SASL LOGIN authentication failed: Invalid authentication mechanism on Rails using Postfix and Dovecot on Ubuntu 12.10
I have configured an ubuntu 12.10 server with Postfix and Dovecot. Nonetheless, I have SASL Login authentication problem when I try to send emails using a rails web application.
Using RoundCube Webmail, I get this log when I send an email:
Feb 21 21:09:01 ks400054 postfix/qmgr[17883]: 61D4E113: removed
Feb 21 21:16:34 ks400054 postfix/smtpd[19157]: connect from ks400054.kimsufi.com[37.59.38.218]
Feb 21 21:16:34 ks400054 postfix/smtpd[19157]: 9FA8419: client=ks400054.kimsufi.com[37.59.38.218], sasl_method=CRAM-MD5, [email protected]
Feb 21 21:16:34 ks400054 postfix/cleanup[19161]: 9FA8419: message-id=<[email protected]>
Feb 21 21:16:34 ks400054 postfix/qmgr[17883]: 9FA8419: from=<[email protected]>, size=723, nrcpt=1 (queue active)
Feb 21 21:16:34 ks400054 postfix/smtpd[19157]: disconnect from ks400054.kimsufi.com[37.59.38.218]
Feb 21 21:16:35 ks400054 postfix/smtp[19162]: 9FA8419: to=<[email protected]>, relay=gmail-smtp-in.l.google.com[2a00:1450:4013:c01::1b]:25, delay=0.91, delays=0.26/0.02/0.1/0.53, dsn=2.0.0, status=sent (250 2.0.0 OK 1361477795 w41si55958842eel.117 - gsmtp)
Feb 21 21:16:35 ks400054 postfix/qmgr[17883]: 9FA8419: removed
However, when I try to send the email using the Rails webapp, I get this log:
Feb 21 21:17:32 ks400054 postfix/smtpd[19157]: connect from ks400054.kimsufi.com[37.59.38.218]
Feb 21 21:17:32 ks400054 postfix/smtpd[19157]: warning: ks400054.kimsufi.com[37.59.38.218]: SASL LOGIN authentication failed: Invalid authentication mechanism
Feb 21 21:17:32 ks400054 postfix/smtpd[19157]: lost connection after AUTH from ks400054.kimsufi.com[37.59.38.218]
Feb 21 21:17:32 ks400054 postfix/smtpd[19157]: disconnect from ks400054.kimsufi.com[37.59.38.218]
Feb 21 21:17:33 ks400054 postfix/smtpd[19157]: connect from ks400054.kimsufi.com[37.59.38.218]
Feb 21 21:17:33 ks400054 postfix/smtpd[19157]: warning: ks400054.kimsufi.com[37.59.38.218]: SASL LOGIN authentication failed: Invalid authentication mechanism
Feb 21 21:17:33 ks400054 postfix/smtpd[19157]: lost connection after AUTH from ks400054.kimsufi.com[37.59.38.218]
Feb 21 21:17:33 ks400054 postfix/smtpd[19157]: disconnect from ks400054.kimsufi.com[37.59.38.218]
My Postfix main.cf file is as follows:
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
myhostname = localhost
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = $myhostname
mynetworks = 127.0.0.0/8, 10.0.0.0/24
mailbox_size_limit = 0
home_mailbox = Maildir/
virtual_alias_maps = hash:/etc/postfix/virtual
virtual_mailbox_domains = /etc/postfix/vhosts
virtual_mailbox_base = /var/vmail
virtual_mailbox_maps = hash:/etc/postfix/vmaps
virtual_minimum_uid = 1000
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
recipient_bcc_maps = hash:/etc/postfix/recipient_bcc
recipient_delimiter = +
inet_interfaces = all
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noplaintext,noanonymous
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth-client
virtual_transport=dovecot
dovecot_destination_recipient_limit=1
My Postfix master.cf file is as follows:
#
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - - - - smtpd
smtps inet n - - - - smtpd
-o smtpd_tls_wrappermode=yes
submission inet n - - - - smtpd
pickup fifo n - - 60 1 pickup
-o content_filter=
-o receive_override_options=no_header_body_checks
cleanup unix n - - - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - - - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - - - - smtp
-o smtp_fallback_relay=
showq unix n - - - - showq
error unix - - - - - error
retry unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
amavis unix - - - - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
