Public bug reported: I'm trying to setup a combination IMAP/SMTP server using Dovecot and Postfix on a 20.04 system. After attempting to setup SASL authentication for postfix, the system fails with a postfix/smtpd: fatal: no SASL authentication mechanisms whenever any SMTP connection is attempted (either via a program like Thunderbird or telnet localhost 25). I'm trying to use the guide at https://ubuntu.com/server/docs/mail-postfix, but even with some of the debug settings enabled, I'm still not seeing a more useful log message. What's wrong?
My configuration: root@kangaroo:~# apt list --installed | egrep 'postfix|dovecot|sasl' WARNING: apt does not have a stable CLI interface. Use with caution in scripts. dovecot-core/focal-updates,focal-security,now 1:2.3.7.2-1ubuntu3.4 amd64 [installed] dovecot-imapd/focal-updates,focal-security,now 1:2.3.7.2-1ubuntu3.4 amd64 [installed] libauthen-sasl-perl/focal,now 2.1600-1 all [installed,automatic] libsasl2-2/focal,now 2.1.27+dfsg-2 amd64 [installed,automatic] libsasl2-dev/focal,now 2.1.27+dfsg-2 amd64 [installed] libsasl2-modules-db/focal,now 2.1.27+dfsg-2 amd64 [installed,automatic] libsasl2-modules/focal,now 2.1.27+dfsg-2 amd64 [installed,automatic] postfix/focal-updates,now 3.4.13-0ubuntu1 amd64 [installed] sasl2-bin/focal,now 2.1.27+dfsg-2 amd64 [installed] root@kangaroo:~# dovecot -n # 2.3.7.2 (3c910f64b): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.7.2 () # OS: Linux 5.10.0-1038-oem x86_64 Ubuntu 20.04.2 LTS # Hostname: kangaroo.unclet.net auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_privileged_group = mail namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } protocols = " imap" service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } } ssl_cert = </etc/dovecot/private/dovecot.pem ssl_client_ca_dir = /etc/ssl/certs ssl_dh = # hidden, use -P to show it ssl_key = # hidden, use -P to show it userdb { driver = passwd } root@kangaroo:~# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes compatibility_level = 2 inet_interfaces = all inet_protocols = all mailbox_size_limit = 0 mydestination = kangaroo.unclet.net, localhost.unclet.net, localhost, localhost.localdomain myhostname = kangaroo.unclet.net mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 10.0.0.0/8 myorigin = /etc/mailname readme_directory = no recipient_delimiter = + relayhost = smtp_tls_CApath = /etc/ssl/certs smtp_tls_note_starttls_offer = yes smtp_tls_security_level = may smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous,noplaintext smtpd_sasl_tls_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_tls_cert_file = /etc/ssl/certs/server.crt smtpd_tls_key_file = /etc/ssl/private/server.key smtpd_tls_loglevel = 4 smtpd_tls_received_header = yes smtpd_tls_security_level = may root@kangaroo:~# postconf -M smtp inet n - n - - smtpd -v pickup unix n - y 60 1 pickup cleanup unix n - y - 0 cleanup qmgr unix n - n 300 1 qmgr tlsmgr unix - - y 1000? 1 tlsmgr rewrite unix - - y - - trivial-rewrite bounce unix - - y - 0 bounce defer unix - - y - 0 bounce trace unix - - y - 0 bounce verify unix - - y - 1 verify flush unix n - y 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - y - - smtp relay unix - - y - - smtp -o syslog_name=postfix/$service_name showq unix n - y - - showq error unix - - y - - error retry unix - - y - - error discard unix - - y - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - y - - lmtp anvil unix - - y - 1 anvil scache unix - - y - 1 scache postlog unix-dgram n - n - 1 postlogd maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient scalemail-backend unix - n n - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} mailman unix - n n - - pipe flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user} root@kangaroo:~# systemctl is-active dovecot active root@kangaroo:~# systemctl is-active postfix active taft@kangaroo:~$ telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Connection closed by foreign host. This is what I see in /var/log/mail.log: Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: name_mask: all Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: inet_addr_local: configured 2 IPv4 addresses Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: inet_addr_local: configured 4 IPv6 addresses Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: process generation: 30 (30) Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: smtpd_client_event_limit_exceptions ~? debug_peer_list Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: smtpd_client_event_limit_exceptions ~? fast_flush_domains Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: smtpd_client_event_limit_exceptions ~? mynetworks Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: smtpd_client_event_limit_exceptions ~? permit_mx_backup_networks Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: smtpd_client_event_limit_exceptions ~? qmqpd_authorized_clients Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: smtpd_client_event_limit_exceptions ~? relay_domains Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: smtpd_client_event_limit_exceptions ~? smtpd_access_maps Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_list_match: smtpd_client_event_limit_exceptions: no match Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: mynetworks ~? debug_peer_list Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: mynetworks ~? fast_flush_domains Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: mynetworks ~? mynetworks Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: name_mask: host Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: been_here: 127.0.0.1/32: 0 Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: been_here: 10.1.2.21/32: 0 Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: been_here: [::1]/128: 0 Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: been_here: [fe80::2e0:4cff:fe9d:a9eb]/128: 0 Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: been_here: [fe80::2e0:4cff:fe9d:aa2f]/128: 0 Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: been_here: [fe80::2ef0:5dff:fe46:fb7a]/128: 0 Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: mynetworks_core: 127.0.0.1/32 10.1.2.21/32 [::1]/128 [fe80::2e0:4cff:fe9d:a9eb]/128 [fe80::2e0:4cff:fe9d:aa2f]/128 [fe80::2ef0:5dff:fe46:fb7a]/128 Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: mynetworks ~? debug_peer_list Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: mynetworks ~? fast_flush_domains Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: mynetworks ~? mynetworks Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: relay_domains ~? debug_peer_list Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: relay_domains ~? fast_flush_domains Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: relay_domains ~? mynetworks Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: relay_domains ~? permit_mx_backup_networks Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: relay_domains ~? qmqpd_authorized_clients Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: relay_domains ~? relay_domains Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: permit_mx_backup_networks ~? debug_peer_list Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: permit_mx_backup_networks ~? fast_flush_domains Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: permit_mx_backup_networks ~? mynetworks Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: permit_mx_backup_networks ~? permit_mx_backup_networks Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: connect to subsystem private/proxymap Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: send attr request = open Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: send attr table = unix:passwd.byname Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: send attr flags = 0 Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: private/proxymap socket: wanted attribute: status Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: input attribute name: status Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: input attribute value: 0 Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: private/proxymap socket: wanted attribute: flags Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: input attribute name: flags Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: input attribute value: 16 Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: private/proxymap socket: wanted attribute: (list terminator) Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: input attribute name: (end) Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: dict_proxy_open: connect to map=unix:passwd.byname status=0 server_flags=fixed Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: dict_open: proxy:unix:passwd.byname Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: Compiled against Berkeley DB: 5.3.28? Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: Run-time linked against Berkeley DB: 5.3.28? Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: dict_open: hash:/etc/aliases Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: smtpd_access_maps ~? debug_peer_list Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: smtpd_access_maps ~? fast_flush_domains Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: smtpd_access_maps ~? mynetworks Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: smtpd_access_maps ~? permit_mx_backup_networks Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: smtpd_access_maps ~? qmqpd_authorized_clients Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: smtpd_access_maps ~? relay_domains Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: smtpd_access_maps ~? smtpd_access_maps Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: unknown_helo_hostname_tempfail_action = defer_if_permit Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: unknown_address_tempfail_action = defer_if_permit Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: unverified_recipient_tempfail_action = defer_if_permit Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: unverified_sender_tempfail_action = defer_if_permit Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: name_mask: 4 Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: initializing the server-side TLS engine Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: auto_clnt_create: transport=local endpoint=private/tlsmgr Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: auto_clnt_open: connected to private/tlsmgr Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: send attr request = seed Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: send attr size = 32 Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: private/tlsmgr: wanted attribute: status Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: input attribute name: status Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: input attribute value: 0 Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: private/tlsmgr: wanted attribute: seed Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: input attribute name: seed Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: input attribute value: L0isnDSApijRpjlNVB5aGF82H3bWHduc6qG5V4l16oY= Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: private/tlsmgr: wanted attribute: (list terminator) Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: input attribute name: (end) Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: send attr request = policy Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: send attr cache_type = smtpd Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: private/tlsmgr: wanted attribute: status Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: input attribute name: status Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: input attribute value: 0 Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: private/tlsmgr: wanted attribute: cachable Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: input attribute name: cachable Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: input attribute value: 0 Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: private/tlsmgr: wanted attribute: timeout Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: input attribute name: timeout Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: input attribute value: 3600 Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: private/tlsmgr: wanted attribute: (list terminator) Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: input attribute name: (end) Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: fast_flush_domains ~? debug_peer_list Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_string: parent_domain_matches_subdomains: fast_flush_domains ~? fast_flush_domains Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: auto_clnt_create: transport=local endpoint=private/anvil Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: connection established Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: master_notify: status 0 Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: name_mask: resource Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: name_mask: software Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: connect from kangaroo.unclet.net[127.0.0.1] Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_list_match: kangaroo.unclet.net: no match Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_list_match: 127.0.0.1: no match Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_list_match: kangaroo.unclet.net: no match Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_list_match: 127.0.0.1: no match Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: smtp_stream_setup: maxtime=300 enable_deadline=0 Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_hostname: smtpd_client_event_limit_exceptions: kangaroo.unclet.net ~? 127.0.0.0/8 Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: match_hostaddr: smtpd_client_event_limit_exceptions: 127.0.0.1 ~? 127.0.0.0/8 Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: > kangaroo.unclet.net[127.0.0.1]: 220 kangaroo.unclet.net ESMTP Postfix (Ubuntu) Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: xsasl_dovecot_server_create: SASL service=smtp, realm=(null) Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: name_mask: noanonymous Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: name_mask: noplaintext Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: xsasl_dovecot_server_connect: Connecting Aug 17 04:07:21 kangaroo dovecot: auth: Debug: Loading modules from directory: /usr/lib/dovecot/modules/auth Aug 17 04:07:21 kangaroo dovecot: auth: Debug: Module loaded: /usr/lib/dovecot/modules/auth/lib20_auth_var_expand_crypt.so Aug 17 04:07:21 kangaroo dovecot: auth: Debug: Read auth token secret from /var/run/dovecot/auth-token-secret.dat Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: xsasl_dovecot_server_connect: auth reply: VERSION?1?2 Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: xsasl_dovecot_server_connect: auth reply: MECH?PLAIN?plaintext Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: name_mask: plaintext Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: xsasl_dovecot_server_connect: auth reply: MECH?LOGIN?plaintext Aug 17 04:07:21 kangaroo dovecot: auth: Debug: auth client connected (pid=0) Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: name_mask: plaintext Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: xsasl_dovecot_server_connect: auth reply: SPID?46497 Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: xsasl_dovecot_server_connect: auth reply: CUID?1 Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: xsasl_dovecot_server_connect: auth reply: COOKIE?f1df4b151ab753934e42c4baaa1d2620 Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: xsasl_dovecot_server_connect: auth reply: DONE Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: xsasl_dovecot_server_mech_filter: skip mechanism: PLAIN Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: xsasl_dovecot_server_mech_filter: skip mechanism: LOGIN Aug 17 04:07:21 kangaroo postfix/smtpd[46495]: fatal: no SASL authentication mechanisms Aug 17 04:07:22 kangaroo postfix/master[26205]: warning: process /usr/lib/postfix/sbin/smtpd pid 46495 exit status 1 Aug 17 04:07:22 kangaroo postfix/master[26205]: warning: /usr/lib/postfix/sbin/smtpd: bad command startup -- throttling Although this step was not in the install guide I've referenced, I've tried adding sasl2-bin and editing /etc/default/saslauthd: root@kangaroo:~# grep -v ^\# /etc/default/saslauthd |grep -v ^\$ START=yes DESC="SASL Authentication Daemon" NAME="saslauthd" MECHANISMS="pam" MECH_OPTIONS="" THREADS=5 OPTIONS="-c -m /var/run/saslauthd" root@kangaroo:~# systemctl is-active saslauthd active ** Affects: postfix (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1940603 Title: postfix/smtpd: fatal: no SASL authentication To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1940603/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs