Postfix dont work with dovecot or cyrus-sasl

[kidboy]

I have a problem with postfix with dovecot ( i already try cyrus-sasl too ). I recive the same error from log when i try log via telnet localhost 25 without SSL. Dovecot its work fine, i test using doveadm -a /var/spool/postfix/private/auth and recive a success, but postfix dont work for some reason. I am using CentOS Stream 9

# Dovecot 10-master.conf
...
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0600
user = postfix
group = postfix
}

...

[root@mail postfix]# doveadm auth test -a /var/spool/postfix/private/auth user@domain.com test
passdb: user@domain.com auth succeeded
extra fields:
user=user@domain.com

# Permission dovecot
root@mail postfix]# ls -la /var/spool/postfix/private/auth
srw------- 1 postfix postfix 0 jan 19 06:17 /var/spool/postfix/private/auth



[root@mail postfix]# telnet localhost 25
Trying ::1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host.

# /var/log/maillog
Jan 19 07:05:11 mail dovecot[19825]: auth: Debug: Loading modules from directory: /usr/lib64/dovecot/auth
Jan 19 07:05:11 mail dovecot[19825]: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/lib20_auth_var_expand_crypt.so
Jan 19 07:05:11 mail dovecot[19825]: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_mysql.so
Jan 19 07:05:11 mail dovecot[19825]: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.so
Jan 19 07:05:11 mail dovecot[19825]: auth: Debug: sqlpool(mysql): Creating new connection
Jan 19 07:05:11 mail dovecot[19825]: auth: Debug: Read auth token secret from /run/dovecot/auth-token-secret.dat
Jan 19 07:05:11 mail postfix/smtpd[52633]: fatal: no SASL authentication mechanisms
Jan 19 07:05:11 mail dovecot[19825]: auth: Debug: auth client connected (pid=0)
Jan 19 07:05:12 mail postfix/master[52325]: warning: process /usr/libexec/postfix/smtpd pid 52633 exit status 1
Jan 19 07:05:12 mail postfix/master[52325]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling

# main.cf
mynetworks = 127.0.0.0/8
myhostname = mail.domain.com
mydomain = domain.com
myorigin = $mydomain
compatibility_level = 2
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
inet_interfaces = all
inet_protocols = all
mydestination = $myhostname, localhost.$mydomain, localhost
unknown_local_recipient_reject_code = 550
debug_peer_level = 10
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbini/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix/samples
readme_directory = /usr/share/doc/postfix/README_FILES
meta_directory = /etc/postfix
shlib_directory = /usr/lib64/postfix
transport_maps = hash:/etc/postfix/transport
home_mailbox = Maildir/
recipient_delimiter = +
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous, noplaintext
smtpd_sasl_tls_security_options = $smtpd_sasl_security_options

# Configuracoes de TLS
smtpd_tls_auth_only = no
smtpd_tls_received_header = yes
smtpd_sasl_local_domain = $mydomain
smtpd_tls_loglevel = 1
smtpd_tls_cert_file = /etc/pki/tls/certs/postfix.pem
smtpd_tls_key_file = /etc/pki/tls/private/postfix.key
smtpd_tls_security_level = may
smtp_tls_CApath = /etc/pki/tls/certs
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
smtp_tls_security_level = may

# Configuracoes Virtuais
virtual_alias_maps = proxy:mysql:/etc/postfix/virtual_alias_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/virtual_mailbox_maps.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/virtual_mailbox_domains.cf
virtual_mailbox_base = /var/spool/mail/psitech.com.br
virtual_minimum_uid = 89
virtual_transport = dovecot
virtual_uid_maps = static:89
virtual_gid_maps = static:89
local_transport = virtual
local_recipient_maps = $virtual_mailbox_maps

# Configuracoes de envio
smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknow_recicpient_domain, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_non_fqdn_hostname, reject_invalid_hostname, reject_unverified_sender, permit


# master.cf
==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (no) (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd

submission inet n - n - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_path=private/auth
-o smtpd_sasl_security_options=noanonymous
-o milter_macro_daemon_name=ORIGINATING
-o smtpd_helo_required=no
-o smtpd_helo_restrictions=
-o cleanup_service_name=submission-header-cleanup

smtps inet n - n - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_reject_unlisted_recipient=no

pickup unix n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr unix n - n 300 1 qmgr

tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
-o syslog_name=postfix/$service_name

showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
postlog unix-dgram n - n - 1 postlogd
dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -d ${recipient}

[TrevorH]

Jan 19 07:05:11 mail postfix/smtpd[52633]: fatal: no SASL authentication mechanisms

[kidboy]

I have installed this packages and the postfix show me support for dovecot

[root@mail usuario]# postconf -a
cyrus
dovecot

[root@mail usuario]# rpm -qa | grep postfix
postfix-3.5.9-24.el9.x86_64
spamass-milter-postfix-0.4.0-13.el9.noarch
postfix-perl-scripts-3.5.9-24.el9.x86_64
postfix-mysql-3.5.9-24.el9.x86_64
postfix-pcre-3.5.9-24.el9.x86_64

[root@mail usuario]# rpm -qa | grep dovecot
dovecot-2.3.16-10.el9.x86_64
dovecot-mysql-2.3.16-10.el9.x86_64

[TrevorH]

Try `rpm -qa | grep -i sasl`

cyrus-sasl-lib-2.1.27-21.el9.x86_64
cyrus-sasl-gssapi-2.1.27-21.el9.x86_64
cyrus-sasl-plain-2.1.27-21.el9.x86_64
cyrus-sasl-2.1.27-21.el9.x86_64

[kidboy]

[root@mail usuario]# rpm -qa | grep sasl
cyrus-sasl-lib-2.1.27-21.el9.x86_64
cyrus-sasl-gssapi-2.1.27-21.el9.x86_64
cyrus-sasl-2.1.27-21.el9.x86_64
cyrus-sasl-devel-2.1.27-21.el9.x86_64
cyrus-sasl-plain-2.1.27-21.el9.x86_64
cyrus-sasl-sql-2.1.27-21.el9.x86_64
libgsasl-1.10.0-3.el9.x86_64

I have all this packages. I thin the problem is somethin in postfix

[kidboy]

I think the problem is something in saslauthd

# /etc/sasl2/smtpd.conf
pwcheck_method: auxprop saslauthd
mech_list: PLAIN LOGIN
auxprop_plugin: sql
log_level: 7
sql_engine: mysql
sql_hostnames: 127.0.0.1
sql_user: email
sql_passwd: XXX
sql_database: email
sql_select: SELECT password FROM accounts WHERE user = '%u@%r'

When i try a test using testsaslauthd i recive a error:
saslauthd[15412] :auth failure: [user=bruno] [service=smtp] [realm=psitech.com.br] [mech=pam] [reason=PAM auth error]

But with this version of dovecot and cyrus we dont need more pam_mysql ( its not available in CentOS Stream 9 )