Newbie: Postfix/Dovecot/MySQL : errors when trying to SMTP


I hope someone might have some advice for a newbie attempting to work through a Postfix setup.

I have followed this:

I can send an email using mailutils a la:

echo "A test" | sudo mail -s "A test" > -aFrom:[email protected]

And I can:

sudo doveadm auth test -x service=smtp

passdb: auth succeeded

But, trying to connect via a client (which happened to be Zimbra, and successfully retrieves messages via IMAP), errors when setting up SMTP, a look at the logs found auth-worker errors, relating to pam, and passwd:

Nov 28 22:43:19 auth-worker(6779): Info: pam([email protected],[my.ip.add.ress]): pam_authenticate() failed: Authentication failure (Password mismatch?)

Nov 28 22:43:19 auth-worker(6779): Info: passwd([email protected],[my.ip.add.ress]): unknown user

As a not very educated guess I figured that pam shouldn't be being used here, but as I can't figure out yet how to change that, maybe I would temporarily create an actual system user that matches the name of the myvirtualmysqluser. That seemingly got me one step closer, even though Zimbra wasn't working yet, running:

openssl s_client -starttls smtp -connect localhost:587

gets me as far as successfully sending a "mail from" which possibly means there's a pam user found now(?) (must check logs to be triple sure though) but then:

RCPT TO:[email protected]

140142822204544:error:1420410A:SSL routines:SSL_renegotiate:wrong ssl version:../ssl/ssl_lib.c:2127:

Can anyone suggest what the problem is? Should I be changing this use of pam and passwd? The linode how-to is all based on the mysql, so shouldn't the sending over SMTP also be configured to also use mysql? What does this renegotiating of SSL error mean?

Any clues gratefully received.

(I have the older O'reillys Postfix book and the Heinlein Dovecot 2014 books at hand now for reference, but if you think there's a more appropriate resource…)

3 Replies

Did you remember to open a support ticket and ask them to open ports 25/465/587 for your Linode:

I use LOGIN authentication…not PAM. Logins (for both SSMTP and IMAP) are authenticated directly against the database. This seems to be a lot simpler and easier to understand (at least for me). I also use SQLite3…because I have a small and static number of users.

-- sw

Thanks Steve, Yes ports are open. Same as far as small/static users, but presently set up with MariaDB… I meant in my opening post to link to this guide [ that I actually followed.

It makes complete sense to authenticate directly against the database, and that is what is happening for IMAP, thanks to the steps in the guide, but not it seems for SMTP.

Might you point me to where in the config files, would I change away from PAM then, for SMTP?

The postfix(1) configuration is in /etc/postfix/

The dovecot(1) configuration is in several files. If you send me an email at the address you find at:

I can send you my dovecot(1) configuration files. They are too voluminous to post here (also there's no way to post files…hint, hint Linode folks).

-- sw


Please enter an answer

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct