I have the host properly receiving mail. I am showing in the logs that the
SASL AUTH is working but for some reason after that its still parsing recipient
rules and doesn't find it in my virtual tables.
User me (tho...@polliard.com ----sending----> thomas_polli...@yahoo.com)
My configuration is Postfix/Postgres/Dovecot:
So below the pound signs is all the logging/config that should be helpful but
simply stated.
I was having problems using the virtual_map directive as I could send mail SASL
authenticated but I couldnt receive mail. I did some research on postfix.org
and updated to 2.0 Syntax (About time, Iv used postfix for so long)
I then switch to use 2.0 syntax for the virtual directives and all seemed ok.
Till I tried to send mail using SASL. Then I found that it was strange because
SASL AUTH was working properly but that postfix continued to run
down reciepient checks.
If anyone can give me a hand I would appreciate it as Im about to pull my hair
out....
Thanks
Thomas Polliard
###########################################################################
[saslfinger]
[r...@uranium saslfinger-1.0.3]# ./saslfinger -s
saslfinger - postfix Cyrus sasl configuration Mon Nov 2 11:00:05 CST 2009
version: 1.0.2
mode: server-side SMTP AUTH
-- basics --
Postfix: 2.3.3
System: CentOS release 5.4 (Final)
-- smtpd is linked to --
libsasl2.so.2 => /usr/lib64/libsasl2.so.2 (0x00002ba955eb5000)
-- active SMTP AUTH and TLS parameters for smtpd --
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname, $myhostname.$mydomain
smtpd_sasl_path = /var/run/dovecot/auth-client
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
-- listing of /usr/lib64/sasl2 --
total 2872
drwxr-xr-x 2 root root 4096 Oct 24 21:47 .
drwxr-xr-x 68 root root 36864 Oct 31 17:35 ..
-rwxr-xr-x 1 root root 890 Sep 3 19:04 libanonymous.la
-rwxr-xr-x 1 root root 15880 Sep 3 19:05 libanonymous.so
-rwxr-xr-x 1 root root 15880 Sep 3 19:05 libanonymous.so.2
-rwxr-xr-x 1 root root 15880 Sep 3 19:05 libanonymous.so.2.0.22
-rwxr-xr-x 1 root root 862 Sep 3 19:04 liblogin.la
-rwxr-xr-x 1 root root 16448 Sep 3 19:05 liblogin.so
-rwxr-xr-x 1 root root 16448 Sep 3 19:05 liblogin.so.2
-rwxr-xr-x 1 root root 16448 Sep 3 19:05 liblogin.so.2.0.22
-rwxr-xr-x 1 root root 862 Sep 3 19:04 libplain.la
-rwxr-xr-x 1 root root 16416 Sep 3 19:05 libplain.so
-rwxr-xr-x 1 root root 16416 Sep 3 19:05 libplain.so.2
-rwxr-xr-x 1 root root 16416 Sep 3 19:05 libplain.so.2.0.22
-rwxr-xr-x 1 root root 936 Sep 3 19:04 libsasldb.la
-rwxr-xr-x 1 root root 893304 Sep 3 19:05 libsasldb.so
-rwxr-xr-x 1 root root 893304 Sep 3 19:05 libsasldb.so.2
-rwxr-xr-x 1 root root 893304 Sep 3 19:05 libsasldb.so.2.0.22
-rw-r--r-- 1 root root 25 Mar 14 2007 Sendmail.conf
-rw-r--r-- 1 root root 26 Oct 7 2008 smtpd.conf
-- listing of /usr/lib/sasl2 --
total 2864
drwxr-xr-x 2 root root 4096 Oct 24 14:59 .
drwxr-xr-x 52 root root 36864 Oct 31 17:09 ..
