Topic: docker issues: not taking custom config / SASL authentication failure
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 2020082501
- Deployed with iRedMail Easy or the downloadable installer? docker image iredmail/mariadb
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): mysql
- Web server (Apache or Nginx): nginx
Hi there,
I am trying to deploy iRedMail using this docker image iredmail/mariadb:stable (published 10/19/2020), and encountered some issues when setting up sending emails via a relayhost.
Issue 1: docker postfix ignores custom main.cf
Postfix does not take custom main.cf from /opt/iredmail/custom/ folder, as described in "iRedMail Easy: Best Practice" https://docs.iredmail.org/iredmail-easy … ctice.html, which makes it difficult to change some settings (e.g. to set up relayhost along with its sasl passwords). I had to specifically mount main.cf, sasl_passwd, sasl_passwd.db and feed them to the postfix inside the container.
I am not sure if there is an easier way to do so with the docker image, or it is a feature that could be added.
Issue 2: SASL authentication failure
I am trying to use Sendgrid for all my outbound emails.
After manually amounting the password file and generating its hash, I am getting this error when sending emails to outside servers: (from mail.log)
2020-11-04T13:42:44.946065+00:00 mail amavis[884]: (00884-02) Passed CLEAN, <postmaster@mydomain.com> -> <***@to_domain.com>, Hits: 0.1, tag=2, tag2=6.2, kill=6.9, queued_as: 4CR7BX4yMtz20SD, L/0/0/0
2020-11-04T13:42:44.949220+00:00 mail postfix/amavis/smtp[1285]: 4CR7BX1C2Cz20S6: to=<***@to_domain.com>, relay=127.0.0.1[127.0.0.1]:10026, delay=0.83, delays=0.18/0.01/0/0.63, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 4CR7BX4yMtz20SD)
2020-11-04T13:42:44.949628+00:00 mail postfix/qmgr[1273]: 4CR7BX1C2Cz20S6: removed
2020-11-04T13:42:46.472262+00:00 mail postfix/smtp[1292]: Trusted TLS connection established to smtp.sendgrid.net[159.122.219.43]:587: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
2020-11-04T13:42:46.728962+00:00 mail postfix/smtp[1292]: warning: SASL authentication failure: No worthy mechs found
2020-11-04T13:42:46.729548+00:00 mail postfix/smtp[1292]: 4CR7BX4yMtz20SD: SASL authentication failed; cannot authenticate to server smtp.sendgrid.net[159.122.219.43]: no mechanism availablethe relevant block in postfix main.cf I added according to this Sendgrid integration guide https://sendgrid.com/docs/for-developer … l/postfix/
# relay settings in main.cf
relayhost = [smtp.sendgrid.net]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
header_size_limit = 4096000I have verified the credentials stored in sasl_passwd ([smtp.sendgrid.net]:587 apikey:<apikey string>), and generated sasl_passwd.db, with
postmap hash:/etc/postfix/sasl_password. Files had to be mounted to the container due to Issue 1 (Within docker-compose.yml)
# docker-compose.yml volumes:
- /volume1/docker/iredmail/data/custom/postfix/sasl_passwd:/etc/postfix/sasl_passwd
- /volume1/docker/iredmail/data/custom/postfix/sasl_passwd.db:/etc/postfix/sasl_passwd.db
- /volume1/docker/iredmail/data/custom/postfix/main.cf:/etc/postfix/main.cfGoogle searches indicated that some SASL related packages may need to be installed for this SASL auth to work. But I am not sure how it could be done inside the docker container (yum/apt-get does not seem to work, and other means seem too complex for me).
Any help is appreciated!
----
Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.