0

I set up a postfix mail server with dovecot on Fedora 25. It works fine on a web browser via Squirrelmail. However, still cannot connect via mail client programs like Outlook and Evolution.

On Evolution the setup is as follows:

server type: IMAP+
server: mail.domain.com
port: 143
username: user@domain.com
encryption method: No encryption
sending email server: smtp.domain.com
encryption method: No encryption

Certainly the server names are fake here. Refreshing the client pops up a window with following details:

Mail authentication request
Please enter the password for mail account "user@domain.com"
Add this password to your keyring  (ticked)

Entering the password and saving keeps bringing the error back. Any suggestions to resolve the problem?

postconf -n

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
compatibility_level = 2
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
inet_protocols = ipv4
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
meta_directory = /etc/postfix
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mydomain = domain.com
myhostname = mail.domain.com
mynetworks = 192.168.0.0/24, 127.0.0.0/8, [::1]/128
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix/README_FILES
sample_directory = /usr/share/doc/postfix/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
shlib_directory = /usr/lib64/postfix
unknown_local_recipient_reject_code = 550

postconf -M

smtp       inet  n       -       n       -       -       smtpd
pickup     unix  n       -       n       60      1       pickup
cleanup    unix  n       -       n       -       0       cleanup
qmgr       unix  n       -       n       300     1       qmgr
tlsmgr     unix  -       -       n       1000?   1       tlsmgr
rewrite    unix  -       -       n       -       -       trivial-rewrite
bounce     unix  -       -       n       -       0       bounce
defer      unix  -       -       n       -       0       bounce
trace      unix  -       -       n       -       0       bounce
verify     unix  -       -       n       -       1       verify
flush      unix  n       -       n       1000?   0       flush
proxymap   unix  -       -       n       -       -       proxymap
proxywrite unix  -       -       n       -       1       proxymap
smtp       unix  -       -       n       -       -       smtp
relay      unix  -       -       n       -       -       smtp
showq      unix  n       -       n       -       -       showq
error      unix  -       -       n       -       -       error
retry      unix  -       -       n       -       -       error
discard    unix  -       -       n       -       -       discard
local      unix  -       n       n       -       -       local
virtual    unix  -       n       n       -       -       virtual
lmtp       unix  -       -       n       -       -       lmtp
anvil      unix  -       -       n       -       1       anvil
scache     unix  -       -       n       -       1       scache

Here is some logs, might be useful:

auth[3779]: pam_unix(dovecot:auth): check pass; user unknown
audit[3779]: USER_AUTH pid=3779 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:dovecot_auth_t:s0 msg='op=PAM:authentication grantors=? acct="?" exe="/usr/libexec/dovecot/auth" hostname=XXX.XXX.XXX.XXX addr=XXX.XXX.XXX.XXX terminal=dovecot res=failed'
auth[3779]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=user@XXX.XXX.XXX.XXX rhost=XXX.XXX.XXX.XXX
dovecot[988]: pop3-login: Disconnected (auth failed, 1 attempts in 6 secs): user=<user@XXX.XXX.XXX.XXX>, method=PLAIN, rip=XXX.XXX.XXX.XXX, lip=XXX.XXX.XXX.XXX, secured, session=<x5+OzBheDLtZ+lTF>
dbus-daemon[1722]: [session uid=1000 pid=1722] Activating via systemd: service name='org.gnome.Terminal' unit='gnome-terminal-server.service' requested by ':1.114' (uid=1000 pid=3782 comm="gnome-terminal " label="unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023")
systemd[1699]: Starting GNOME Terminal Server...
dbus-daemon[1722]: [session uid=1000 pid=1722] Successfully activated service 'org.gnome.Terminal'
systemd[1699]: Started GNOME Terminal Server.
dbus-daemon[703]: [system] Activating via systemd: service name='net.reactivated.Fprint' unit='fprintd.service' requested by ':1.122' (uid=0 pid=3825 comm="su " label="unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023")
systemd[1]: Starting Fingerprint Authentication Daemon...
dbus-daemon[703]: [system] Successfully activated service 'net.reactivated.Fprint'
audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=fprintd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
systemd[1]: Started Fingerprint Authentication Daemon.
audit[3825]: USER_AUTH pid=3825 uid=1000 auid=1000 ses=3 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=pam_unix acct="root" exe="/usr/bin/su" hostname=mail.domain.com addr=? terminal=pts/0 res=success'
audit[3825]: USER_ACCT pid=3825 uid=1000 auid=1000 ses=3 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="root" exe="/usr/bin/su" hostname=mail.domain.com addr=? terminal=pts/0 res=success'
su[3825]: (to root) user on pts/0
audit[3825]: CRED_ACQ pid=3825 uid=1000 auid=1000 ses=3 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="root" exe="/usr/bin/su" hostname=mail.domain.com addr=? terminal=pts/0 res=success'
su[3825]: pam_systemd(su:session): Cannot create session: Already occupied by a session
su[3825]: pam_unix(su:session): session opened for user root by (uid=1000)
audit[3825]: USER_START pid=3825 uid=1000 auid=1000 ses=3 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/su" hostname=mail.domain.com addr=? terminal=pts/0 res=success'
gnome-terminal-[3787]: Allocating size to GtkScrollbar 0x55cae1f9c380 without calling gtk_widget_get_preferred_width/height(). How does the code know the size to allocate?
gnome-terminal-[3787]: Allocating size to GtkScrollbar 0x55cae1f9c380 without calling gtk_widget_get_preferred_width/height(). How does the code know the size to allocate?
audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=fprintd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
audit[3779]: USER_AUTH pid=3779 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:dovecot_auth_t:s0 msg='op=PAM:authentication grantors=pam_unix acct="user" exe="/usr/libexec/dovecot/auth" hostname=127.0.0.1 addr=127.0.0.1 terminal=dovecot res=success'
audit[3779]: USER_ACCT pid=3779 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:dovecot_auth_t:s0 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="user" exe="/usr/libexec/dovecot/auth" hostname=127.0.0.1 addr=127.0.0.1 terminal=dovecot res=success'
dovecot[988]: imap-login: Login: user=<user>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=3870, secured, session=<6X5VzxheRMx/AAAB>
dovecot[988]: imap(user): Logged out in=79 out=767
dovecot[988]: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<JTFN0BheRsx/AAAB>
dbus-daemon[703]: [system] Activating via systemd: service name='org.freedesktop.hostname1' unit='dbus-org.freedesktop.hostname1.service' requested by ':1.125' (uid=1000 pid=3900 comm="evolution " label="unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023")
systemd[1]: Starting Hostname Service...
dbus-daemon[703]: [system] Successfully activated service 'org.freedesktop.hostname1'
systemd[1]: Started Hostname Service.
audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
kernel: nouveau 0000:05:00.0: imem: PRAMIN exhausted
kernel: nouveau 0000:05:00.0: imem: PRAMIN exhausted
kernel: nouveau 0000:05:00.0: imem: PRAMIN exhausted
kernel: nouveau 0000:05:00.0: imem: PRAMIN exhausted
kernel: nouveau 0000:05:00.0: imem: PRAMIN exhausted
kernel: nouveau 0000:05:00.0: imem: PRAMIN exhausted
kernel: nouveau 0000:05:00.0: imem: PRAMIN exhausted
kernel: nouveau 0000:05:00.0: imem: PRAMIN exhausted
auth[3972]: pam_unix(dovecot:auth): check pass; user unknown
audit[3972]: USER_AUTH pid=3972 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:dovecot_auth_t:s0 msg='op=PAM:authentication grantors=? acct="?" exe="/usr/libexec/dovecot/auth" hostname=127.0.0.1 addr=127.0.0.1 terminal=dovecot res=failed'
auth[3972]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=user@domain.com rhost=127.0.0.1

The history of this issue is described here. Temporary authentication failure 454 4.7.1 <email>: Relay access denied

Yerbol
  • 43
  • 2
  • 7
  • You will need to have postfix listening to and accepting incoming internet connections (port 25 for SMTP, possibly 587 for Mail Submission) Since you don't want to be an open relay you will have to configure (sasl) authentication in Postfix which will allow mail users and programs like Outlook and Evolution to authenticate when submitting email messages. http://www.postfix.org/SASL_README.html – HBruijn Nov 16 '17 at 12:23
  • Rather than (only) describing client issues, also try to include relevant error messages recorded by your server and as described in the Postfix tag the output of `postconf -n` (non-default content of main.cf) and `postconf -M` (content of master.cf) generally help. – HBruijn Nov 16 '17 at 12:33
  • Thanks for the guide, I ll read it later. Is SASL authentication in postfix essential for clients to be able to connect or is it some important step along the way to improve the server? I need to figure out what is holding me from connecting the client. Asking because, emails can come and go on the browser. Thinking that it means that postfix working fine and necessary ports are open. Correct me if Im wrong. Looking at the logs here, thought the issue lies in dovecot. No? – Yerbol Nov 16 '17 at 13:01
  • Remember that postfix will only take care of sending the emails, to read them you will be using Dovecot (I see it in the logs). When are you having the issue, when accessing the mailbox or when sending an email? If it's when reading you will need to double check dovecot configuration and logs. – Pablo Martinez Nov 17 '17 at 12:31
  • The issue happens when accessing the mailbox. What exactly should I be looking in dovecot config and logs? – Yerbol Nov 18 '17 at 13:05

0 Answers0