Postifx w/ SASL + Courier IMAP w/ SSL + Maildrop + MySQL + SpamAssassin

By: Serge Stepanov.
If you have any questions, comments or flames (yes, even those), please direct them to my address above.

UPDATE: You can post comments about this article at the bottom of the page.

UPDATE 1/6/2005: Thanks to Mark Biek for his contributions to this article! Before asking a question, check this article for some fixes.

In this document I am going to share my experience with setting up a viable virtual mail server solution for a Linux system. I have made countless attempts at trying to setup mail servers in the past, but have never been able to acheive the results that I desired. Whether it was the incomplete HOWTOs that I was reading or my own lack of knowledge on the subject, I don't know; but after eventually reading through enough document I was able to conceive a solution that works great (so far on two boxes). Most importantly, however, I will attempt to cover and help you resolve the common problems that myself and others have ran into.

If you found this document interesting, I invite you to look at my VPN Server HOWTO: PoPToP PPTP + MPPE 128bit Encryption + MPPC Compression VPN Server

By the end of this document you will hopefully achieve what I have:

  • A MySQL database which mail users will be primarily authenticated against.
  • Postfix MTA will allow SMTP AUTH SASL connections instead of using relay-domains. Authentication will be done against MySQL and PAM.
  • Maildrop will deliver mail to the users' home directories using Maildir style mail boxes.
  • Invoked within Maildrop, SpamAssassin will do it's best to flag spam. Then maildrop will deliver it into a separate Maildir.
  • Users will retrieve their mail using POP3 (not covered in this document) and IMAP over SSL. Authentication will be done against MySQL and PAM.
  • You will NOT need to use PAM-MySQL.

To start off, you will use the following applications:

Installing Sources

First and foremost, you need to compile the sources of the top applications. I will not go through installing MySQL since it is outside of the scope of this document.

OpenSSL

Compile and install OpenSSL.

$ tar zxvf openssl-0.9.7c.tar.gz
$ ./config
$ make
$ make test
$ make install (as root)

Cyrus SASL v2

The following assumes that you have MySQL setup in: /usr/local/mysql. We will be using the built in MySQL authentication module, instead of having to redirect the authentication to PAM-MySQL. Prior to installing these modules, attempt to remove any pre-installed ones (look in: /usr/lib, /usr/local/lib, /usr/local/lib/sasl2).

$ tar zxvf cyrus-sasl-2.1.15.tar.gz
$ export CPPFLAGS="-I/usr/local/mysql/include/mysql"
$ ./configure \
--enable-anon \
--enable-plain \
--enable-login \
--disable-krb4 \
--disable-otp \
--disable-cram \
--disable-digest \
--with-mysql=/usr/local/mysql/lib/mysql \
--without-pam \
--without-saslauthd \
--without-pwcheck \
--with-dblib=berkeley \
--with-bdb-libdir=/usr/local/bdb/lib \
--with-bdb-incdir=/usr/local/bdb/include \
--with-openssl=/usr/local/ssl \
--with-plugindir=/usr/local/lib/sasl2
$ make
$ make install (as root)

Check to make sure that the path /usr/local/lib is in /etc/ld.so.conf. If it is not, append that path to the file and run ldconfig (as root):

$ echo "/usr/local/lib" >> /etc/ld.so.conf
$ ldconfig

Postfix

Compiling Postfix is pretty straight forward. Be sure to add the postfix user and group. During the install it will ask for the user and group, use postfix and postdrop. For the configuration directory, specify /etc/postfix.

$ groupadd postdrop -g 1001 (as root)
$ useradd postfix -u 1001 -g 1001 (as root)
$ tar zxvf postfix-2.0.16.tar.gz
$ make makefiles 'CCARGS=-DHAS_MYSQL \
-I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH \
-I/usr/local/include/sasl -I/usr/local/bdb/include' 'AUXLIBS=-L/usr/local/mysql/lib/mysql \
-lmysqlclient -lz -lm -L/usr/local/lib -lsasl2 -L/usr/local/bdb/lib'
$ make install (as root)

After you finish with the interactive installation, you will need to check and see if Postfix is linked against SASL. To do this run the following from within the root of Postfix's source:

$ ldd ./bin/postconf

If everything worked well (and I hope it did), one of the lines should read:

libsasl2.so.2 => /usr/local/lib/libsasl2.so.2

Courier IMAP

As with Postfix, Courier IMAP should be simple to install. We will use /usr/local/courier as the base directory for the IMAPd and for Maildrop. This also allows you to use Courier MTA in the future without having to re-do a lot of things.

$ bzip2 -dc courier-imap-2.2.1.20031219.tar.bz2 | tar xvf -
$ ./configure \
--prefix=/usr/local/courier \
--with-mysql-libs=/usr/local/mysql/lib/mysql \
--with-mysql-includes=/usr/local/mysql/include/mysql/ \
--with-authmysql \
--with-authmysql=yes \
--with-authchangepwdir
$ make
$ make install (as root)

Now here is where I ran into a problem, Courier IMAP wouldn't compile with SSL support (in the log it was complaining about couriertls not being found). For some reason it wasn't finding the SSL libraries.

However, here is a quick fix that I found in a mail list (thanks to Michael Carmack).

$ cd <courier-source-dir>/tcpd
$ make distclean
$ export LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:/usr/local/ssl/lib
$ export LD_RUN_PATH=${LD_RUN_PATH}:/usr/local/ssl/lib
$ export C_INCLUDE_PATH=${C_INCLUDE_PATH}:/usr/local/ssl/lib
$ export LDFLAGS="${LDFLAGS} -L/usr/local/ssl/lib -Wl,--rpath=/usr/local/ssl/lib"
$ export CC="gcc -L/usr/local/ssl/lib -Wl,--rpath=/usr/local/ssl/lib"
$ ./configure
$ make couriertls
$ cp ./couriertls /usr/local/courier/bin (as root)

Viola! You just compiled courier's TLS interface with SSL support. Lastly, create an SSL certificate by running:

$ /usr/local/courier/share/mkimapdcert

Courier Maildrop

Now we go to installing Maildrop, our local delivery agent. First you create the user and group that Maildrop will deliver as. For our application, we will use vmail for both.

$ groupadd vmail -g 1004 (as root)
$ useradd vmail -u 1004 -g 1004 (as root)
$ tar zxvf maildrop-1.6.3.tar.gz
$ export CPPFLAGS="-I/usr/local/mysql/include"
$ export LDFLAGS="-L/usr/local/mysql/lib"
$ ./configure \
--prefix=/usr/local/courier \
--enable-maildropmysql \
--with-mysqlconfig=/usr/local/courier/etc/maildropmysql.config \
--enable-maildrop-uid=1004 \
--enable-maildrop-gid=1004
$ make
$ make install (as root)

SpamAssassin

We're almost done installing our sources, just one more to go. Prior to installing SpamAssassin, get all the required Perl modules (check the INSTALL file).

$ tar zxvf Mail-SpamAssassin-2.63.tar.gz
$ perl MakeFile.PL
$ make
$ make install (as root)

Database and Virtual Mail Directory Setup

Database

The database side of this was used from Martin List-Petersen's excellent document, ISP Mailserver Solution Howto that helped me most of the way. I will just copy the CREATE TABLE syntax that is provided in his HOWTO and explain the use of two main tables (things such as the default uid and gid have been modified to fit this document).

I expect that you have created the database (in this document we will use "mail" as our database) and have secured it with a user and password.

CRITICAL NOTE: When creating the user for our database, create TWO: one that authenticates from "localhost" and one from "127.0.0.1"
I don't know why it doesn't see it as the same, but on two different boxes (RedHat 9 and Slackware 9) it needed two seperate entries.

CREATE TABLE postfix_alias (
  id int(11) unsigned NOT NULL auto_increment,
  alias varchar(128) NOT NULL default '',
  destination varchar(128) NOT NULL default '',
  PRIMARY KEY (id)
) TYPE=MyISAM;

CREATE TABLE postfix_relocated (
  id int(11) unsigned NOT NULL auto_increment,
  email varchar(128) NOT NULL default '',
  destination varchar(128) NOT NULL default '',
  PRIMARY KEY (id)
) TYPE=MyISAM;

CREATE TABLE postfix_transport (
  id int(11) unsigned NOT NULL auto_increment,
  domain varchar(128) NOT NULL default '',
  destination varchar(128) NOT NULL default '',
  PRIMARY KEY (id),
  UNIQUE KEY domain (domain)
) TYPE=MyISAM;

CREATE TABLE postfix_users (
  id int(11) unsigned NOT NULL auto_increment,
  email varchar(128) NOT NULL default '',
  clear varchar(128) NOT NULL default '',
  crypt varchar(128) NOT NULL default '',
  name tinytext NOT NULL,
  uid int(11) unsigned NOT NULL default '1004',
  gid int(11) unsigned NOT NULL default '1004',
  homedir tinytext NOT NULL,
  maildir tinytext NOT NULL,
  quota tinytext NOT NULL,
  access enum('Y','N') NOT NULL default 'Y',
  postfix enum('Y','N') NOT NULL default 'Y',
  PRIMARY KEY (id),
  UNIQUE KEY email (email)
) TYPE=MyISAM;

CREATE TABLE postfix_virtual (
  id int(11) unsigned NOT NULL auto_increment,
  email varchar(128) NOT NULL default '',
  destination varchar(128) NOT NULL default '',
  PRIMARY KEY (id)
) TYPE=MyISAM;

CREATE TABLE postfix_access (
  id int(10) unsigned NOT NULL auto_increment,
  source varchar(128) NOT NULL default '',
  access varchar(128) NOT NULL default '',
  type enum('recipient','sender','client') NOT NULL default 'recipient',
  PRIMARY KEY (id)
) TYPE=MyISAM

In this document I will only go over the postfix_users and postfix_virtual tables, as Martin List-Petersen does a great job at describing the rest. When we get to testing, I will go into detail on what goes into those tables, for now just leave them empty.

Virtual Mail Directory

All mail for our virtual users will be stored in the following format:

/home/vmail
- domain.tld
-- user1
-- user2
--- Maildir
- domain2.tld

Seems simple enough, right? Go ahead and create only the top-most directory (/home/vmail) and set it's owner and group to vmail. For security reasons, chmod it 700.

$ mkdir /home/vmail
$ chown vmail.vmail /home/vmail
$ chmod 700 /home/vmail

Next we move onto configuration.

Configuring Installed Packages

The majority of this was found in Martin List-Petersen's document.

Postfix

Most configuration will be done to Postfix. Open up /etc/postfix/master.cf and change the following:

flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}

To:

flags=R user=vmail argv=/usr/local/courier/bin/maildrop -d ${recipient}

CRITICAL NOTE: Be sure that the two leading spaces on those lines remain present.

Now open up /etc/postfix/main.cf and configure the following:

myhostname = mail.example.com
mydomain = example.com
myorigin = $mydomain
mydestination = example.com, $transport_maps
local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname
home_mailbox = Maildir/

# Add the following to the bottom

smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated,
          check_recipient_access mysql:/etc/postfix/mysql-recipient.cf,           reject_unauth_destination, permit
smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-sender.cf
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-client.cf

alias_maps = mysql:/etc/postfix/mysql-aliases.cf
relocated_maps = mysql:/etc/postfix/mysql-relocated.cf
transport_maps = mysql:/etc/postfix/mysql-transport.cf
virtual_maps = mysql:/etc/postfix/mysql-virtual.cf
virtual_mailbox_base = /home/vmail
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf
virtual_uid_maps = mysql:/etc/postfix/mysql-virtual-uid.cf
virtual_gid_maps = mysql:/etc/postfix/mysql-virtual-gid.cf

Once again, the following is borrowed from Martin List-Petersen's document. To conserve time writing this document, I will paste the contents of the required files that allow Postfix to communicate with MySQL.

# mysql-aliases.cf
user = mysql-postfix-user
password = mysql-postfix-pass
dbname = mail
table = postfix_alias
select_field = destination
where_field = alias
hosts = 127.0.0.1

# mysql-relocated.cf
user = mysql-postfix-user
password = mysql-postfix-pass
dbname = mail
table = postfix_relocated
select_field = destination
where_field = email
hosts = 127.0.0.1

# mysql-transport.cf
user = mysql-postfix-user
password = mysql-postfix-pass
dbname = mail
table = postfix_transport
select_field = destination
where_field = domain
hosts = 127.0.0.1

# mysql-virtual.cf
user = mysql-postfix-user
password = mysql-postfix-pass
dbname = mail
table = postfix_virtual
select_field = destination
where_field = email
hosts = 127.0.0.1

# mysql-recipient.cf
user = mysql-postfix-user
password = mysql-postfix-pass
dbname = mail
table = postfix_access
select_field = access
where_field = source
additional_conditions = and type = 'recipient'
hosts = 127.0.0.1

# mysql-sender.cf
user = mysql-postfix-user
password = mysql-postfix-pass
dbname = mail
table = postfix_access
select_field = access
where_field = source
additional_conditions = and type = 'sender'
hosts = 127.0.0.1

# mysql-client.cf
user = mysql-postfix-user
password = mysql-postfix-pass
dbname = mail
table = postfix_access
select_field = access
where_field = source
additional_conditions = and type = 'client'
hosts = 127.0.0.1

# mysql-virtual-maps.cf
user = mysql-postfix-user
password = mysql-postfix-pass
dbname = mail
table = postfix_users
select_field = maildir
where_field = email
additional_conditions = and postfix = 'y'
hosts = 127.0.0.1

# mysql-virtual-uid.cf
user = mysql-postfix-user
password = mysql-postfix-pass
dbname = mail
table = postfix_users
select_field = uid
where_field = email
additional_conditions = and postfix = 'y'
hosts = 127.0.0.1

# mysql-virtual-gid.cf
user = mysql-postfix-user
password = mysql-postfix-pass
dbname = mail
table = postfix_users
select_field = gid
where_field = email
additional_conditions = and postfix = 'y'
hosts = 127.0.0.1

Of course you will have to substitue the username and password for the one you created earlier.

Courier IMAP

Open /usr/local/courier/etc/authdaemonrc (if it doesn't exist, make a copy from authdaemonrc.dist located in the same directory). Change the line that starts with "authmodulelist" to read:

authmodulelist="authmysql authpam"

Next create a file called authmysqlrc (in the same directory) and put the following in:

MYSQL_USERNAME          USRENAME
MYSQL_PASSWORD          PASSWORD
MYSQL_PORT              0
MYSQL_OPT               0
MYSQL_DATABASE          mail
MYSQL_USER_TABLE        postfix_users
MYSQL_LOGIN_FIELD       email
MYSQL_CRYPT_PWFIELD     crypt
MYSQL_CLEAR_PWFIELD     clear
MYSQL_UID_FIELD         uid
MYSQL_GID_FIELD         gid
MYSQL_HOME_FIELD        homedir
MYSQL_MAILDIR_FIELD     maildir
MYSQL_WHERE_CLAUSE      access='y'

Open imapd and make sure the following lines looks like this:

# This is all on one line
IMAP_CAPABILITY="IMAP4rev1 CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT AUTH=CRAM-MD5 AUTH=CRAM-SHA1 IDLE"

# Seperate line
IMAPDSTART=YES

Open imapd-ssl and make sure the following line looks like this:

IMAPDSSLSTART=YES

Courier Maildrop

While we're still in /usr/local/courier/etc edit or create a file called maildropmysql.config and put in the following:

hostname             localhost
port                 3306
database             mail
dbuser               USERNAME
dbpw                 PASSWORD
dbtable              postfix_users
default_uidnumber    1004
default_gidnumber    1004
uid_field            email
uidnumber_field      uid
gidnumber_field      gid
maildir_field        maildir
homedirectory_field  homedir
quota_field          quota
# unused for now, but needs to be a valid field.
mailstatus_field     postfix
where_clause         AND postfix = 'y'

Now we need to setup Maildrop to deliver our mail. Create (or edit) /etc/maildroprc and put in the following:

NOTE: Take care in bracket placement, Maildrop is very picky in this sense.

if ( $SIZE < 26144 )
{
    exception {
       xfilter "/usr/bin/spamassassin"
    }
}

if (/^X-Spam-Flag: *YES/)
{
    exception {
        to "$HOME/$DEFAULT/.Spam/"
    }
}
else
{
    exception {
        to "$HOME/$DEFAULT"
    }
}

Cyrus SASL

Since Cyrus will be doing some authenticating, we need to configure it as well. Create the file smptd.conf in /usr/local/lib/sasl2 and put in the following:

sasl_pwcheck_method: auxprop
sasl_auxprop_plugin: mysql login plain crammd6 digestmd5
mysql_user: USERNAME
mysql_passwd: PASSWORD
mysql_hostnames: localhost
mysql_database: mail
mysql_statement: SELECT clear FROM postfix_users WHERE email = '%u@%r'
mysql_verbose: yes

Finalizing

Adding a user

You are now ready to add a test user to the database, start the mailserver and test the whole system out.

Populate the postfix_transport table with the following:

domain: "test.com"
destination: "maildrop:"

The domain field needs no explination, however, the destination field does. In the destination field Postfix is told what program the message should be carried to.

For instance, if you wanted delivery to be handled by Postfix's internal system, you would put "virtual:" In our example however, we are using maildrop, so we put "maildrop:"

Next add a test user by populating the postfix_users table.

email: "test@test.com"
clear: "mypassword"
homedir: "/home/vmail"
maildir: "test.com/test/Maildir/"

That's all there is to adding a new user. The "email" field stores just that, the user's email (it must include the TLD). The "clear" field stores the user's password in clear text. "Homedir" contains the root directory for all virtual mail, if we were using "local:" delivery, this would be set to the user's home directory. Finally, "maildir" is the Maildir location relative to the homedir.

Starting the Daemons

Open up your system log (/var/log/messages or /var/log/maillog) and monitor it as you start your daemons:

$ /usr/local/courier/libexec/authlib/authdaemond start
$ /usr/local/courier/sbin/imapd start
$ /usr/local/courier/sbin/imapd-ssl start
$ /usr/sbin/postfix start

If everything went right, the daemons should start without any failures. nmap yourself and see what ports are open, there should be three (smtp, imap and imap-ssl)

Testing the SMTP and IMAP Servers

Everything not starting with a ">" or "$" is a response from the server.

$ telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.test.com ESMTP Postfix
> EHLO test.com
250-mail.test.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-XVERP
250 8BITMIME

If you see something like that, congratulations, you're still in good shape!
Create all directories all the way up to "/home/vmail/test.com/test" after which create a Maildir in that directory.
Maildrop will NOT create Maildir's by default (source has to be patched to do so). Continue the telnet session and type in the following:

> MAIL FROM: test@test.com
250 Ok
> RCPT TO: test@test.com
250 Ok
> DATA
354 End data with <CR><LF>.<CR><LF>
> .
250 Ok: queued as 6CE4223727

Now, if everything is setup right, the mailserver should queue your message. Check inside of /home/vmail/test.com/test/Maildir/new for anything, if you see a file, congratulations, the message was delivered!

When using a mail client (such as Outlook or Mozilla), be sure to use the full email address for the username (ie: "user@domain.com", not just "user").