-rwxr-xr-x 1 root root 884 Sep 3 19:04 libanonymous.la
-rwxr-xr-x 1 root root 14372 Sep 3 19:04 libanonymous.so
-rwxr-xr-x 1 root root 14372 Sep 3 19:04 libanonymous.so.2
-rwxr-xr-x 1 root root 14372 Sep 3 19:04 libanonymous.so.2.0.22
-rwxr-xr-x 1 root root 856 Sep 3 19:04 liblogin.la
-rwxr-xr-x 1 root root 14752 Sep 3 19:04 liblogin.so
-rwxr-xr-x 1 root root 14752 Sep 3 19:04 liblogin.so.2
-rwxr-xr-x 1 root root 14752 Sep 3 19:04 liblogin.so.2.0.22
-rwxr-xr-x 1 root root 856 Sep 3 19:04 libplain.la
-rwxr-xr-x 1 root root 14848 Sep 3 19:04 libplain.so
-rwxr-xr-x 1 root root 14848 Sep 3 19:04 libplain.so.2
-rwxr-xr-x 1 root root 14848 Sep 3 19:04 libplain.so.2.0.22
-rwxr-xr-x 1 root root 930 Sep 3 19:04 libsasldb.la
-rwxr-xr-x 1 root root 905200 Sep 3 19:04 libsasldb.so
-rwxr-xr-x 1 root root 905200 Sep 3 19:04 libsasldb.so.2
-rwxr-xr-x 1 root root 905200 Sep 3 19:04 libsasldb.so.2.0.22
-- listing of /etc/sasl2 --
total 16
drwxr-xr-x 2 root root 4096 Sep 3 19:04 .
drwxr-xr-x 95 root root 12288 Nov 2 09:43 ..
-- content of /usr/lib64/sasl2/smtpd.conf --
pwcheck_method: saslauthd
-- active services in /etc/postfix/master.cf --
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
smtp inet n - n - - smtpd
-o smtpd_sasl_auth_enable=yes
-o content_filter=spamfilter:dummy
-v
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
-o fallback_relay=
showq unix n - n - - showq
error unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
old-cyrus unix - n n - - pipe
flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension}
${user}
cyrus unix - n n - - pipe
user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension}
${user}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
spamfilter unix - n n - - pipe
flags=Rq user=filter argv=/usr/local/sbin/spamfilter -f ${sender} --
${recipient}
-- mechanisms on localhost --
250-AUTH PLAIN DIGEST-MD5
250-AUTH=PLAIN DIGEST-MD5
-- end of saslfinger output --
[main.cf]
<snip>
virtual_mailbox_base = /prod/mail
virtual_uid_maps = static:25001
virtual_gid_maps = static:25001
transport_maps = pgsql:/etc/postfix/pgsql/transport.cf
virtual_mailbox_domains = pgsql:/etc/postfix/pgsql/virtual_domains.cf
virtual_mailbox_maps = pgsql:/etc/postfix/pgsql/mailboxes.cf
virtual_alias_maps = pgsql:/etc/postfix/pgsql/virtual_alias.cf
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
smtpd_helo_required = yes
disable_vrfy_command = yes
smtpd_recipient_restrictions =
permit_sasl_authenticated,
permit_mynetworks,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauth_destination,
#reject_rbl_client dnsbl-3.uceprotect.net,
#reject_rbl_client zen.spamhaus.org,
#reject_rbl_client rhsbl.ahbl.org,
#reject_rbl_client dnsbl.ahbl.org,
#check_sender_access pcre:/etc/postfix/spam_checks.pcre,
permit
smtpd_data_restrictions =
reject_unauth_pipelining,
permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname, $myhostname.$mydomain
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sasl_path = /var/run/dovecot/auth-client
broken_sasl_auth_clients = yes
header_checks = regexp:/etc/postfix/header_checks
Client SASL Authenticates through dovecot Here is my log of the connection
[/var/log/maillog]
<SNIP>
BEGIN CRITICAL SECTION
Nov 2 10:54:02 uranium postfix/smtpd[12121]: <
pool-96-253-127-251.rcmdva.fios.verizon.net[96.253.127.251]: AUTH PLAIN
AHRob21hc0Bwb2xsaWFyZC5jb20AOWFodWdpdGU=
Nov 2 10:54:02 uranium postfix/smtpd[12121]: xsasl_dovecot_server_first:
sasl_method PLAIN, init_response AHRob21hc0Bwb2xsaWFyZC5jb20AOWFodWdpdGU=
Nov 2 10:54:02 uranium dovecot: auth(default): client in: AUTH 2 PLAIN
service=smtp resp=AHRob21hc0Bwb2xsaWFyZC5jb20AOWFodWdpdGU=
Nov 2 10:54:02 uranium dovecot: auth(default): sql(tho...@polliard.com):
query: SELECT userid as user, password FROM service.email_accounts WHERE userid
= 'tho...@polliard.com'
Nov 2 10:54:02 uranium dovecot: auth(default): client out: OK 2
user=tho...@polliard.com
Nov 2 10:54:02 uranium postfix/smtpd[12121]: xsasl_dovecot_handle_reply: auth
reply: ok?2?user=tho...@polliard.com
Nov 2 10:54:02 uranium postfix/smtpd[12121]: >
pool-96-253-127-251.rcmdva.fios.verizon.net[96.253.127.251]: 235 2.0.0
Authentication successful
Nov 2 10:54:02 uranium postfix/smtpd[12121]: <
pool-96-253-127-251.rcmdva.fios.verizon.net[96.253.127.251]: MAIL
FROM:<tho...@polliard.com>
END CRITICAL SECTION
Nov 2 10:54:02 uranium postfix/smtpd[12121]: extract_addr: input:
<tho...@polliard.com>
Nov 2 10:54:02 uranium postfix/smtpd[12121]: smtpd_check_addr:
addr=tho...@polliard.com
Nov 2 10:54:02 uranium postfix/smtpd[12121]: ctable_locate: leave existing
entry key tho...@polliard.com
Nov 2 10:54:02 uranium postfix/smtpd[12121]: extract_addr: in:
<tho...@polliard.com>, result: tho...@polliard.com
Nov 2 10:54:02 uranium postfix/smtpd[12121]: fsspace: .: block size 4096,
blocks free 54962955
Nov 2 10:54:02 uranium postfix/smtpd[12121]: smtpd_check_queue: blocks 4096
avail 54962955 min_free 0 msg_size_limit 10240000
Nov 2 10:54:02 uranium postfix/smtpd[12121]: >
pool-96-253-127-251.rcmdva.fios.verizon.net[96.253.127.251]: 250 2.1.0 Ok
Nov 2 10:54:02 uranium postfix/smtpd[12121]: <
pool-96-253-127-251.rcmdva.fios.verizon.net[96.253.127.251]: RCPT
TO:<thomas_polli...@yahoo.com>
Nov 2 10:54:02 uranium postfix/smtpd[12121]: extract_addr: input:
<thomas_polli...@yahoo.com>
Nov 2 10:54:02 uranium postfix/smtpd[12121]: smtpd_check_addr:
addr=thomas_polli...@yahoo.com
Nov 2 10:54:02 uranium postfix/smtpd[12121]: send attr request = rewrite
Nov 2 10:54:02 uranium postfix/smtpd[12121]: send attr rule = local
Nov 2 10:54:02 uranium postfix/smtpd[12121]: send attr address =
thomas_polli...@yahoo.com
Nov 2 10:54:02 uranium postfix/smtpd[12121]: private/rewrite socket: wanted
attribute: flags
Nov 2 10:54:02 uranium postfix/smtpd[12121]: input attribute name: flags
Nov 2 10:54:02 uranium postfix/smtpd[12121]: input attribute value: 0
Nov 2 10:54:02 uranium postfix/smtpd[12121]: private/rewrite socket: wanted
attribute: address
Nov 2 10:54:02 uranium postfix/smtpd[12121]: input attribute name: address
Nov 2 10:54:02 uranium postfix/smtpd[12121]: input attribute value:
thomas_polli...@yahoo.com
Nov 2 10:54:02 uranium postfix/smtpd[12121]: private/rewrite socket: wanted
attribute: (list terminator)
Nov 2 10:54:02 uranium postfix/smtpd[12121]: input attribute name: (end)
Nov 2 10:54:02 uranium postfix/smtpd[12121]: rewrite_clnt: local:
thomas_polli...@yahoo.com -> thomas_polli...@yahoo.com
Nov 2 10:54:02 uranium postfix/smtpd[12121]: send attr request = resolve
Nov 2 10:54:02 uranium postfix/smtpd[12121]: send attr sender =
Nov 2 10:54:02 uranium postfix/smtpd[12121]: send attr address =
thomas_polli...@yahoo.com
Nov 2 10:54:02 uranium postfix/smtpd[12121]: private/rewrite socket: wanted
attribute: flags
Nov 2 10:54:02 uranium postfix/smtpd[12121]: input attribute name: flags
Nov 2 10:54:02 uranium postfix/smtpd[12121]: input attribute value: 0
Nov 2 10:54:02 uranium postfix/smtpd[12121]: private/rewrite socket: wanted
attribute: transport
Nov 2 10:54:02 uranium postfix/smtpd[12121]: input attribute name: transport
Nov 2 10:54:02 uranium postfix/smtpd[12121]: input attribute value: virtual
Nov 2 10:54:02 uranium postfix/smtpd[12121]: private/rewrite socket: wanted
