Can't connect with mail-client: unable to canonify user and get auxprops

10 posts / 0 new
Last post
#1 Wed, 06/20/2018 - 17:53
NDDT

Can't connect with mail-client: unable to canonify user and get auxprops

Hi,

I'm trying to connect to my server via IMAP with Outlook. But something seems to be wrong with my configuration. I get the error-messages below:

dovecot: imap(test.christels-scheune): Connection closed (IDLE running for 0.001 + waiting input for 0.003 secs, 2 B in + 10 B out, state=wait-input) in=947 out=2975
postfix/smtps/smtpd[20618]: warning: p4FDAEFBE.dip0.t-ipconnect.de[79.218.239.190]: SASL NTLM authentication failed: authentication failure
postfix/smtps/smtpd[20618]: warning: SASL authentication failure: unable to canonify user and get auxprops
postfix/smtps/smtpd[20618]: warning: p4FDAEFBE.dip0.t-ipconnect.de[79.218.239.190]: SASL DIGEST-MD5 authentication failed: authentication failure
postfix/smtps/smtpd[20618]: warning: p4FDAEFBE.dip0.t-ipconnect.de[79.218.239.190]: SASL LOGIN authentication failed: authentication failure
postfix/smtps/smtpd[20618]: lost connection after AUTH from p4FDAEFBE.dip0.t-ipconnect.de[79.218.239.190]
postfix/smtps/smtpd[20618]: disconnect from p4FDAEFBE.dip0.t-ipconnect.de[79.218.239.190] ehlo=1 auth=0/3 commands=1/4

Does anybody know how to solve this or how to narrow down the problem?

I can login locally with this command (plain text login):

openssl s_client -connect localhost:993

Thanks upfront for your help :)

Thu, 06/21/2018 - 00:01
andreychek

Howdy,

Hmm, that's a pretty unusual error! I don't think I've seen that one before.

It sounds like that's occurring for the outgoing messages (generally on port 25/465/587) rather than on the incoming ones on port 993.

Are you by chance doing anything unusual for authentication? For example, are you using MySQL or LDAP authentication?

Or is it just using the default /etc/passwd auth?

Also, what are the contents of your "/etc/postfix/sasl/smtpd.conf" file?

That would typically look something like this:

pwcheck_method: saslauthd
mech_list: plain login

If you change that, note that you'd likely need to restart saslauthd and possibly Postfix.

-Eric

Thu, 06/21/2018 - 07:18
NDDT

I don't seem to have that file.

When I go to postifx and open the configurationfiles the folder "/etc/postfix/sasl/" is listed but the file "/etc/postfix/sasl/smtpd.conf" is not.

What could be the reason for that?

Thu, 06/21/2018 - 10:14
andreychek

What distro/version is it that you're using there?

-Eric

Thu, 06/21/2018 - 14:21 (Reply to #4)
NDDT

Ubuntu Linux 18.04

Thu, 06/21/2018 - 14:47
NDDT

I changed the Dovecot settings enabling all the Default authentication realm's: Anonymous, Plain-Text, Digest-MD5, Cram-MD5, APOP

This creates a diffrent error-message (even though I'm not sure if this is a step forward or backwards).

dovecot: master: Error: service(auth): command startup failed, throttling for 8 secs
dovecot: imap-login: Disconnected: Auth process broken (disconnected before auth was ready, waited 1 secs): user=<>, rip=79.218.239.190, lip=144.76.80.153, TLS, session=<HgTXHixveetP2u++>
dovecot: auth: Fatal: APOP mechanism can't be supported with given passdbs
Thu, 06/21/2018 - 16:01
andreychek

Well, your problem above is with Postfix and Saslauthd, the service that handles authentication in Postfix.

The problem you're seeing now is that Dovecot isn't starting at all.

So I believe there's now an additional problem :-)

I unfortunately don't have an Ubuntu 18.04 system handy for testing at the moment... but do you see a smtpd.conf file anywhere under /etc/postfix?

One way to test for that is:

find /etc/postfix -name smtpd.conf

Another possibility is that it does exist, but under a different name.

What is the output of this command:

find /etc/postfix -type f | xargs grep pwcheck_method

Thu, 06/21/2018 - 16:18 (Reply to #7)
NDDT

both of these commands return empty. I think I just don't have that file.

I tryed to just create but it doesn't seem to take any effect. I also tryed to register it with postfix:

smtpd_sasl_path = smtpd

Still no diffrence in result.

Sat, 06/23/2018 - 08:46
NDDT

I added the File "/etc/postfix/sasl/smtpd.conf" manually again and this time I restarted postfix saslauthd (with ssh):

/etc/init.d/postfix restart
/etc/init.d/saslauthd restart

This leaves me with this error message (which I feel is one step further:

postfix/smtps/smtpd[19507]: connect from p4FDAEFBE.dip0.t-ipconnect.de[79.218.239.190]
postfix/smtps/smtpd[19507]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
postfix/smtps/smtpd[19507]: warning: p4FDAEFBE.dip0.t-ipconnect.de[79.218.239.190]: SASL LOGIN authentication failed: generic failure
postfix/smtps/smtpd[19507]: lost connection after AUTH from p4FDAEFBE.dip0.t-ipconnect.de[79.218.239.190]
postfix/smtps/smtpd[19507]: disconnect from p4FDAEFBE.dip0.t-ipconnect.de[79.218.239.190] ehlo=1 auth=0/1 commands=1/2
Sat, 06/23/2018 - 10:33
NDDT

I fixed this finally, even though I'm not sure how.

I move the /etc/default/saslauthd like in this article: https://nfolamp.wordpress.com/2013/02/04/fixing-postfix-and-saslauthd-ca...

and I added

FLAGS="-r"

to my "/etc/default/saslauthd"

Topic locked