Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

Setting up postfix, fails to authenticate
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Letharion
Veteran
Veteran


Joined: 13 Jun 2005
Posts: 1344
Location: Sweden
PostPosted: Mon May 03, 2010 6:30 pm    Post subject: Setting up postfix, fails to authenticate Reply with quote
I've set up postfix according to the gentoo docs: http://www.gentoo.org/doc/en/virt-mail-howto.xml

Sending e-mails work well, and after adding postfix to :vmail and giving g+rw to the stuff under /home/vmail I got the server to recieve e-mails without any complaints.

Now however, I would also like to be able to get them, and here I'm stuck.
Code:
telnet mail.letharion.se 110
Trying 94.247.168.189...
Connected to mail.letharion.se.
Escape character is '^]'.
+OK Hello there.
USER letharion
+OK Password required.
PASS $mypasshere
-ERR Login failed.
Connection closed by foreign host.


I've tried typing the password many times and it just doesn't work. Most likely I've done something trivial wrong, like specified a table name incorrectly or somesuch, but the logs aren't very helpful:
Code:
authdaemond: pam_unix(pop3:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=  user=letharion

Wow, now I know _exactly_ what went wrong ;)

So I've been trying to use strace to find out more. First I figured I'd see, "Is mysql even asked about the password?"
Running
strace -p $(ps -C mysqld -o pid=)
I get stuck at "select(15, [13 14], NULL, NULL, NULL" until I complete the USER/PASS messages in a telnet terminal, when a large chunk of information is printed. Unfortunately it doesn't really tell me much. I see a bnuch of fcntl, so there's disc access, but I can't see anything about the actual data being transferred

When looking at some of the authdemond's, I get:
Code:
# strace -p 1803
Process 1803 attached - interrupt to quit
select(6, [3 5], NULL, NULL, {237, 756000}) = 1 (in [5], left {233, 213000})
accept(5, 0x7fffd21441b0, [16])         = -1 EAGAIN (Resource temporarily unavailable)
select(6, [3 5], NULL, NULL, {300, 0}

Not sure if I should care about the "Resource temporarily unavailable", it sure looks like a potential problem?

The courier and sasl processes give me nothing interesting, if anything at all.

Setting up an MTA is a "character building experience", to say the least ;)
Back to top
View user's profile Send private message
Anarcho
Advocate
Advocate


Joined: 06 Jun 2004
Posts: 2970
Location: Germany
PostPosted: Mon May 03, 2010 6:54 pm    Post subject: Reply with quote
Try setting

DEBUG_LOGIN=1

(maybe even to 2, this logs passwords as well)

in /etc/courier/authlib/authdaemonrc and restart the courier daemons. Maybe this helps.

EDIT: what I didn't like in the HOWTO above is the storing of plaintext passwords in the database. I changed this to using SHA1 Hash values.
_________________
...it's only Rock'n'Roll, but I like it!
Back to top
View user's profile Send private message
Letharion
Veteran
Veteran


Joined: 13 Jun 2005
Posts: 1344
Location: Sweden
PostPosted: Mon May 03, 2010 7:15 pm    Post subject: Reply with quote
Thanks for the suggestion.

I set the debugging:
# grep "^DEBUG_LOGIN=" /etc/courier/authlib/authdaemonrc
DEBUG_LOGIN=2

And I restarted all 4 courier daemons (And took postfix and sasl while I was at it)

The comments say that this info will be dumped into debug, which in turn goes to /var/log/debug but I see nothing of interest there.
I completely agree about the plaintext passwords, but I want to get any authentication at all working first ;)
Back to top
View user's profile Send private message
Anarcho
Advocate
Advocate


Joined: 06 Jun 2004
Posts: 2970
Location: Germany
PostPosted: Tue May 04, 2010 7:44 am    Post subject: Reply with quote
If I remember correctly, it was logged into one of the mail logfiles (e.g. /var/log/mail.log) but I think it depends on your syslog setup.

You could try "grep authdaemon /var/log/*" to find the logfile.
_________________
...it's only Rock'n'Roll, but I like it!
Back to top
View user's profile Send private message
Letharion
Veteran
Veteran


Joined: 13 Jun 2005
Posts: 1344
Location: Sweden
PostPosted: Tue May 04, 2010 9:20 am    Post subject: Reply with quote
For POP3, the error was trivial. I'm used to logging in as "letharion", but the MTA (obviously) needed me to log in as "letharion@letharion.se". :oops: I realised this when I started logging mysql queries.

Something is still wrong with IMAP-auth, which I'm gonna look into as well, but that has a bit lower priority.

Thanks a lot Anarcho :)
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy