# Postfix/smtpd not authenticating anymore

## Bigun

I did a deep world upgrade, and now SMTPD authentication seems b0rked.

```

Jul  1 13:04:08 pwnedclips postfix/smtpd[9955]: auxpropfunc error invalid parameter supplied

Jul  1 13:04:08 pwnedclips postfix/smtpd[9955]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: ldapdb

Jul  1 13:04:08 pwnedclips postfix/smtpd[9955]: initializing the server-side TLS engine

Jul  1 13:04:08 pwnedclips postfix/smtpd[9955]: cannot load Certificate Authority data

```

----------

## cassiol

helo Bigun,

i have that tree messages in my system too.  i not found solution yet. but my system is running. =))

```

Jul  1 13:04:08 pwnedclips postfix/smtpd[9955]: auxpropfunc error invalid parameter supplied

Jul  1 13:04:08 pwnedclips postfix/smtpd[9955]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: ldapdb

Jul  1 13:04:08 pwnedclips postfix/smtpd[9955]: initializing the server-side TLS engine 

```

and that message seems trouble in certificate.

```

Jul  1 13:04:08 pwnedclips postfix/smtpd[9955]: cannot load Certificate Authority data 

```

----------

## Bigun

Here is the entire error, sanitized of course:

```
Jul  1 13:50:53 pwnedclips postfix/smtpd[27458]: warning: database /etc/mail/aliases.db is older than source file /etc/mail/aliases

Jul  1 13:50:53 pwnedclips postfix/smtpd[27458]: auxpropfunc error invalid parameter supplied

Jul  1 13:50:53 pwnedclips postfix/smtpd[27458]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: ldapdb

Jul  1 13:50:53 pwnedclips postfix/smtpd[27458]: initializing the server-side TLS engine

Jul  1 13:50:53 pwnedclips postfix/smtpd[27458]: cannot load Certificate Authority data

Jul  1 13:50:54 pwnedclips postfix/smtpd[27458]: connect from static-host-66-18-54-118.epbinternet.com[66.18.54.118]                                                              

Jul  1 13:51:24 pwnedclips saslauthd[4935]: pam_unix(smtp:auth): check pass; user unknown                                                                                         

Jul  1 13:51:24 pwnedclips saslauthd[4935]: pam_unix(smtp:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=

Jul  1 13:51:26 pwnedclips saslauthd[4935]: DEBUG: auth_pam: pam_authenticate failed: User not known to the underlying authentication module

Jul  1 13:51:26 pwnedclips saslauthd[4935]: do_auth         : auth failure: [user=bigun@************.com] [service=smtp] [realm=*********.com] [mech=pam] [reason=PAM auth error]

Jul  1 13:51:26 pwnedclips postfix/smtpd[27458]: warning: SASL authentication failure: Password verification failed

Jul  1 13:51:26 pwnedclips postfix/smtpd[27458]: warning: ***************************: SASL PLAIN authentication failed: authentication failure

Jul  1 13:51:26 pwnedclips saslauthd[4940]: pam_unix(smtp:auth): check pass; user unknown

Jul  1 13:51:26 pwnedclips saslauthd[4940]: pam_unix(smtp:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=

Jul  1 13:51:29 pwnedclips saslauthd[4940]: DEBUG: auth_pam: pam_authenticate failed: User not known to the underlying authentication module                                      

Jul  1 13:51:29 pwnedclips saslauthd[4940]: do_auth         : auth failure: [user=bigun@*********.com] [service=smtp] [realm=**********.com] [mech=pam] [reason=PAM auth error]

Jul  1 13:51:29 pwnedclips postfix/smtpd[27458]: warning: ****************************: SASL LOGIN authentication failed: authentication failure

Jul  1 13:51:33 pwnedclips postfix/smtpd[27458]: disconnect from ************************************8     
```

----------

## timeBandit

I found a couple of topics that look similar to your problem--do any of the suggestions there help?

In particular, check whether a change to your USE flags caused your update to add SQL support to  Cyrus-SASL.

----------

## kashani

I think it's time to go through your config files and see what you borked. Additionally you should probably look through your emerge logs and see what packages you've updated. Did you mean to include ldap in your cyrus-sasl build as well? If not, remove the USE flag from it in /etc/portage/package.use and emerge it again. I'd also check the config file as well.

kashani

----------

## Bigun

The only packages I saw that *might* be causing this is:

```
net-libs/courier-authlib-0.60.6
```

 from 

```
net-libs/courier-authlib-0.60.2-r1
```

It's the only package I can find related to mail that I updated to, around the time it quit, that may have messed things up.

But the config files all look fine from the walkthrough.  I will try to degrade and see if that fixes this if no one replies soon.

----------

## Bigun

Degrading did nothing.

----------

## kashani

 *Bigun wrote:*   

> Here is the entire error, sanitized of course:
> 
> Jul  1 13:51:29 pwnedclips saslauthd[4940]: do_auth         : auth failure: [user=bigun@*********.com] [service=smtp] [realm=**********.com] [mech=pam] [reason=PAM auth error]
> 
> Jul  1 13:51:29 pwnedclips postfix/smtpd[27458]: warning: ****************************: SASL LOGIN authentication failed: authentication failure
> ...

 

This part makes me think that authmysql fell out of your /etc/courier/authlib/authdeamonrc and it's only using pam. Do you have this line in your authdaemonrc?

```

authmodulelist="authmysql authpam"

```

kashani

----------

## Bigun

```
authmodulelist="authmysql"
```

authpam isn't even in the list.

----------

