/* POSTCONF -N*/append_dot_mydomain = nobiff = nobroken_sasl_auth_client

1.  
2. /* POSTCONF -N*/
3. append_dot_mydomain = no
4. biff = no
5. broken_sasl_auth_clients = yes
6. config_directory = /etc/postfix
7. delay_warning_time = 4h
8. disable_vrfy_command = yes
9. home_mailbox = Maildir/
10. inet_interfaces = all
11. inet_protocols = ipv4
12. local_recipient_maps = $virtual_mailbox_maps
13. local_transport = virtual
14. mailbox_command = procmail -a "$EXTENSION"
15. mailbox_size_limit = 0
16. maximal_backoff_time = 8000s
17. maximal_queue_lifetime = 7d
18. minimal_backoff_time = 1000s
19. mydestination = #$mydomain, $myhostname, localhost
20. myhostname = mail.my_domain.com
21. mynetworks = 127.0.0.0/8
22. myorigin = my_domain.com
23. readme_directory = no
24. recipient_delimiter = +
25. relayhost =
26. smtp_helo_timeout = 60s
27. smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
28. smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
29. smtpd_client_restrictions = reject_rbl_client sbl.spamhaus.org, reject_rbl_client blackholes.easynet.nl, reject_rbl_client dnsbl.njabl.org
30. smtpd_delay_reject = yes
31. smtpd_hard_error_limit = 12
32. smtpd_helo_required = yes
33. smtpd_helo_restrictions = permit_mynetworks, warn_if_reject reject_non_fqdn_hostname, reject_invalid_hostname, permit
34. smtpd_recipient_limit = 16
35. smtpd_recipient_restrictions = permit_sasl_authenticated, reject_unauth_pipelining, permit_mynetworks, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, permit smtpd_data_restrictions = reject_unauth_pipelining
36. smtpd_sasl_auth_enable = yes
37. smtpd_sasl_local_domain =
38. smtpd_sasl_security_options = noanonymous
39. smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, warn_if_reject reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_pipelining, permit
40. smtpd_soft_error_limit = 3
41. smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
42. smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
43. smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
44. smtpd_use_tls = yes
45. unknown_local_recipient_reject_code = 450
46. virtual_alias_maps = proxy:mysql:/etc/postfix/mysql/virtual_alias_maps.cf
47. virtual_gid_maps = static:8
48. virtual_mailbox_base = /var/mail/vmail
49. virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql/virtual_domains_maps.cf
50. virtual_mailbox_limit = 512000000
51. virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql/virtual_mailbox_maps.cf
52. virtual_minimum_uid = 8
53. virtual_transport = virtual
54. virtual_uid_maps = static:8
55.  
56. /* /etc/postfix/sasl/smtpd.conf*/
57. pwcheck_method: saslauthd
58. saslauthd_path: /var/run/saslauthd/mux
59. log_level: 7
60. mech_list: PLAIN LOGIN
61. auxprop_plugin: mysql
62. allow_plaintext: true
63. sql_engine: mysql
64. sql_hostnames: 127.0.0.1
65. sql_user: postfix
66. sql_passwd: password
67. sql_database: postfixadmin
68. sql_select: select password from mailbox where username = '%u'
69.  
70. Here the error message from syslog : "SASL PLAIN authentication failed: authentication failure"
71.  
72. Here the error messages from auth.log :
73. May 17 11:51:09 host postfix/smtpd[17405]: sql auxprop plugin using mysql engine
74. May 17 11:51:09 host saslauthd[17276]: DEBUG: auth_pam: pam_authenticate failed: Authentication failure
75. May 17 11:51:09 host saslauthd[17276]: do_auth : auth failure: [user=user@domain.com] [service=smtp] [realm=domain.com] [mech=pam] [reason=PAM auth error]