Comments, Questions and Suggestions


From: gna
Posted: April 6th, 2005, 6:27 am PST

SOLUTION found:

I have declared :
LDFLAGS="-L/usr/local/bdb/lib -L/usr/local/courier/lib -L/usr/local/ssl/lib"
CPPFLAGS="-I/usr/local/bdb/include -I/usr/local/courier/include -I/usr/local/ssl/include"

BUT my libssl.so files were not there DUH (openssl097e put them in /usr/lib/)
So after i copyed the so files to /usr/lib/ssl/lib the make run fine

MORE TO COME :)

From: Joseph
Posted: April 5th, 2005, 12:58 pm PST

I have installed everything according to HOW TO's similar to this one. At one time I had everything working perfect. I could send and recieve mail with no problem. Now 2 weeks later I have come back to double check everything and cacn't figure out why sasl and authdaemond are using the wrong query. The query they are using now is as follows:

SELECT username, crypt, clear, 'XXXX', 'XXXX', 'xxxxxxx' CONCAT(xxxxxx)

With authdaemond using this query I get an error saying no password for username : blah@blah.net

When the machine was working great 2 weeks ago the sql query that authdaemond was using was this:
SELECT password FROM mailbox WHERE username = '%u@%r'

Can someone please tell me what is going on????

My smtpd.conf locate in /usr/local/lib/sasl2 is as follows
# smtpd.conf
pwcheck_method: auxprop
auxprop_plugin: sql
sql_engine: mysql
srp_mda: md5
sql_hostnames: localhost
sql_user: XXXXX
sql_passwd: XXXXX
sql_database: XXXXX
sql_select: SELECT password FROM mailbox WHERE username = '%u@%r'
sql_verbose: yes

Please help.

From: Gna
Posted: April 5th, 2005, 8:03 am PST

Followed these instrucions, and followed some dependencies, now the CourierIMAP4.0.2 and OpenSSL 0.9.7e won't compile couriertls:
with many "undefined reference to" -s in some fuctions.

DUH

To compile CourierAuthlib i used:
./configure --prefix=/usr/local/courier
--without-authpgsql --without-authpwd --without-authvchkpw --without-authldap
--with-mysql-libs=/usr/local/mysql/current/lib/mysql
--with-mysql-includes=/usr/local/mysql/current/include/mysql/
--with-mailuser=root --with-mailgroup=root
--srcdir=/home/gna/packages/courier-authlib-0.55.20050320
LDFLAGS="-L/usr/local/bdb/lib"
CPPFLAGS="-I/usr/local/bdb/include"

make
make install

And courier-imap:
/configure
--prefix=/usr/local/courier
LDFLAGS="-L/usr/local/bdb/lib -L/usr/local/courier/lib -L/usr/local/ssl/lib"
CPPFLAGS="-I/usr/local/bdb/include -I/usr/local/courier/include -I/usr/local/ssl/include"
COURIERAUTHCONFIG=/usr/local/courier/bin/courierauthconfig

From: David
Posted: March 7th, 2005, 2:54 am PST

Good luck with Qmail, we're in the process of migrating everything away from it on multiple machines. It's broken in some annoying ways that break spec, but comply with what djb thinks "should" be proper behaviour.

Unless you find a patch for it it also barfs on large dns records (domains with large number of mx records) if you're not using dnscache (we have one legacy dnscache installation just for our qmail dns resolution.. talk about annoying)

From: Adam
Posted: March 1st, 2005, 4:11 pm PST

Please disregard my msg from February 23rd..

Due to extreme frustration I decided to change to a different mail system - qmail. It took me few hours to completely install it.

Anyway, just wanted to show my appreciation for this article. Learned a lot from it. Thanks for your work, Serge Stepanov. May the internet be filled with contributors like yourself.. :)

From: maDa
Posted: March 1st, 2005, 12:56 pm PST

Mar 1 19:52:52 mailtest postfix[14921]: fatal: file /etc/postfix/main.cf: parameters mail_owner and setgid_group: user postfix and group postdrop have the same group ID: 1001

And it doesn't help to change the ID's in passwd

From: Adam
Posted: February 23rd, 2005, 5:03 pm PST

Hello All,

In the last four days I've been struggling with Postfix+MySQL+Courier-IMAP+Maildrop+SpamAssassin but no much success. Looks like something is messed up here, and I'll appreciate if someone could help..

This is the error I get:
Feb 24 01:49:16 gk postfix/pipe[20303]: 7ADBC3BC56D: to=<test@test.com>, relay=maildrop, delay=0, status=bounced (user unknown. Command output: ERR: authdaemon: s_connect() failed: Permission denied Invalid user specified. )

But before that, I'm getting these success entries:

Feb 24 01:49:16 gk postfix/smtpd[20088]: dict_mysql_lookup: retrieved 1 rows
Feb 24 01:49:16 gk postfix/smtpd[20088]: dict_mysql_lookup: retrieved field: 0: test.com/test/Maildir/
Feb 24 01:49:16 gk postfix/smtpd[20088]: maps_find: local_recipient_maps: mysql:/etc/postfix/mysql-virtual-maps.cf(0,100): test@test.com = test.com/test/Maildir/

Also, in the mysql.log I see queries comming into the db. And when I exec 'authtest tes@test.com' I see good results.

I believe the problem is with maildrop:
# /usr/local/bin/maildrop -d test@test.com
ERR: authdaemon: s_connect() failed: No such file or directory
Invalid user specified.

Please help.. Thanks!

PS: Atleast mail to the outside is working.... bahhh!

From: sammyfai
Posted: February 22nd, 2005, 6:33 am PST

It seems I solve the user unknown problem eventually. It need to execute all the command in a time

$ /usr/local/courier/libexec/authlib/authdaemond start
$ /usr/local/courier/sbin/imapd start
$ /usr/local/courier/sbin/imapd-ssl start
$ /usr/sbin/postfix start
$/etc/rc.d/init.d/spamassassin start

From: jack
Posted: February 20th, 2005, 6:03 am PST

Please disregard the previous message. The one from the 18th provided the right solution. I had missed it.

From: jack
Posted: February 20th, 2005, 5:20 am PST

I have setup postfix/courier-imap/maildrop/mysql for virtual users.

postfix/virual deliver the messages fine. If I set maildrop as the LDA, I run into problems. I think that the problem is a permissions issue with sasl.

If I run this command "maildrop -V -5 -d user@domain.tld" as root, authenticatio works fine and mail is delivered.

If I run the same command as any other user, vmail for instance, it fails with the following message: "ERR: authdaemon: s_connect() failed: permission denied invalid user specified.

My users/permissions seem to be setup according to the installation instructions. Any help will be greatly appreciated.

Thank you.

From: highloads.net
Posted: February 18th, 2005, 4:33 am PST

reagarding <<< s_connect() failed: Permission denied >>> problem,
do chmod 0751 /var/spool/authdaemon. at install time, that folder is owned by daemon:daemon w/ no access perm for the others. maildrop being run as vmail probably (default setup in master.cf), he cant connect to authdaemon thru /var/spool/authdaemon/socket.
that solved my problem,
adrian ciobanu

From: bezveze
Posted: February 16th, 2005, 2:32 am PST

Problem "bind: Address already in use" is caused when you try to use port that some other application is using. So run 'nmap -p localhost' to see whether port is in use or not.
If it's, then run 'lsof -i tcp:143' (143 = imap, replace it with application port you are having problem with) to see which application is using it. When you find out, stop application, and try to run your one.

Hope this helps.

From: Mehdi
Posted: February 14th, 2005, 1:46 am PST

Hi

I have the same error as Angelo
--
/usr/local/bdb/lib/libdb.so: undefined reference to `pthread_condattr_setpshared'
/usr/local/bdb/lib/libdb.so: undefined reference to `pthread_mutexattr_destroy'
/usr/local/bdb/lib/libdb.so: undefined reference to `pthread_mutexattr_setpshared'
/usr/local/bdb/lib/libdb.so: undefined reference to `pthread_mutexattr_init'
/usr/local/bdb/lib/libdb.so: undefined reference to `pthread_mutex_trylock'
collect2: ld returned 1 exit status
make: *** [master] Error 1
make: *** [update] Error 1
--
My MySQL do not have authentication its password is blank and I dont know how should I start MySQL with with query debugging enabled ....
Can any one plz help ??

Thanks

From: DaveD
Posted: February 11th, 2005, 3:23 pm PST

Can't start IMAP, I only get this error (like EVERYONE else who hasn't gotten an answer to this):

Starting Courier IMAP server:bind: Address already in use
ll_daemon_start: Resource temporarily unavailable

From: nimbus
Posted: February 8th, 2005, 12:52 am PST

I've been tearing hairs out for the last couple of days but got it working with the help of a guru. :-)
I'm using Suse 9.2 btw.

Here are my hints for successful living:

+ Make sure that the mysql-library arguments (as well as the CPPFLAGS) for SASL and Maildrop configure are correct!
+ Check if those mysql-libs really get linked to the binary!
+ Add a --enable-sql to SASL-configure!
+ Do not chroot SMTPD for the time installing/configuring/testing!
+ A correct and working SMTPD.CONF für SASL2.x is here (ignore all the crap you find somewhere else):

pwcheck_method: auxprop
auxprop_plugin: sql
sql_engine: mysql
sql_hostnames: localhost
sql_database: postfix
sql_user: postfix
sql_passwd: ******
sql_select: SELECT clear FROM postfix_users WHERE email = '%u@%r'
sql_usessl: no
mech_list: PLAIN LOGIN CRAM-MD5

+ Mailbox directory creation goes like this:
create "/home/vmail/domain.com" by hand
run "/usr/local/courier/bin/maildirmake /home/vmail/domain.com/info"
change owner: "chown vmail:vmail -R /home/vmail"
change permissions: "chmod 700 -R /home/vmail"
That's it. Database entries for this mailbox would be "/home/vmail" for homedir and "domain.com/info/" for maildir - watch the slashes!
+ Fix those 'Y' in all mysql-cf-files! Upper case! Serge: please, please fix your HowTo in that matter, even when you think it's outdated.
+ In case of problems, use mysql query log to see if SASL and Maildrop really drop sql-statements! Use SASL sample client/server to check if SASL is working. Keep an eye on mail.warn and mail.err logfiles!
+ Drink lots of coffee, eat chocolate (it has koffein as well), have sex (better than koffein). Even if things don't work right.

From: Narcis Radu
Posted: February 7th, 2005, 2:46 am PST

Hi,
I have a big problem. I don't know how to make my mail server NOT TO BE an open-relay? How do I make smtp auth?

From: Shanon
Posted: January 25th, 2005, 8:06 am PST

SOLUTION: Unknown user problem.

For all of you who have had problems with courier rejecting mail with the following error in the mail log:

Nov 12 05:48:10 unreachable postfix/pipe[21474]: EFB08A68C5: to=<user@domain.tld>, relay=maildrop, delay=50, status=bounced (user unknown. Command output: Invalid user specified. )


The cause of this is due to the fact you probably tried to install the latest version of courier-imap and maildrop. However these newer version of the applications have add all the auth routines removed into a seperate installation and require courier-authlib to be installed first.

If you wish to follow this tutorial then use the last versions of courier-imap and maildrop that still contain the authlib routines.

You can download these here:

http://prdownloads.sourceforge.net/courier/courier-imap-3.0.7.tar.bz2
http://prdownloads.sourceforge.net/courier/maildrop-1.7.0.tar.bz2

From: Adolfo dot anderung.com.br
Posted: January 17th, 2005, 11:08 am PST

If you have MX problem see /etc/resolv.conf permissions. It *MUST* have read for all.
If you have user unknow probably see maildropmysql.conf[ig] and see if the spaces has ANY, I wrote !ANY! space. If has any space, erase.
It must be:
hostname address
socket pathofsocket
Like this.

If you have any question,
send me email

From: Isharra
Posted: January 16th, 2005, 11:33 am PST

install courier-authlib to use mysql support with the latest release of maildrop. authentication was moved out of courier-imap, maildrop and sqwebmail and moved into a common package (and saves a world of headaches if you are using more than one of these).

From: Mike
Posted: January 14th, 2005, 3:57 am PST

======
CRITICAL NOTE: When creating the user for our database, create TWO: one that authenticates from "localhost" and one from "127.0.0.1"
I don't know why it doesn't see it as the same, but on two different boxes (RedHat 9 and Slackware 9) it needed two seperate entries.
===

It seems I know why :)

bash# man mysqld
...
--skip-name-resolve
Hostnames are not resolved. All Host column values in the grant
tables must be IP numbers or localhost.

From: jozsefn@frremail.hu
Posted: January 8th, 2005, 4:47 am PST

Hi!
Check the changelog, you'll get the answer.
http://www.courier-mta.org/maildrop/changelog.html

There is no mysql upport!!

From: Serge
Posted: January 6th, 2005, 8:14 pm PST

It appears that my howto is outdated. I tried making an install using the latest software packages (including a new MySQL) and absolutely everything fails to connect to the database. I was able to copy back my original postfix install over to my machine to get my server working atleast partially.

When I get some time I will fix this document up and try to solve lots of the problems many are having.

From: SeN
Posted: January 2nd, 2005, 10:48 am PST

Following from Shirow, it seems that during build time maildrop couldn't find the authlib client libraries and decided to silently not put in mysql support.

