Farmer20's picture

I'm posting my fix for others to see in case this affects them too.  Note:  I'm a Linux noob and thus I had trouble with this far too long last night.  (My 1st post here.)

Appliance:  Turnkey Linux Wordpress

Problem:  couldn't send email using the built-in Postfix server.  (I used a free account with the built-in "SendInBlue" service).

mail.log contained this phrase:  "SASL authentication failure: No worthy mechs found"

Issue:  libsasl2-modules was either missing or out of date in the appliance.

Solution:  at a Webmin command shell, I issued: 

   apt install libsasl2-modules

A pile of things installed.  And then email worked.

Maybe someone can look into it. 

I downloaded the appliance ISO about 3 days ago. I'm running it in a Hyper-V VM if that's a factor (likely not).  And during the install, I ran the default updater for everything.   And so this could be a current issue.

====

Credit goes to:

https://www.spamhero.com/support/125410/Set_Up_Postfix_to_Relay_Outbound_Messages_Through_SpamH

Specifically, the comment in the link was:

"If you see warnings such as "warning: SASL authentication failure: No worthy mechs found," or "SASL authentication failed; cannot authenticate to server ... no mechanism available," then you may need to install additional packages.

For CentOS, you may need to install cyprus-sasl and cyprus-sasl-plain (you may also need cyrus-sasl-lib, but our test on CentOS 7 didn't seem to require that package).  On other systems, you may need libsasl2-modules.

"

There were other sites mentioning that libsasl2-modules could be the cause but this site suggested an answer that I could understand and so I tried it.

For reference, here is a more complete set of messages in the mail.log:

Apr 20 13:50:40 Wordpress1 postfix/smtp[10080]: warning: SASL authentication failure: No worthy mechs found
Apr 20 13:50:40 Wordpress1 postfix/smtp[10080]: 6303A5E08H8: to=<my-email@gmail.com>, relay=smtp-relay.sendinblue.com[185.107.232.248]:587, delay=1185, delays=1184/0.01/1/0, dsn=4.7.0, status=deferred (SASL authentication failed; cannot authenticate to server smtp-relay.sendinblue.com[185.107.232.248]: no mechanism available)

[the number: 6303A5E08H8 and the email address have been sanitized]

Forum: 
Jeremy Davis's picture

Sorry to hear of your troubles, but thanks for posting your solution. I'm sure that others will benefit.

It's worth noting that this oversight has been fixed in the latest version of Confconsole - which also includes a fix for Let's Encrypt HTTPS certificates. Unfortunately, the installation is a bit convoluted, but if you carefully follow the instructions (in a proper shell session, i.e. NOT in the Webmin shell) in the v1.1.2 release notes then certificates should work properly. It's a bit late now, but that would have also fixed this issue too...

Farmer20's picture

Thanks Jeremy.  
 

Perhaps unrelated to my problem, could you expand or send a link to what you meant by "a fix for Let's Encrypt HTTPS certificates"?

I eventually want to serve up Wordpress web pages using HTTPS and I wonder if I'll run into a problem with certificates.

Jeremy Davis's picture

It's related to our "Let's Encrypt integration" - in Confconsole. In case you weren't aware, Let's Encrypt provide free HTTPS certificates and we provide a way to get those certs on TurnKey (within Confconsole). However, Let's Encrypt changed some things which set off a cascade of issues for our integration.

If you follow the instructions as noted in the release notes, here: https://github.com/turnkeylinux/confconsole/releases/tag/v1.1.2 then you should be able to update to the latest v1.1.2 version which should fix all the current outstanding issues...

Hopefully, if you read through that carefully, it should be pretty straight forward. If you have any difficulties questions, please ask.

Farmer20's picture

Remember I'm still a noob.  But what is the difference between a proper shell and a webmin shell? 

I believe I would normally be using a webmin shell because it'd be more convoluted (I think) to get at the console of my Wordpress server remotely.

Jeremy Davis's picture

In a "proper" shell, you can interact with it (rather than just running commands). I.e. within an interactive shell (aka a "proper" shell), if you run a command which requires user input during the process, you can do that (e.g. responding to a question). That is not the case with the Webmin terminal. So it is recommended that you use either Webshell (via https on port 12320) or better still, via an SSH client (will be a much better user experience).

If you are on Windows, then you can install a commandline OpenSSH client via PowerShell. If you'd rather a GUI type client (albeit that the SSH sessions itself is still commandline like), then PuTTY is a popular choice, WinSCP is another option (which also supports file transfer via SCP or SFTP - both of which are enabled in TurnKey by default). FWIW Linux or Mac have commandline clients for SSH (and SCP/SFTP) built in by default.

It will only be more convoluted initially (as you'd need to install a client and configure it). After that, it's about the same as Webmin (if not easier) - e.g. via commandline:

ssh root@YOUR_SERVER_ID_OR_DOMAIN
# Then enter your password...

If you go with PuTTY, then you can save your server IP/domain and by default it will ask for your username and password. However, you can pre-configure it to default to only require password (i.e. preset the username).

If you set up key-pair login, then it would be the easiest possible way to get access to your server (i.e. open the client, connect, done).

I know that the commandline can be daunting to people not used to using it, but I would encourage you to embrace it. It's so awesome! I was a Windows SysAdmin for many years and avoided it where I could, but once I switched to Linux, I found myself using it much more and the more I used it, the more I realised that (at least with regard to Linux) things are generally SO MUCH EASIER from the commandline! For a real world example, I still struggle to understand how to configure Apache via Webmin, but it's super simple via commandline...

OTOH I'm a regular Linux user these days (I rarely ever use anything else) so I can have a "curse of knowledge" with lots of stuff and whilst I find it much easier to use Linux, I know that it's not so easy for others, and they may not wish to devote as much time and energy to learning Linux and commandline-fu as I have over the years...

Farmer20's picture

Thank again, Jeremy!  I was wondering why someone would use webshell!   And your explanation makes sense.

Re:  Windows vs Linux and command line.  I am actually learning all this for fun!  I'm old enough to have grown up with MS-DOS so the command line isn't super daunting.  But my brain is not quick anymore.  :-(  So learning new things takes longer.  :-/

Thanks for the encouragement though!  I'm indeed embracing it!  

Jeremy Davis's picture

TBH, I never really played with that and don't know much about it, but I do remember it. FWIW my first computer was Windows 3.1 (which was really just a "pretty" UI over DOS).

Anyway, good on you! Yeah IMO, the best way to learn is to play. So long as you aren't in a rush to reach a goal and can roll back to where you were if things go pear-shaped (i.e. no risk of losing important data), then you've got nothing to lose and you can just experiment and see what happens.

When I first started learning Linux and Linux commandline (I was a Windows "power user" type, although mostly used the GUI) I recall someone telling me that "if you aren't regularly breaking things, then you aren't playing hard enough!" :) So enjoy the ride!

Add new comment