plain RHEL 4.4 box - had a successful setup of sendmail + dovecot with SSL. Goal was to switch from sendmail to postfix: My Current (non-working) setup including steps I took: up2date -i postfix system-switch-mail # The latest PostFix version with RHEL4 is Postfix 2.2.10, but postfix.org states "Dovecot SASL support is # available in Postfix 2.3 and later.", so downloading postfix 2.3.7: wget http://ftp.wl0.org/official/2.3/RPMS-rhel4....rhel4.i386.rpm rpm -u postfix-2.3.7-1.rhel4.i386.rpm # Creating certs: mkdir /etc/postfix/ssl cd /etc/postfix/ssl/ openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024 chmod 600 smtpd.key openssl req -new -key smtpd.key -out smtpd.csr openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt openssl rsa -in smtpd.key -out smtpd.key.unencrypted mv -f smtpd.key.unencrypted smtpd.key openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem - days 3650 #Creating a certificate for Outlook: openssl pkcs12 -export -in smtpd.crt -inkey smtpd.key -out OutlookSMTP.p12 #Then import the OutlookSMTP.p12 file into the Trusted Root Certification Authorities store. #This is my main.cf file copied from howtoforge.com's perfect Centos 4.4 setup: queue_directory = /var/spool/postfix command_directory = /usr/sbin daemon_directory = /usr/libexec/postfix mail_owner = postfix inet_interfaces = all mydestination = $myhostname, localhost.$mydomain, localhost unknown_local_recipient_reject_code = 550 alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb $daemon_directory/$process_name $process_id & sleep 5 sendmail_path = /usr/sbin/sendmail.postfix newaliases_path = /usr/bin/newaliases.postfix mailq_path = /usr/bin/mailq.postfix setgid_group = postdrop html_directory = no manpage_directory = /usr/share/man sample_directory = /usr/share/doc/postfix-2.1.5/samples readme_directory = /usr/share/doc/postfix-2.1.5/README_FILES smtpd_sasl_local_domain = smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination mynetworks = 127.0.0.0/8 smtpd_tls_auth_only = no smtp_use_tls = yes smtpd_use_tls = yes smtp_tls_note_starttls_offer = yes smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom #above conf didn't work, neither with postfix 2.2.10 nor with the 2.3 #This is dovecot specific that I added based on postfix.org: smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth #This is some more I added as dovecot uses maildir and #I'm using the virtual file to redirect all local virtual users #to the "mailuser1" account that I use for logging in, or should #i use the "postfix" user for loggin in with outlook? home_mailbox = Maildir/ mailbox_command = virtual_alias_maps = hash:/etc/postfix/virtual #Also uncommented this in master.cf to open port 465: smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject Additional Notes: I'm using outlook express to connect to port 465 for receiving pop3s mail and port 995 for sending smtps mail The Perfect Centos 4.4 setup states: "We must edit /usr/lib/sasl2/smtpd.conf so that Postfix allows PLAIN and LOGIN logins. On a 64Bit Centos 4.4 you must edit the file /usr/lib64/sasl2/smtpd.conf instead." Though I have all cyrus-sasl packages installed: cyrus-sasl-md5-2.1.19-5.EL4 cyrus-sasl-gssapi-2.1.19-5.EL4 cyrus-sasl-2.1.19-5.EL4 cyrus-sasl-plain-2.1.19-5.EL4 cyrus-sasl-devel-2.1.19-5.EL4 I don't have the smtpd.conf file on my system. So I created it: nano -w /usr/lib/sasl2/smtpd.conf And entered: pwcheck_method: saslauthd mech_list: plain login I also edited "/etc/sysconfig/saslauthd" and changed: MECH=pam But when i send "ehlo localhost" to test things, there's no: 250-AUTH PLAIN LOGIN 250-AUTH=PLAIN LOGIN but 250-STARTTLS exists When, as stated on "Dovecot SASL configuration for the Postfix SMTP server" (http://www.postfix.org/SASL_README.html) - "On the Dovecot side you also need to specify the Dovecot authentication daemon socket. In this case we specify an absolute pathname. In the example we assume that the Postfix queue is under /var/spool/postfix/. " I try to add the following to dovecot.conf: /some/where/dovecot.conf: auth default { mechanisms = plain login passdb pam { } userdb passwd { } socket listen { client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } } It gives me fatal error when I try to restart dovecot. The error I get when I try to send mail through Outlook is: The message could not be sent because one of the recipients was rejected by the server. The rejected e-mail address was 'sendingto'. Subject 'test', Account: 'Example', Server: 'www.example.com', Protocol: SMTP, Server Response: '554 5.7.1 <blah.blah.com[123.123.123.123]>: Client host rejected: Access denied', Port: 465, Secure(SSL): Yes, Server Error: 554, Error Number: 0x800CCC79 And when I try to receive mail, it logs in successfully, but it says there is no mail, though there is.
I am sorry, but postfix-2.3.X is not a supported component of RHEL-4. There is no dovecot support in the 2.2 version though. You have tree joices: - Use sendmail with dovecot - Use postfix with cyrus-imapd - Use RHEL-5 Closing as "NOT A BUG"