Submitted by yngens on Thu, 08/16/2018 - 03:59
This is quite important issue, because one could be sending e-mails for days without noticing they are not delivered at all. That is what happen to one of our Webmin servers, where we had set the "Use SASL SMTP authentication?" option to 'Yes', which apparently inserts smtp_sasl_auth_enable = yes when in fact it should be smtpd_sasl_auth_enable = yes. See the discussion between persons who got exactly the same issue on https://serverfault.com/questions/698854/postfix-fatal-specify-a-passwor...
Status:
Active
Comments
Submitted by yngens on Wed, 03/20/2019 - 09:21 Comment #1
Any news on this as it is happening again and again on multiple servers. In fact lot's of Virtualmin users are suffering because of this issue: https://www.google.com/search?q=site%3Avirtualmin.com+smtp_sasl_auth_ena...
Submitted by JamieCameron on Sun, 03/24/2019 - 00:45 Comment #2
There are two separate config options for
smtp_saslvssmtpd_saslin Webmin on the "SMTP Authentication And Encryption" page though.Submitted by yngens on Sun, 03/24/2019 - 06:23 Comment #3
I am not sure if there are two and what each of them is for, but what I care about is when you set the "Use SASL SMTP authentication?" to Yes it inserts
smtp_sasl_auth_enable = yesinstead ofsmtpd_sasl_auth_enable = yesand breaks Postfix causing thepostfix fatal: specify a password table via the `smtp_sasl_password_maps' configuration parametererror. At least, thats what's what happens on CentOS 7.x systems. Why don't you run some tests, Jamie?Jamie,
I'd like to chime in on this topic. I have confirmed the error per a recent install of Virtualmin. Inside the "/etc/postfix/main.cf", the wrong parameter is being added which essentially breaks sending via STARTTLS.
smtp_tls_security_level = may (incorrect)smtpd_tls_security_level = may (correct)
I spent days working with a client, and then examined the configuration against a working server which is how I discovered the typo. Once corrected sending via STARTTLS worked without issue.
Submitted by JamieCameron on Mon, 04/01/2019 - 23:13 Comment #5
According to the Postfix does at http://www.postfix.org/postconf.5.html#smtp_tls_security_level , smtp_tls_security_level can be set to "may" though. This controls the SSL level for outgoing connections.
How does this break sending mail exactly?
Submitted by yngens on Tue, 04/02/2019 - 01:38 Comment #6
Guys, IMHO you two have started discussing a different issue. The problem here is very simple - setting something on Virtualmin UI is causing the error. That's it! Clicking on anything on *min UI should be clean and cause no errors. Of course that's expected in ideal scenario whereas in practice we occasionally face lot's of issues. But at least we should try to always reach ideal.
Now, please concentrate on the issue itself here: go and set the "Use SASL SMTP authentication?" to 'Yes' and then witness Postfix giving the following error:
postfix fatal: specify a password table via the `smtp_sasl_password_maps' configuration parameter error.Will this be finally fixed or kept ignored?
Submitted by scotwnw on Tue, 04/02/2019 - 13:21 Pro Licensee Comment #7
Just to note in case this may be the confusion... there are 2 sasl settings on that config page as Jamie said... One for local server config and 1 for remote. The LOCAL Setting at the top of the SMTP Authentication And Encryption page "Require SASL SMTP authentication?", when set to yes does indeed add 'smtpd_sasl_auth_enable = yes' to the main.cf file. I changed to yes, Restarted postfix, sent and recvd mail fine. Compared before and after files, that line was added at the bottom.
The "Use SASL SMTP authentication?" down at the bottom of the SMTP Authentication And Encryption page is only for configuring connection to another mail server for sending mail. Those bottom 3 settings are in their own 'section'. Ignore them unless you're sending mail via a relay server.
Submitted by yngens on Mon, 04/15/2019 - 16:42 Comment #8
Local, not local - doesn't really matter. Guys, how don't you understand that changing ANYTHING on UI should not cause error on Postfix logs and in this case it not only does, but also actually breaks normal work of Postfix. No mail delivered after you go and change that setting on UI. Please don't be lazy and just run some tests.
Submitted by yngens on Mon, 04/15/2019 - 16:54 Comment #9
Not only this issue is the cause to the
postfix fatal: specify a password table via the `smtp_sasl_password_maps' configuration parametererror, but also to the following one:warning: /usr/libexec/postfix/smtp: bad command startup -- throttlingSubmitted by Jfro on Wed, 04/17/2019 - 06:29 Comment #10
That is the same here with fresh centos7 install if you put the yes there, ok if not put it there , should be given a warning or Documentation how to solve the error after such. Only error , not working and so on is not so good sorry ;)
I'm only supporting here with my test result, so not asking support with my gpl test hihi ;)
1:36:18 vp postfix/smtp[23434]: fatal: specify a password table via the `smtp_sasl_password_maps' configuration parameterApr 16 01:36:19 vp postfix/master[5736]: warning: process /usr/libexec/postfix/smtp pid 23434 exit status 1
Apr 16 01:36:19 vp postfix/master[5736]: warning: /usr/libexec/postfix/smtp: bad command startup -- throttling
Apr 16 01:37:19 vp postfix/smtp[24305]: fatal: specify a password table via the `smtp_sasl_password_maps' configuration parameter