127.0.0.1:10025 inet n - - - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
# AV scan filter (used by content_filter)
scan unix - - n - 16 smtp
-o smtp_send_xforward_command=yes
# For injecting mail back into postfix from the filter
127.0.0.1:10025 inet n - n - 16 smtpd
-o content_filter=
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks_style=host
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient}
And my Dovecot configuration file, my dovecot.conf is as follows:
auth_mechanisms = plain cram-md5
auth_verbose = yes
base_dir = /var/run/dovecot/
info_log_path = /var/log/dovecot.info
log_path = /var/log/dovecot
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_location = maildir:/var/vmail/%d/%n
passdb {
args = /etc/dovecot/passwd
driver = passwd-file
}
protocols = imap pop3
service auth {
executable = /usr/lib/dovecot/auth
user = root
}
service imap-login {
chroot = login
executable = /usr/lib/dovecot/imap-login
user = dovecot
}
service imap {
executable = /usr/lib/dovecot/imap
}
service pop3-login {
chroot = login
executable = /usr/lib/dovecot/pop3-login
user = dovecot
}
service pop3 {
executable = /usr/lib/dovecot/pop3
}
ssl = no
userdb {
args = /etc/dovecot/users
driver = passwd-file
}
valid_chroot_dirs = /var/spool/vmail
protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
}
auth default {
mechanisms = plain cram-md5
passdb passwd-file {
args = /etc/dovecot/passwd
}
userdb passwd-file {
args = /etc/dovecot/users
}
user = root
socket listen {
client {
# The client socket is generally safe to export to everyone. Typical use
# is to export it to your SMTP server so it can do SMTP AUTH lookups
# using it.
path = /var/spool/postfix/private/auth-client
mode = 0660
user = postfix
group = postfix
}
}
}
Then, the mail configuration on the Rails app is as follows:
config.action_mailer.smtp_settings = {
:address => "ks400054.kimsufi.com" ,
:port => 25,
:domain => "ks400054.kimsufi.com" ,
:user_name => "[email protected]" ,
:password => "THE_CORRECT_PASSWORD",
:authentication => :cram_md5,
:enable_starttls_auto => true,
:tls => true
}
I don't know why I can not login using the Rails webapp.
What am I missing? Is it something on the configuration?
Answer
I migrate from dovecot to the classical configuration.
When I mean classical I mean I followed this 2010 how-to
On Ubuntu 12.10 you have to change /etc/postfix/main.cf into this one:
myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name
biff = no
append_dot_mydomain = no
readme_directory = no
mydestination =
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mynetworks_style = host
mailbox_size_limit = 0
virtual_mailbox_limit = 0
recipient_delimiter = +
inet_interfaces = all
message_size_limit = 0
# SMTP Authentication (SASL)
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain =
# Encrypted transfer (SSL/TLS)
smtp_use_tls = yes
smtpd_use_tls = yes
smtpd_tls_cert_file=/etc/apache2/ssl/mail.crt
smtpd_tls_key_file=/etc/apache2/ssl/mail.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# Basic SPAM prevention
smtpd_helo_required = yes
smtpd_delay_reject = yes
disable_vrfy_command = yes
smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks,permit
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
# Force incoming mail to go through Amavis
content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings
# Virtual user mappings
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
virtual_mailbox_base = /var/spool/mail/virtual
virtual_mailbox_maps = mysql:/etc/postfix/maps/user.cf
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
virtual_alias_maps = mysql:/etc/postfix/maps/alias.cf
virtual_mailbox_domains = mysql:/etc/postfix/maps/domain.cf
And it works.