My packages are all under a management policy so you might get out of this a lot eaiser than I did (you might not even have to install authlib) - but the following is what I had to do to get things working:

I separately installed courier-authlib (with the --with-authdaemonvar set to the regular courier-0.X var/authdaemon dir). I believe this means any client applications which are built on this library will then speak with the pipe in there. There could be permissions problems with the authdaemon dir since it is probably owned by courier without global read - I simply gave the vmail group permissions to the authdaemon dir as a quick fix to get things running (this might be bad - I really haven't thought about it).

I then rebuilt maildrop, and upon running ldd on the binary, libcourierauth was seen as a dependency (good!)

After doing this, things appear to be working as expected.

From: anstan
Posted: December 31st, 2004, 12:15 am PST

After I install maildrop,I have a problem.Help me .

postfix/pipe[2296]: 9B5651C75A: to=<test@test.com>, relay=maildrop, delay=0, status=bounced (user unknown. Command output: Invalid user specified. )

From: Adrian
Posted: December 28th, 2004, 9:37 pm PST

Populate the postfix_transport table with the following:
I have no clue, what that means, please help me out.
Thank You

From: Shirow
Posted: December 28th, 2004, 7:21 am PST

I fixed the 'unknown user' problem by downgrading Maildrop. It appears the latest versions don't have integrated Mysql support so even though it was accepting the Mysql commands in ./configure it wasn't actually using them.

Try downgrading to a Maildrop version w/ built in Mysql support.. worked for me.

From: James
Posted: December 23rd, 2004, 10:21 pm PST

I'm also getting "user unknown" errors with postfix/pipe, maildrop, and courier-authlib.

Specifically:
postfix/pipe[30752]: 0A7373518093: to=<test@example.net>, relay=maildrop, delay=0, status=bounced (user unknown. Command output: CRIT: authdaemon: s_connect() failed: Permission denied Invalid user specified. )

From: Martinn
Posted: December 20th, 2004, 3:03 pm PST

My Solution for "user unknown. Command output: Invalid user specified.":
i installed postfix+mysql+maildrop and got the same problem. I had to edit /etc/maildrop/maildropmysql.cf file to set up right mysql configuration for maildrop and problem was resolved.

From: Miha
Posted: December 17th, 2004, 5:09 am PST

I see now, but I am very new to mysql, and Ioverwrited all fields with ''' by mistake. Sorry for this!

From: Markbb
Posted: December 16th, 2004, 2:02 pm PST

Miha-
If you look at the database schema from the HOWTO, you'll notice that both the "postfix" and "access" fields have a default of 'Y'

access enum('Y','N') NOT NULL default 'Y',
postfix enum('Y','N') NOT NULL default 'Y',

From: Miha
Posted: December 16th, 2004, 1:15 pm PST

Solution for "user unknown. Command output: Invalid user specified.":

Set field "postfix" to "y" for every user in table postfix_users. If "y" isn't there, the user is disabled... A almost got crazy because of that )=!

I don't know why this is not in HOWTO...

Have a nice day (=!

From: markbb
Posted: December 16th, 2004, 12:12 pm PST

I just recently got this setup to work on my RedHat 9 machine. My write-up of the problems encountered and the solutions can be found here:

http://wiki.arslinux.com/Mail_Server:MySQL_Authentication

From: Mid
Posted: December 14th, 2004, 1:22 pm PST

I have a question, in the SASL configuration, there is an attempt to link to a berkley database library, but no reference to the Bdb on the tutorial. Has anyone experienced any problems with the configure with out having Berkley DB installed?

Everything looks like it is running off of mysql and no calls to BDB are made.

From: AIM
Posted: December 14th, 2004, 12:38 am PST

Hello!

I get the same error as Jack does.
ll_daemon_start: Resource temporarily unavailable

when I try to start the pop3d.rc

Greez AIM

From: BullFrog
Posted: December 10th, 2004, 11:23 pm PST

Not sure if this helps but after making multiple configurations using ldap a while back I forgot to document all steps. When I recently installed again I ran into the "user known" issue. I checked my ldap logs and it wasn't even quering LDAP. After a smack in the head I realized that I forgot to use the --enable-maildropldap and --with-ldapconfig=/path/to/file. This may be the issues that you are experiencing. Double check to make sure you compiled maildrop with --enable-maildropmysql and --with-mysqlconfig=/path/to/file. If you left off the --with-mysqlconfig=... then it lookgs for the file in /etc. Since I haven't tried this against mysql this next one might not help. For me I could use ldd /path/to/maildrop and see if libldap... was in there. You might have luck checking this to see if libmysql... is compiled in.

Good Luck

From: Shirow
Posted: December 9th, 2004, 11:45 am PST

Think we might be screwed Zelf :) I'm still working on it, let me know if you figure it out (shirow@digitalgunfire.com)

What's your email address?

From: Zelf
Posted: December 9th, 2004, 10:51 am PST

Does anyone monitor this list or am I up the creek?

From: ne0
Posted: December 9th, 2004, 7:56 am PST

Problem:
relay=virtual, delay=0, status=deferred (recipient test@mydoamin.com: uid not found in virtual_uid_maps)

From: Zelf
Posted: December 8th, 2004, 10:06 am PST

I recompiled mysql --with-debug. I am still getting user unknown from I believe maildrop. I have included a path to mysql.log with mail.log appended to it. Getting desperate here. Thanks for any help in advanced.

My logs can be viewed at this address:
http://www.visimark.us/mysql.txt

From: Zelf
Posted: December 6th, 2004, 11:14 pm PST

I am plagued with the relay=maildrop, delay=0, status=bounced (user unknown. Command output: Invalid user specified. ) error. On this list I see others have had the same question, but I have not seen a solution. I have followed the tutorial exactly, but cannot get email delivered into a users maildir/new directory. Please help. I am going insane with Google searches. Thanks.

From: Shirow
Posted: December 6th, 2004, 8:10 am PST

One thing I just noticed when trying it using telnet localhost 25 instead of Squirrelmail:

Dec 6 10:07:17 charon postfix/qmgr[27451]: 89650330077: from=<>, size=2090, nrcpt=1 (queue active)
Dec 6 10:07:17 charon postfix/qmgr[27451]: 5A1FD330076: removed
Dec 6 10:07:55 charon postfix/smtp[27534]: 89650330077: to=<test@test.com>, relay=none, delay=38, status=deferred (Host or domain name not found. Name service error for name=test.com type=MX: Host not found, try again)


It looks like it's sending to the MAIL FROM rather than to the RCPT TO... sounds like I have something back to front but my .cf files all look right.

From: Shirow
Posted: December 6th, 2004, 7:51 am PST

Hi,

Nice tutorial, having a problem that others seemed to have though, didn't see a fix here..

