Fixing Postfix authentication issues on CentOS 6 with Virtualmin

The weirdest errors are those occurring on a freshly installed system where you’d expect for everything to simply work (with the default configs). But such new installs are rarely working…

Roudcube successfully connects and sends emails when connecting to localhost (as it runs on the same server):

– in /var/log/maillog:
postfix/smtpd[2700]: 9DE0553623CF: client=localhost.localdomain[127.0.0.1], sasl_method=LOGIN, sasl_username=username-domain.tld

At the same time, external clients are unable to send emails through SMTP. Thunderbird fails by showing login failure to the SMTP server. Further inspecting the logs reveals to be a SASL authentication issue:

– in /var/log/maillog:
postfix/smtpd[24182]: warning: unknown[12.34.56.78]: SASL LOGIN authentication failed: authentication failure

– in /var/log/messages:
saslauthd[21745]: do_auth  : auth failure: [user=username] [service=smtp] [realm=domain.tld] [mech=pam] [reason=PAM auth error]

The issues is caused by SASL incorrectly handling @ in emails (when logins are set to the username@domain.tld format in Virtualmin). Roundcube works as it replaces @ with in the username.

To solve this, edit /etc/sysconfig/saslauthd and in the FLAGS option add a -r:

FLAGS="-n 2 -r"

This will tell saslauthd to properly process username@domain.tld logins.

Leave a Reply