attribute: nexthop
Nov 2 10:54:02 uranium postfix/smtpd[12121]: input attribute name: nexthop
Nov 2 10:54:02 uranium postfix/smtpd[12121]: input attribute value: yahoo.com
Nov 2 10:54:02 uranium postfix/smtpd[12121]: private/rewrite socket: wanted
attribute: recipient
Nov 2 10:54:02 uranium postfix/smtpd[12121]: input attribute name: recipient
Nov 2 10:54:02 uranium postfix/smtpd[12121]: input attribute value:
thomas_polli...@yahoo.com
Nov 2 10:54:02 uranium postfix/smtpd[12121]: private/rewrite socket: wanted
attribute: flags
Nov 2 10:54:02 uranium postfix/smtpd[12121]: input attribute name: flags
Nov 2 10:54:02 uranium postfix/smtpd[12121]: input attribute value: 1024
Nov 2 10:54:02 uranium postfix/smtpd[12121]: private/rewrite socket: wanted
attribute: (list terminator)
Nov 2 10:54:02 uranium postfix/smtpd[12121]: input attribute name: (end)
Nov 2 10:54:02 uranium postfix/smtpd[12121]: resolve_clnt: `' ->
`thomas_polli...@yahoo.com' -> transp=`virtual' host=`yahoo.com'
rcpt=`thomas_polli...@yahoo.com' flags= class=virtual
Nov 2 10:54:02 uranium postfix/smtpd[12121]: ctable_locate: install entry key
thomas_polli...@yahoo.com
Nov 2 10:54:02 uranium postfix/smtpd[12121]: extract_addr: in:
<thomas_polli...@yahoo.com>, result: thomas_polli...@yahoo.com
ERROR BEGIN
Nov 2 10:54:02 uranium postfix/smtpd[12121]: >>> START Recipient address
RESTRICTIONS <<<
Nov 2 10:54:02 uranium postfix/smtpd[12121]: generic_checks:
name=permit_sasl_authenticated
Nov 2 10:54:02 uranium postfix/smtpd[12121]: generic_checks:
name=permit_sasl_authenticated status=1
Nov 2 10:54:02 uranium postfix/smtpd[12121]: >>> CHECKING RECIPIENT MAPS <<<
Nov 2 10:54:02 uranium postfix/smtpd[12121]: ctable_locate: leave existing
entry key thomas_polli...@yahoo.com
Nov 2 10:54:02 uranium postfix/smtpd[12121]: maps_find:
recipient_canonical_maps: thomas_polli...@yahoo.com: not found
Nov 2 10:54:02 uranium postfix/smtpd[12121]: match_string: yahoo.com ~?
uranium.polliard.com
Nov 2 10:54:02 uranium postfix/smtpd[12121]: match_string: yahoo.com ~?
localhost.polliard.com
Nov 2 10:54:02 uranium postfix/smtpd[12121]: match_string: yahoo.com ~?
localhost
Nov 2 10:54:02 uranium postfix/smtpd[12121]: match_list_match: yahoo.com: no
match
Nov 2 10:54:02 uranium postfix/smtpd[12121]: maps_find:
recipient_canonical_maps: @yahoo.com: not found
Nov 2 10:54:02 uranium postfix/smtpd[12121]: mail_addr_find:
thomas_polli...@yahoo.com -> (not found)
Nov 2 10:54:02 uranium postfix/smtpd[12121]: maps_find: canonical_maps:
thomas_polli...@yahoo.com: not found
Nov 2 10:54:02 uranium postfix/smtpd[12121]: match_string: yahoo.com ~?
uranium.polliard.com
Nov 2 10:54:02 uranium postfix/smtpd[12121]: match_string: yahoo.com ~?
localhost.polliard.com
Nov 2 10:54:02 uranium postfix/smtpd[12121]: match_string: yahoo.com ~?
localhost
Nov 2 10:54:02 uranium postfix/smtpd[12121]: match_list_match: yahoo.com: no
match
Nov 2 10:54:02 uranium postfix/smtpd[12121]: maps_find: canonical_maps:
@yahoo.com: not found
Nov 2 10:54:02 uranium postfix/smtpd[12121]: mail_addr_find:
thomas_polli...@yahoo.com -> (not found)
Nov 2 10:54:02 uranium postfix/smtpd[12121]: dict_pgsql_get_active: found
active connection to host localhost
Nov 2 10:54:02 uranium postfix/smtpd[12121]: dict_pgsql: successful query from
host localhost
Nov 2 10:54:02 uranium postfix/smtpd[12121]: dict_pgsql_lookup: retrieved 0
rows
Nov 2 10:54:02 uranium postfix/smtpd[12121]: maps_find: virtual_alias_maps:
thomas_polli...@yahoo.com: not found
Nov 2 10:54:02 uranium postfix/smtpd[12121]: match_string: yahoo.com ~?