I created a domain, user etc in the database and tried to send an email to that user using Squirrelmail. I get the following:

Dec 6 09:37:30 charon postfix/pipe[27230]: C1ADB330077: to=<shirow@digitalgunfire.com>, relay=maildrop, delay=0, status=bounced (user unknown. Command output: Invalid user specified. )

Any ideas? I've tried everything I can think of.

From: John Doe
Posted: December 5th, 2004, 5:00 pm PST

I'm getting the following error when starting postfix:

postfix: fatal: chdir(/usr/libexec/postfix myhostname = mail.e-f-o.nl mydomain = e-f-o.nl myorigin = AutraX): No such file or directory

anybody have a clue?

From: Serge
Posted: December 1st, 2004, 5:12 pm PST

Steve: Redhat probably put the base for MySQL into /usr/local, so check to see if you have databases in /usr/local/var. If that turns out to be the case, then just substitute "/usr/local" for whereever you see "/usr/local/mysql"

From: Steve
Posted: December 1st, 2004, 1:40 pm PST

I know this is probably a stupid question... I am sort of a rookie (grin)... but I got openssl installed (actually just updated as I had an older ver)...but before I do the SASL2 install I was curious of one thing. I have Redhat9 and Mysql installed from OS installation (RPM).....I don't see /usr/local/mysql but MySQL is running currently. How can I determine what this path should be. Thanks in advance for this great how to! I see I have /var/lib/mysql ....but no include dir under it?

From: flz
Posted: November 26th, 2004, 5:33 am PST

For people who have problem with unknown users, make sure you have granted access to mail.* for user@'localhost' *and* user@'localhost.domain.tld'.

I spent my night searching what was wrong and finally i got the answer in mysqld.log.

From: Washington
Posted: November 25th, 2004, 7:22 am PST

Bom dia a todos da lista, estou com a seguinte
messagem no meu postfix; erro: postfix/postfix-script:
warning: damaged message: corrupt / 2647859565bb, nao
consigo nem enviar e nem receber e-mails. Se alguem
pode me ajudar desde ja agradeço.

From: Dexter
Posted: November 22nd, 2004, 7:53 pm PST

Hi,
I am having a problem reading my new mail from SquirrelMail. I have Courier IMAP, Postfix & MySql working fine, I can read the users new mail via Webmin, but not from SquirrelMail. I found that the permission's for the new mail files down inherent the parents.. why is this? When I change the file permission I can see it via SquirrelMail. I dont know if anyone can help me here. Cheers Dex
dexter_adams@hotmail.com

From: LeRoy Weaver
Posted: November 16th, 2004, 8:34 pm PST

I have the Same Issues as Mike. Otherwise a Great Tutorial. Thanks.

Nov 16 22:26:56 mail postfix/smtpd[16800]: connect from mail.cnccyberfactory.com[127.0.0.1]
Nov 16 22:27:35 mail postfix/smtpd[16800]: B408FFB3DA: client=mail.cnccyberfactory.com[127.0.0.1]
Nov 16 22:27:52 mail postfix/cleanup[16828]: B408FFB3DA: message-id=<20041117042719.B408FFB3DA@mail.cnccyberfactory.com>
Nov 16 22:27:52 mail postfix/qmgr[16783]: B408FFB3DA: from=<lweaver@cnccyberfactory.com>, size=435, nrcpt=1 (queue active)
Nov 16 22:27:52 mail postfix/pipe[16830]: B408FFB3DA: to=<lweaver@cnccyberfactory.com>, relay=maildrop, delay=33, status=bounced (user unknown. Command output: Invalid user specified. )
Nov 16 22:27:52 mail postfix/cleanup[16828]: 5C926FB3DB: message-id=<20041117042752.5C926FB3DB@mail.cnccyberfactory.com>
Nov 16 22:27:52 mail postfix/qmgr[16783]: 5C926FB3DB: from=<>, size=2250, nrcpt=1 (queue active)
Nov 16 22:27:52 mail postfix/qmgr[16783]: B408FFB3DA: removed
Nov 16 22:27:52 mail postfix/pipe[16830]: 5C926FB3DB: to=<lweaver@cnccyberfactory.com>, relay=maildrop, delay=0, status=bounced (user unknown. Command output: Invalid user specified. )
Nov 16 22:27:52 mail postfix/qmgr[16783]: 5C926FB3DB: removed
Nov 16 22:27:56 mail postfix/smtpd[16800]: disconnect from mail.cnccyberfactory.com[127.0.0.1]

From: Mike
Posted: November 11th, 2004, 9:04 pm PST

Hi!

I've installed postfix without spamassassin and imap. now i sent a mail to a local mailbox witch is defined in the database in postfix_users and postfix_transport.
i have changed the owner of /home/vmail to vmail:vmail and after that i've created a directory "domain.tld" and in this directory i created "user". i did all how it was explained here, and in the logfile i got this:

Nov 12 05:47:00 unreachable postfix/smtpd[21467]: connect from localhost[127.0.0.1]
Nov 12 05:47:31 unreachable postfix/smtpd[21467]: EFB08A68C5: client=localhost[127.0.0.1]
Nov 12 05:48:10 unreachable postfix/cleanup[21470]: EFB08A68C5: message-id=<20041112044720.EFB08A68C5@unreachable.domain.tld>
Nov 12 05:48:10 unreachable postfix/qmgr[21465]: EFB08A68C5: from=<user@domain.tld>, size=376, nrcpt=1 (queue active)
Nov 12 05:48:10 unreachable postfix/pipe[21474]: EFB08A68C5: to=<user@domain.tld>, relay=maildrop, delay=50, status=bounced (user unknown. Command output: Invalid user specified. )
Nov 12 05:48:10 unreachable postfix/cleanup[21470]: E0C5DA68C7: message-id=<20041112044810.E0C5DA68C7@unreachable.domain.tld>
Nov 12 05:48:10 unreachable postfix/qmgr[21465]: E0C5DA68C7: from=<>, size=2161, nrcpt=1 (queue active)
Nov 12 05:48:10 unreachable postfix/qmgr[21465]: EFB08A68C5: removed
Nov 12 05:48:10 unreachable postfix/pipe[21474]: E0C5DA68C7: to=<user@domain.tld>, relay=maildrop, delay=0, status=bounced (user unknown. Command output: Invalid user specified. )
Nov 12 05:48:10 unreachable postfix/qmgr[21465]: E0C5DA68C7: removed
Nov 12 05:48:13 unreachable postfix/smtpd[21467]: disconnect from localhost[127.0.0.1]

can anybody help me?!

thx, mike

From: Jack
Posted: November 9th, 2004, 2:25 pm PST

I got everything installed finally, but whenever I start courier using
/usr/local/courier/libexec/imapd.rc start
I get this error
ll_daemon_start: Resource temorarily unavailable.

I am using debian.
Authdaemond is starting without errors.

(Please Help Newbie)

From: BlackBokz
Posted: November 8th, 2004, 7:35 am PST

i got the same problem as nickolay

Nov 8 16:26:13 Spud postfix/pickup[24483]: 63ADA53F0A: uid=0 from=<root>
Nov 8 16:26:13 Spud postfix/cleanup[24489]: 63ADA53F0A: message-id=<20041108152613.63ADA53F0A@spud.silverspeed.nl>
Nov 8 16:26:13 Spud postfix/qmgr[24484]: 63ADA53F0A: from=<root@silverspeed.nl>, size=295, nrcpt=1 (queue active)
Nov 8 16:26:13 Spud postfix/pipe[24500]: 63ADA53F0A: to=<genco@test.com>, relay=maildrop, delay=0, status=deferred (temporary failure. Command output: /usr/local/courier/bin/maildrop: Cannot set my user or group id. )

From: dman
Posted: November 5th, 2004, 10:51 pm PST

The point is to compile the sasl lib with sql support with the parm './configure --enable-sql' which will add the 'mysql support'.

and put the following lines in file /usr/local/lib/sasl2/smtpd.conf

sasl_pwcheck_method: auxprop
sasl_auxprop_plugin: sql
sasl_mech_list: PLAIN LOGIN

sql_engine: mysql
sql_user: x
sql_passwd: x
sql_hostnames: localhost
sql_database: postfix
sql_select: SELECT clear FROM users WHERE email = '%u@%r'
---

and in main.cf:
----
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_application_name = smtpd

From: Nikolay
Posted: November 3rd, 2004, 5:45 pm PST

I do almost anything according to the howto, but now the server tells me:
Nov 4 03:40:30 hosting postfix/cleanup[3493]: A7375E76E: message-id=<20041104014011.A7375E76E@hosting.megalan.bg>
Nov 4 03:40:30 hosting postfix/qmgr[3445]: A7375E76E: from=<test@zaynelov.com>, size=366, nrcpt=1 (queue active)
Nov 4 03:40:32 hosting postfix/smtp[3496]: A7375E76E: to=<test@zaynelov.com>, relay=none, delay=21, status=bounced (mail for zaynelov.com loops back to myself)
any ideas?

From: NONserge
Posted: October 28th, 2004, 6:54 am PST

heh, daaaaaaaaamn man ... you can't simplify this? SIMPLIFY IT!

From: Pedro
Posted: October 22nd, 2004, 6:46 am PST

Hi, i would like to know how to put maildrop making homedir+maildir like virtual: does :-)

From: Derk Gortemaker
Posted: October 19th, 2004, 3:00 am PST

Paul, I had almost the same problem. I've placed this in /usr/lib/sasl2/smtpd.conf: (not smptd.conf, that took me a few weeks....)

---
sasl_pwcheck_method: auxprop
sasl_auxprop_plugin: sql
sasl_mech_list: PLAIN LOGIN

sql_engine: mysql
sql_user: x
sql_passwd: x
sql_hostnames: localhost
sql_database: postfix
sql_select: SELECT clear FROM users WHERE email = '%u@%r'
---

and in main.cf:
----
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_application_name = smtpd
----

that's it.

From: JD
Posted: October 18th, 2004, 4:56 pm PST

This is very helpful, but the maildrop permissions are killing me.

I either get 'home directory is world writable' or 'unable to change to home directory'.

I made maildrop setuid root and I initially setup /home/vmail as 700 but that keeps giving the error 'unable to change to home directory'. If I change to 775, 777, 774, I get the world writable error.

What am I missing?

Thanks!

From: Serge
Posted: October 17th, 2004, 2:30 am PST

Angelo: That is apparently a problem with the Berkeley DB library. You don't really even need it (I just chose to throw it in), so when you compile postfix you can omit: -L/usr/local/bdb/lib all together and it should compile fine after that.

From: Angelo
Posted: October 16th, 2004, 10:48 pm PST

Hello,Serge. :) I have a question while I was following your tutorial's procedure.
When I "make install" as root for postfix,it generates the error below:

/usr/local/bdb/lib/libdb.so: undefined reference to `pthread_condattr_setpshared'
/usr/local/bdb/lib/libdb.so: undefined reference to `pthread_mutexattr_destroy'
/usr/local/bdb/lib/libdb.so: undefined reference to `pthread_mutexattr_setpshared'
/usr/local/bdb/lib/libdb.so: undefined reference to `pthread_mutexattr_init'
/usr/local/bdb/lib/libdb.so: undefined reference to `pthread_mutex_trylock'
collect2: ld returned 1 exit status
make: *** [master] Error 1
make: *** [update] Error 1

I've googled and found no cure to this problem.Would you mind helping me out?Thanks.

From: Serge
Posted: October 16th, 2004, 12:51 pm PST

Make sure that MySQL is authenticating correctly. Restart MySQL with query debugging enabled and watch the log file to see what queries and connection attempts are being passed to MySQL.

From: Paul
Posted: October 16th, 2004, 11:10 am PST

Thanks - all works fine... *except* SMTP authentication by MySQL. I just cannot get it to work. I've populated the postfix_access table (with an entry for client & sender as I wasn't sure which was which). I just get SASL LOGIN authentication failed in /var/log/maillog.

Looking at other howto's - I created an smtpd.conf (in /etc/postfix and a copy to /usr/lib/sasl for good measure):

mysql_user: courier
mysql_passwd: x
mysql_hostnames: localhost
mysql_database: mail
mysql_statement: SELECT clear FROM postfix_users WHERE email = '%u@%r'
mysql_verbose: yes

Still no joy - tearing my hair out and on the point of giving up. Which would be a shame considering everything else is working.

From: Serge
Posted: October 15th, 2004, 10:47 pm PST

Paulo: You are correct, the right path should indeed be "/usr/local/courier/share/mkimapdcert".

From: Paulo
Posted: October 15th, 2004, 8:33 pm PST

In the Courier IMAP installation, the last line of the workaround is not /usr/lib/courier/share/mkimapdcert, but /usr/local/courier/share/mkimapdcert. (mkimapdcert is in the path where you installed courier imap, not some other place - at least in courier-imap-3.0.8). As by the time i have posted this message i will be still installing all the packages and configuring them, but this project seems to be a nice one!! :)

From: Serge
Posted: October 15th, 2004, 1:36 pm PST

Post comments, questions and suggestions here. This way I don't have to answer the same questions multiple times over email :)

New Comment:

Name:

Message: