SASL(-1): generic failure: checkpass failed - Mandriva

This is a discussion on SASL(-1): generic failure: checkpass failed - Mandriva ; Hi, I'm trying to set up postfix and cyrus sasl on 2008.0 I can send mail OK but can't receive. Here's a snippet from syslog with the error message: Feb 17 21:56:32 localhost pop3[26286]: accepted connection Feb 17 21:56:32 localhost ...

+ Reply to Thread
Results 1 to 9 of 9

Thread: SASL(-1): generic failure: checkpass failed

  1. SASL(-1): generic failure: checkpass failed

    Hi,

    I'm trying to set up postfix and cyrus sasl on 2008.0

    I can send mail OK but can't receive.

    Here's a snippet from syslog with the error message:

    Feb 17 21:56:32 localhost pop3[26286]: accepted connection
    Feb 17 21:56:32 localhost cyrus-master[30285]: about to exec
    /usr/lib/cyrus-imapd/pop3d
    Feb 17 21:56:32 localhost pop3[30285]: executed


    Feb 17 21:56:32 localhost pop3[26286]: badlogin: [::1] plaintext mfuoco
    SASL(-1): generic failure: checkpass failed

    Feb 17 21:56:38 localhost pop3[26277]: accepted connection
    Feb 17 21:56:38 localhost cyrus-master[30287]: about to exec
    /usr/lib/cyrus-imapd/pop3d
    Feb 17 21:56:38 localhost pop3[30287]: executed
    Feb 17 21:56:38 localhost cyrus-master[26262]: process 26277 exited, status
    0

    I've googled for this error message but found nothing that points to a
    solution.

    Any help would be greatly appreciated.

    I'll post any config files you may need.

    P.S. I used drakwizard to set up postfix initially and it inserted a line
    in main.cf:
    smtpd_helo_required =

    I couldn't send mail with this line so I changed it to smtpd_helo_required
    = no

    That enabled sending of mail; but the problem with receiving remains.

    Thanks in advance,


    Frank


  2. Re: SASL(-1): generic failure: checkpass failed

    On Mon, 18 Feb 2008 03:25:27 GMT, Frank Dreyfus wrote:
    > Hi,
    >
    > I'm trying to set up postfix and cyrus sasl on 2008.0


    can not help with your sasl part.

    First thing I would do is get postfix sending and receiving then work cyrus.

    Looking at your log info I noticed your node name bites.

    I know at one time postfix complained if the node did not have a FQDN.
    Cups and leafnode also complain if a node does not have FQDN.

    Easy solution, create a domain, say, myhouse.test and give the node a
    name, say darkstar.

    Now you can modify /etc/sysconfig/network and set
    HOSTNAME=darkstar.myhoust.test

    modify /etc/hosts to have an ip, FQDN, and alias. Example:
    127.0.0.1 localhost.localdomain localhost
    192.168.1.23 darkstar.myhoust.test darkstar

    Now a reboot will load all services and set node with new name and
    your node will have a FQDN.

    If your relay host needs id/pw to send mail, then put them in
    smtp_auth and run postmap smtp_auth. Snippet from my /etc/postfix/main.cf

    #
    # postmap smtp_auth <----- builds smtp_auth.db file
    #
    smtp_sasl_auth_enable = yes
    smtp_sasl_security_options =
    smtp_sasl_password_maps = hash:/etc/postfix/smtp_auth


    #********************** end main.cf ********************

    service postfix restart
    should load changes.

    I have imap loaded, so I can then use thunderbird with darkstar as
    both inbound mail and sending email from thunderbird.

    I do not modify /etc/postfix/main.cf variables, I just append my
    changes to bottom. Snippet follows:



    # my changes appened to main.cf for my LAN nodes

    default_destination_concurrency_limit = 1

    masquerade_exceptions = root
    mydestination = $myhostname localhost.$mydomain localhost $mydomain
    mynetworks = 192.168.1.0/24, 127.0.0.0/8
    relayhost = outgoing.verizon.net
    relay_domains =
    inet_interfaces = all
    unknown_local_recipient_reject_code = 550
    smtp_host_lookup = dns, native


    # local box users, and to generate database file
    # postmap virtual <----- builds virtual.db file
    virtual_alias_maps = hash:/etc/postfix/virtual


  3. Re: SASL(-1): generic failure: checkpass failed

    Bit Twister wrote in
    news:slrnfri0af.bmu.BitTwister@wm80.home.test:

    Hi Bit,

    Thanks for your help!

    Please see my responses below:

    > On Mon, 18 Feb 2008 03:25:27 GMT, Frank Dreyfus wrote:
    >> Hi,
    >>
    >> I'm trying to set up postfix and cyrus sasl on 2008.0

    >
    > can not help with your sasl part.
    >
    > First thing I would do is get postfix sending and receiving then work
    > cyrus.


    How do you get postfix working w/o cyrus? Don't you need cyrus for pop3?
    I guess one way to look at it is that postfix IS working.

    >
    > Looking at your log info I noticed your node name bites.
    >
    > I know at one time postfix complained if the node did not have a FQDN.
    > Cups and leafnode also complain if a node does not have FQDN.
    >
    > Easy solution, create a domain, say, myhouse.test and give the node a
    > name, say darkstar.
    >
    > Now you can modify /etc/sysconfig/network and set
    > HOSTNAME=darkstar.myhoust.test
    >
    > modify /etc/hosts to have an ip, FQDN, and alias. Example:
    > 127.0.0.1 localhost.localdomain localhost
    > 192.168.1.23 darkstar.myhoust.test darkstar
    >
    > Now a reboot will load all services and set node with new name and
    > your node will have a FQDN.
    >


    Thanks for that. I made the changes and rebooted.

    But the error remains. Here's a new syslog snippet:

    Feb 17 23:11:29 pti pop3[5824]: accepted connection
    Feb 17 23:11:29 pti cyrus-master[6930]: about to exec /usr/lib/cyrus-
    imapd/pop3d
    Feb 17 23:11:29 pti pop3[6930]: executed


    Feb 17 23:11:29 pti pop3[5824]: TLS server engine: cannot load CA data
    Feb 17 23:11:29 pti pop3[5824]: TLS server engine: No CA file specified.
    Client side certs may not work
    Feb 17 23:11:29 pti pop3[5824]: mystore: starting txn 2147483651
    Feb 17 23:11:29 pti pop3[5824]: mystore: committing txn 2147483651
    Feb 17 23:11:29 pti pop3[5824]: starttls: TLSv1 with cipher AES256-SHA
    (256/256 bits new) no authentication


    Feb 17 23:11:29 pti pop3[5824]: badlogin: [::1] plaintext mfuoco SASL(-1):
    generic failure: checkpass failed



    Don't think I need this for now but may have to add it later.

    > If your relay host needs id/pw to send mail, then put them in
    > smtp_auth and run postmap smtp_auth. Snippet from my
    > /etc/postfix/main.cf
    >
    > #
    > # postmap smtp_auth <----- builds smtp_auth.db file
    > #
    > smtp_sasl_auth_enable = yes
    > smtp_sasl_security_options =
    > smtp_sasl_password_maps = hash:/etc/postfix/smtp_auth
    >
    >
    > #********************** end main.cf ********************
    >
    > service postfix restart
    > should load changes.
    >
    > I have imap loaded, so I can then use thunderbird with darkstar as
    > both inbound mail and sending email from thunderbird.
    >
    > I do not modify /etc/postfix/main.cf variables, I just append my
    > changes to bottom. Snippet follows:
    >
    >
    >
    > # my changes appened to main.cf for my LAN nodes
    >
    > default_destination_concurrency_limit = 1
    >
    > masquerade_exceptions = root
    > mydestination = $myhostname localhost.$mydomain localhost $mydomain
    > mynetworks = 192.168.1.0/24, 127.0.0.0/8
    > relayhost = outgoing.verizon.net
    > relay_domains =
    > inet_interfaces = all
    > unknown_local_recipient_reject_code = 550
    > smtp_host_lookup = dns, native
    >
    >
    > # local box users, and to generate database file
    > # postmap virtual <----- builds virtual.db file
    > virtual_alias_maps = hash:/etc/postfix/virtual
    >


    Thanks,


    Frank

  4. Re: SASL(-1): generic failure: checkpass failed

    On Mon, 18 Feb 2008 04:21:30 GMT, Frank Dreyfus wrote:
    >
    > How do you get postfix working w/o cyrus? Don't you need cyrus for pop3?
    > I guess one way to look at it is that postfix IS working.


    Again, I do not know what cyrus is. All I know is as part of my install I
    get postfix and pop3. After boot I install imap.
    Since my ISP requires the log in, I had to add the smtp_sasl*
    variables to main.cf and create the database file.

    > But the error remains. Here's a new syslog snippet:
    >
    > Feb 17 23:11:29 pti pop3[5824]: accepted connection
    > Feb 17 23:11:29 pti cyrus-master[6930]: about to exec /usr/lib/cyrus-
    > imapd/pop3d


    See, I just loaded mcc, and searched for cyrus in add/delete packages
    and none of the cyrus packages are installed.

    Also did a locate lib/cyrus and nothing showed up.


    >
    > Feb 17 23:11:29 pti pop3[5824]: badlogin: [::1] plaintext mfuoco SASL(-1):
    > generic failure: checkpass failed


    That was the message that made me suggest the smtp_auth snippet
    maybe something needs to be created with id/pw and run through postmap.

  5. Re: SASL(-1): generic failure: checkpass failed

    Bit Twister wrote in
    news:slrnfri2o4.d89.BitTwister@wm80.home.test:

    > All I know is as part of my install I
    > get postfix and pop3


    Hi Bit,

    OK, I uninstalled cyrus and installed vm-pop3d. Is vm-pop3d what you use
    for pop3?

    It now works, sort of. I can send and receive from the local machine but
    can't send from a Windows XP system using either OE or Outlook.

    Here's the log:
    Feb 18 08:09:35 pti vm-pop3d[13243]: Connect from 192.168.0.162
    Feb 18 08:09:35 pti vm-pop3d[13243]: Socket closed

    It looks like the connection is made, but quickly closes and mail is NOT
    sent.

    On the Windows machine I get this:

    The connection to the server has failed. Account: 'test 192.168.0.189',
    Server: '192.168.0.189', Protocol: SMTP, Port: 25, Secure(SSL): No,
    Socket Error: 10061, Error Number: 0x800CCC0E

    I thought it might be a firewall issue so I opened the firewall on both
    the Linux and Windows boxes but get the same error.

    Any ideas?

    Thanks,


    Frank

  6. Re: SASL(-1): generic failure: checkpass failed

    On Mon, 18 Feb 2008 08:24:22 -0500, Frank Dreyfus wrote:

    > OK, I uninstalled cyrus and installed vm-pop3d. Is vm-pop3d what you use
    > for pop3?


    I'm using the imap package, which includes both imap and pop3 using init.d
    scripts, or xinetd.d scripts with, or without ssl. It also has fairly
    good documentation .

    Regards, Dave Hodgins

    --
    Change nomail.afraid.org to ody.ca to reply by email.
    (nomail.afraid.org has been set up specifically for
    use in usenet. Feel free to use it yourself.)

  7. Re: SASL(-1): generic failure: checkpass failed

    "David W. Hodgins" wrote in
    newsp.t6p779yba3w0dx@hodgins.homeip.net:

    > I'm using the imap package, which includes both imap and pop3 using
    > init.d scripts, or xinetd.d scripts with, or without ssl. It also has
    > fairly good documentation .


    Hi David,

    YESSSS!

    I uninstalled vm-pop3d and installed imap.

    Everything works great.


    Thanks again,


    Frank

  8. Re: SASL(-1): generic failure: checkpass failed

    On Mon, 18 Feb 2008 13:24:22 GMT, Frank Dreyfus wrote:
    >
    > OK, I uninstalled cyrus and installed vm-pop3d.


    Heheh, reminds me of the quote,
    The human mind reduces a problem to it's most complex form.

    > Is vm-pop3d what you use for pop3?


    Nope, I use pop3 when needed and no vm pop installed.
    Just for fun,
    uninstall the vm-pop
    install imap
    verify thunderbird can send/receive mail sent to your user account
    with you node name in thunderbirds in/out server fields.

    > Here's the log:
    > Feb 18 08:09:35 pti vm-pop3d[13243]: Connect from 192.168.0.162
    > Feb 18 08:09:35 pti vm-pop3d[13243]: Socket closed


    No vm-pop3 installed here either. Sorry I cannot help with vm problems.

    > It now works, sort of. I can send and receive from the local machine but
    > can't send from a Windows XP system using either OE or Outlook.


    In my opinion, you should not be using those on DOZE any how.
    Use some other MTC like Thunderbird.
    Less chance for malware to climb out of an email.


    > It looks like the connection is made, but quickly closes and mail is NOT
    > sent.
    >
    > On the Windows machine I get this:
    >
    > The connection to the server has failed. Account: 'test 192.168.0.189',
    > Server: '192.168.0.189', Protocol: SMTP, Port: 25, Secure(SSL): No,
    > Socket Error: 10061, Error Number: 0x800CCC0E
    > Any ideas?


    Have to guess main.cf did not have some of the lines I provided earlier
    Hint mydestination, mynetworks, inet_interfaces

    Since you have doze on the LAN, every LAN box needs a firewall and
    never disable firewall on any LAN box.


  9. Re: SASL(-1): generic failure: checkpass failed

    Bit Twister wrote in
    news:slrnfrjcd8.lrp.BitTwister@wm80.home.test:

    Thanks for your help!


    Frank



+ Reply to Thread