main.cf:

```
smtpd_sasl_auth_enable = yes
```

You could take a look here http://gentoo-wiki.com/Mail_server_using_Postfix_and_Dovecot

Good luck!  :Smile: 

----------

## bartlm

Yes thats exactly what I got. Here is my auth section:

```

auth default {

  mechanisms = plain login

  userdb passwd {

  }

  passdb shadow {

  }

  user = root

  socket listen {

    client {

      path = /var/spool/postfix/private/auth

      mode = 0660

      user = postfix

      group = postfix

    }

  }

}

```

And thats my section in main.cf:

```

smtpd_sasl_auth_enable = yes

smtpd_sasl_type = dovecot

smtpd_sasl_path = /var/spool/postfix/private/auth

smtpd_sasl_security_options = noanonymous

smtpd_recipient_restrictions =

                permit_sasl_authenticated

                reject_unauth_destination

smtpd_sasl_local_domain =

```

The variable relayhost is set to the smtp-server of my isp.

I suppose the methods variable set in dovecot.conf is not secure enough. But what method to use?

If i use digest-md5 for example dovecot wont start because of the given passdbs.

----------

## notHerbert

It could possibly be a configuration error on the isp server.  Try this in postfix/main.cf.

```
smtp_sasl_mechanism_filter = plain
```

If that works then the misconfiguration is at smtp.myisp.de   :Cool: 

----------

## magic919

This is a bit confused.  I use Dovecot SASL but this is a Postfix/Dovecot thing for incoming mail.  If you want to do some kind of smtp auth with your ISPs mail server then that's a separate thing.

----------

## notHerbert

 *magic919 wrote:*   

> This is a bit confused.  I use Dovecot SASL but this is a Postfix/Dovecot thing for incoming mail.  If you want to do some kind of smtp auth with your ISPs mail server then that's a separate thing.

 

Yes, you are correct.  I was thinking of a different SASL failure

```
(SASL authentication failed; cannot authenticate to server smtp.isp.mail[xx.xx.xx.xx]: bad protocol / cancel)
```

My mistake.

Please post output of postconf -n.

----------

## bartlm

Ok, I emerged postfix again and all of a sudden sending mail works well.

But Im not able to receive mail.

The smtp-packtes come through my firewall and are handed to the mail server.

But the maillog does not show any response to the incoming packages.

The only thing is that ipv6 is disabled.

Do i have to compile postfix with ipv6 support to receive mails?

Or is there any other problem?

Any idea would be helpful.

Thanks!

----------

## magic919

 *bartlm wrote:*   

> 
> 
> Do i have to compile postfix with ipv6 support to receive mails?
> 
> Thanks!

 

No.

Check the logs as Postfix starts.  Check that it is listening on port 25 on appropriate interface.

----------

## bartlm

Sorry for that.

Firewall was misconfigured.

If you want to let emails in, you should accept smtp packets instead of rejecting them  :Wink: 

Mea culpa.

But thanks all for your help.

mailserver is up and running  :Smile: 

Regards,

Markus

----------

## magic919

All's well that ends well.  HTH.

----------

