1

We have had a little used mail server running fine for more than a year but earlier today it started to fail to authenticate users occasionally and now it has stopped even trying to authenticate.

The messages in the mail log are:


www imapd: authdaemon: s_connect() failed: Connection refused
www imapd: [Hint: perhaps authdaemond is not running?]
www imapd: LOGIN FAILED, user=XXX, ip=[::ffff:aaa.bbb.ccc.ddd]
www imapd: authentication error: Connection refused

But as far as I can see everything is running, it just is not working.

Before it failed completely it was cycling through each authentication method before it found the appropriate one, now it does not, apparently, attempt to go through any of them.

netstat -napt outputs:

tcp        0      0 :::143  :::*  LISTEN      25051/couriertcpd

ps alx outputs:


5     0 25087     1  20   0   3952   284 -      S    ?          0:00 /usr/sbin/courierlogger -pid=/var/spool/authdaemon/pid -start /usr/libexec/courier-authlib/authdaemond
4     0 25088 25087  20   0  61320  1472 -      S    ?          0:00 /usr/libexec/courier-authlib/authdaemond
1     0 25089 25088  20   0  61320   356 -      S    ?          0:00 /usr/libexec/courier-authlib/authdaemond
1     0 25090 25088  20   0  61320   360 -      S    ?          0:00 /usr/libexec/courier-authlib/authdaemond
1     0 25091 25088  20   0  61320   368 -      S    ?          0:00 /usr/libexec/courier-authlib/authdaemond
1     0 25092 25088  20   0  61320   368 -      S    ?          0:00 /usr/libexec/courier-authlib/authdaemond
1     0 25093 25088  20   0  61320   368 -      S    ?          0:00 /usr/libexec/courier-authlib/authdaemond

I have restarted (more times than I care to remember) courier-authlib and courier-imap, and have now copied the distribution configuration file /etc/authlib/authdeamonrc.dist over the /etc/authlib/authdaemonrc file that was in use, although I do not think it had been changed anyway.

Telneting to imap port 143 both locally and from a remote client then entering 


a login username password

Just gives me the message:


* BYE Temporary problem, please try again later
Connection closed by foreign host.

and the same 'connection refused' messages in the email log as I mentioned in the first part of this message.

It is an oldish (~2 years) system so the various programs will be far from the latest versions but it has been working fine for a long time, so it cannot just be a code issue.

If anyone can give me any clues about how I can take the diagnosis process further it would be much appreciated.

This is the line from /etc/authlib/authdaemonrc that authdaemon seems to be ignoring:


authmodulelist="authuserdb authpam authpgsql authldap authmysql authcustom authpipe"
blankabout
  • 1,004
  • 1
  • 9
  • 16

1 Answers1

2

Have a look at the authdaemonrc (if I remember correctly) config file. It should have the details on how it authenticates. If it's for example using ldap, see whether your ldap server is still there, if it's using mysql... Fix this and you'll probably fix your issue.

Lmwangi
  • 342
  • 1
  • 6
  • AS I mentioned in my post,it should be cycling through these authentication methods (from /etc/authlib/authdaemonrc) – blankabout Mar 05 '11 at 04:31
  • Please ignore most of my previous comment, I have updated my original post with the line from /etc/authlib/authdaemonrc that should be processed but seems to be ignored. – blankabout Mar 05 '11 at 04:40
  • Enable debugging for authdaemond. Please see http://www.courier-mta.org/authlib/README.authdebug.html . Also find out where your users are stored. Once you know the relevant user store, try find an alternate way to debug authentication with it. Or better, turn on debugging for the auth store. You can grep your /etc/passwd, or bind to your ldap store or connect to your sql server. For all these different stores (well, mysql and ldap at least), there's apt to be a configuration file somewhere in your courier configs with the [mysql|ldap] host, password, database|DN etc. – Lmwangi Mar 05 '11 at 08:12