NOTE: Some of this post contains potentially sensitive information that I've censored out. If you see random piles of asterisks anywhere, that's why.
I'm trying to create an email server using Postfix, Dovecot, MariaDB on a cloud instance running Ubuntu 18.04 LTS. To do this, I have been following this tutorial. Previously, I had managed to create a system whereby I could log into virtual users configured in an associated database, as well as send and receive mail.
However, some time after I had configured that same web server to use OpenDKIM for enhanced security, everything stopped working. I couldn't log into my account, and I am no longer able to receive any mail.
When I do try and attempt to log in, regardless of whether I am using Thunderbird or Roundcube, my credentials are refused.
At first, I tried changing the password to my account by altering its hash in the database using the following SQL query:
UPDATE `mailserver`.`virtual_users` SET password=ENCRYPT('newpassword', CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))) WHERE username='************';
I could visibly see using phpMyAdmin that this change wrote to the database successfully, but when I tried the new password with the same username, I was refused access. I then attempted to create a brand new virtual user and log into that. I was refused again.
No matter what I try, it seems that the server will not accept the credentials as valid.
At first, I considered that this might be a database issue, but when I run postconf on the lookup query files for users, mailboxes and aliases, every single test gives me the expected result, as outlined on the tutorial. All mentions of the SQL credentials appear to be correct. I have tried restarting the server, and while I did encounter an issue where MariaDB was prevented from restarting due to being blocked by apparmor, I am still unable to log in after purging apparmor completely from the system and restarting the database and all other mail-related services.
This finally led me to looking at the logs. They kept mentioning the failure of a function called pam_authenticate. I found a question that was having a similar problem, but that also mentioned having low memory, which my logs do not.
I'd give an example of those logs, but StackExchange seems to think they look too much like spam. Sorry!
