[ale] Anyone have experience hosting email for multiple domains?

Wed Sep 16 15:10:25 EDT 2009

Yes, /usr/lib/sasl2/smtpd.conf had that content. I even copied the
file to /etc/sasl2/ just in case. I took your advice and started
looking for other locations that file could be and thought about
/usr/lib/ vs. /usr/local/lib/ at which point I realized that this is
a...
~# uname -a
Linux slice1.bronosky.com 2.6.24-24-xen #1 SMP Tue Aug 18 18:15:39 UTC
2009 x86_64 x86_64 x86_64 GNU/Linux

I copied the file to /usr/lib64/sasl2/ and after a restart, we were
all good. Thanks for the pointer. The simple act of including "(Actual
location may change depending on distro)" caused me to have what I
call a "light bulb moment". (I'm always engaging my engineers and
developers trying to trigger these. When I'm done, I tell them what I
was doing. But I think they still think I'm crazy, or lonely.)

I hate to be a nag, because I really do think that you have the best
instructions on the web. You might want to add in a note about lib64
for 64bit kernels. (It should be obvious, but I wasn't sure that
putting a conf file in a lib dir was what I wanted to do, or even
where the problem resided.)

.!# RichardBronosky #!.

On Wed, Sep 16, 2009 at 12:30 PM, Brandon Checketts
<brandon at brandonchecketts.com> wrote:
> Richard,
>
> It looks like you postfix is trying to authenticate with saslauthd
> instead of doing it directly via SQL.  Check the contents of
> /usr/lib/sasl2/smtpd.conf (Actual location may change depending on
> distro).  It should contains something like:
>
> [root at secure /]# cat /usr/lib/sasl2/smtpd.conf
> pwcheck_method: auxprop
> mech_list:      PLAIN LOGIN
> auxprop_plugin: sql
> sql_verbose:    yes
> sql_engine:     mysql
> sql_hostnames:  localhost
> sql_user:       [username]
> sql_passwd:     [password]
> sql_database:   [dbname]
> sql_select:     SELECT password FROM mailbox WHERE username = '%u@%r'
>
>
> Thanks,
> Brandon Checketts
>
>
> Richard Bronosky wrote:
>> Brandon,
>> I can't get smtp authentication to hit the DB. I get failures to auth,
>> but mysql never logs any queries. (the first entry verifies that I
>> have the general query log enabled:
>>
>> tail -f /var/log/messages /var/log/maillog /var/log/mysqld.log
>> ==> /var/log/mysqld.log <==
>>                       2 Query       select version()
>>
>> ==> /var/log/maillog <==
>> Sep 16 07:26:33 primary postfix/smtpd[16453]: connect from
>> mail-iw0-f198.google.com[209.85.223.198]
>> Sep 16 07:26:33 primary postfix/smtpd[16453]: setting up TLS
>> connection from mail-iw0-f198.google.com[209.85.223.198]
>> Sep 16 07:26:33 primary postfix/smtpd[16453]: TLS connection
>> established from mail-iw0-f198.google.com[209.85.223.198]: TLSv1 with
>> cipher RC4-MD5 (128/128 bits)
>>
>> ==> /var/log/messages <==
>> Sep 16 07:26:35 primary saslauthd[15623]: do_auth         : auth
>> failure: [user=emailsender] [service=smtp] [realm=bronosky.com]
>> [mech=pam] [reason=PAM auth error]
>>
>> ==> /var/log/maillog <==
>> Sep 16 07:26:35 primary postfix/smtpd[16453]: warning: SASL
>> authentication failure: Password verification failed
>> Sep 16 07:26:35 primary postfix/smtpd[16453]: warning:
>> mail-iw0-f198.google.com[209.85.223.198]: SASL PLAIN authentication
>> failed: authentication failure
>> Sep 16 07:26:35 primary postfix/smtpd[16453]: disconnect from
>> mail-iw0-f198.google.com[209.85.223.198]
>>
>>
>> .!# RichardBronosky #!.
>>
>>
>>
>> On Mon, Aug 31, 2009 at 2:58 PM, Brandon Checketts
>> <brandon at brandonchecketts.com> wrote:
>>> Great.  Glad it helped.
>>>
>>> Thanks,
>>> Brandon Checketts
>>>
>>>
>>> Richard Bronosky wrote:
>>>> Brandon, that knocked it out of the park. I've just skimmed it so far,
>>>> but you have the best documentation I've seen. I'm so glad I asked.
>>>> You just blew my mind... Like a Boss!
>>>>
>>>> On Mon, Aug 31, 2009 at 11:16 AM, Brandon
>>>> Checketts<brandon at brandonchecketts.com> wrote:
>>>>> I run a mail hosting service using Postfix and Dovecot and have a howto
>>>>> set up at http://www.brandonchecketts.com/centos-mail-toaster.php  that
>>>>> details the basic configuration.   I use that about once a month when
>>>>> setting it up for somebody else and make small changes as new package
>>>>> versions are released, so it should be pretty accurate and  I know it
>>>>> works on CentOS 5.3.   Account credentials are stored in a MySQL backend
>>>>> and it uses PostfixAdmin to manage the database of users.  I run several
>>>>> hundred mailboxes off of it, and it works out great.
>>>>>
>>>>> Thanks,
>>>>> Brandon Checketts
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> Richard Bronosky wrote:
>>>>>> I'd like to avoid reliving your horror stories. I'm a big fan of
>>>>>> "learn from the mistakes of other, don't make them yourself." So far I
>>>>>> have installed postfix and dovecot on a CentOS 5.3 slicehost slice.
>>>>>> Here are my needs (which I will compromise on if I must):
>>>>>> 1. Forward email for at least 8 domains to other services (mostly Gmail).
>>>>>> 2. Act as a secure sendmail server so that Gmail will send _from_ my
>>>>>> domain, not _on behalf of_ my domain.
>>>>>> 3. Act as 'final destination' for at least 1 domain.
>>>>>> 4. Server IMAP for final destination domain[s].
>>>>>>
>>>>>> So, any advice, good reads, etc.? I have worked through
>>>>>> http://wiki.centos.org/HowTos/postfix and am going through
>>>>>> http://www.postfix.org/VIRTUAL_README.html I haven't started with
>>>>>> http://wiki.dovecot.org/VirtualUsers so I don't know if I need that
>>>>>> yet.
>>>>>>
>>>>> _______________________________________________
>>>>> Ale mailing list
>>>>> Ale at ale.org
>>>>> http://mail.ale.org/mailman/listinfo/ale
>>>>>
>>>>
>>>>
>>> _______________________________________________
>>> Ale mailing list
>>> Ale at ale.org
>>> http://mail.ale.org/mailman/listinfo/ale
>>>
>>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
>