uranium.polliard.com
Nov 2 10:54:02 uranium postfix/smtpd[12121]: match_string: yahoo.com ~?
localhost.polliard.com
Nov 2 10:54:02 uranium postfix/smtpd[12121]: match_string: yahoo.com ~?
localhost
Nov 2 10:54:02 uranium postfix/smtpd[12121]: match_list_match: yahoo.com: no
match
Nov 2 10:54:02 uranium postfix/smtpd[12121]: dict_pgsql_get_active: found
active connection to host localhost
Nov 2 10:54:02 uranium postfix/smtpd[12121]: dict_pgsql: successful query from
host localhost
Nov 2 10:54:02 uranium postfix/smtpd[12121]: dict_pgsql_lookup: retrieved 0
rows
Nov 2 10:54:02 uranium postfix/smtpd[12121]: maps_find: virtual_alias_maps:
@yahoo.com: not found
Nov 2 10:54:02 uranium postfix/smtpd[12121]: mail_addr_find:
thomas_polli...@yahoo.com -> (not found)
Nov 2 10:54:02 uranium postfix/smtpd[12121]: dict_pgsql_get_active: attempting
to connect to host localhost
Nov 2 10:54:02 uranium postfix/smtpd[12121]: dict_pgsql: successful connection
to host localhost
Nov 2 10:54:02 uranium postfix/smtpd[12121]: dict_pgsql: successful query from
host localhost
Nov 2 10:54:02 uranium postfix/smtpd[12121]: dict_pgsql_lookup: retrieved 0
rows
Nov 2 10:54:02 uranium postfix/smtpd[12121]: maps_find: virtual_mailbox_maps:
thomas_polli...@yahoo.com: not found
Nov 2 10:54:02 uranium postfix/smtpd[12121]: match_string: yahoo.com ~?
uranium.polliard.com
Nov 2 10:54:02 uranium postfix/smtpd[12121]: match_string: yahoo.com ~?
localhost.polliard.com
Nov 2 10:54:02 uranium postfix/smtpd[12121]: match_string: yahoo.com ~?
localhost
Nov 2 10:54:02 uranium postfix/smtpd[12121]: match_list_match: yahoo.com: no
match
Nov 2 10:54:02 uranium postfix/smtpd[12121]: dict_pgsql_get_active: found
active connection to host localhost
Nov 2 10:54:02 uranium postfix/smtpd[12121]: dict_pgsql: successful query from
host localhost
Nov 2 10:54:02 uranium postfix/smtpd[12121]: dict_pgsql_lookup: retrieved 0
rows
Nov 2 10:54:02 uranium postfix/smtpd[12121]: maps_find: virtual_mailbox_maps:
@yahoo.com: not found
Nov 2 10:54:02 uranium postfix/smtpd[12121]: mail_addr_find:
thomas_polli...@yahoo.com -> (not found)
Nov 2 10:54:02 uranium postfix/smtpd[12121]: NOQUEUE: reject: RCPT from
pool-96-253-127-251.rcmdva.fios.verizon.net[96.253.127.251]: 550 5.1.1
<thomas_polli...@yahoo.com>: Recipient address rejected: User unknown in
virtual mailbox table; from=<tho...@polliard.com>
to=<thomas_polli...@yahoo.com> proto=ESMTP helo=<[10.0.1.4]>
Nov 2 10:54:02 uranium postfix/smtpd[12121]: >
pool-96-253-127-251.rcmdva.fios.verizon.net[96.253.127.251]: 550 5.1.1
<thomas_polli...@yahoo.com>: Recipient address rejected: User unknown in
virtual mailbox table
Nov 2 10:54:02 uranium postfix/smtpd[12121]: <
pool-96-253-127-251.rcmdva.fios.verizon.net[96.253.127.251]: QUIT
Nov 2 10:54:02 uranium postfix/smtpd[12121]: >
pool-96-253-127-251.rcmdva.fios.verizon.net[96.253.127.251]: 221 2.0.0 Bye
