• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Resolved no SASL authentication mechanisms

I want to thank you all for the support so far. This is a summary what I've done and everything seems to function properly for now at least, except for the BIND issue...

I made a backup, removed and reinstalled only Postfix, since the only change I made to Dovecot I have reverted it and did not see a reason to uninstall/install it.
Removed the wildcard domain for domain1.com and assigned the webmail.domain1.com Plesk assigned Lets Encrypt cert. Changed all the mails to go through plesk.domain1.com and it's working fine.
The PHP error disappeared as soon as I assigned a domain/website to the Plesk OS vendor which is 8.0.27, after that I reassigned the 8.0.30 version to the site and the error is gone.

The bind issue is as following...
Code:
Oct 10 22:16:44 plesk.domain1.com systemd[1]: Starting Berkeley Internet Name Domain (DNS)...
Oct 10 22:16:44 plesk.domain1.com sh[208362]: Service 'named' was not restarted because Plesk uses 'named' in chroot environment.
Oct 10 22:16:44 plesk.domain1.com sh[208362]: If you want to restart the 'named' service, please use 'service named-chroot restart'.
Oct 10 22:16:44 plesk.domain1.com systemd[1]: named.service: Control process exited, code=exited, status=1/FAILURE
Oct 10 22:16:44 plesk.domain1.com systemd[1]: named.service: Failed with result 'exit-code'.
Oct 10 22:16:44 plesk.domain1.com systemd[1]: Failed to start Berkeley Internet Name Domain (DNS).
 
I want to thank you all for the support so far. This is a summary what I've done and everything seems to function properly for now at least, except for the BIND issue...

I made a backup, removed and reinstalled only Postfix, since the only change I made to Dovecot I have reverted it and did not see a reason to uninstall/install it.
Removed the wildcard domain for domain1.com and assigned the webmail.domain1.com Plesk assigned Lets Encrypt cert. Changed all the mails to go through plesk.domain1.com and it's working fine.
The PHP error disappeared as soon as I assigned a domain/website to the Plesk OS vendor which is 8.0.27, after that I reassigned the 8.0.30 version to the site and the error is gone.

The bind issue is as following...
Code:
Oct 10 22:16:44 plesk.domain1.com systemd[1]: Starting Berkeley Internet Name Domain (DNS)...
Oct 10 22:16:44 plesk.domain1.com sh[208362]: Service 'named' was not restarted because Plesk uses 'named' in chroot environment.
Oct 10 22:16:44 plesk.domain1.com sh[208362]: If you want to restart the 'named' service, please use 'service named-chroot restart'.
Oct 10 22:16:44 plesk.domain1.com systemd[1]: named.service: Control process exited, code=exited, status=1/FAILURE
Oct 10 22:16:44 plesk.domain1.com systemd[1]: named.service: Failed with result 'exit-code'.
Oct 10 22:16:44 plesk.domain1.com systemd[1]: Failed to start Berkeley Internet Name Domain (DNS).
This thread can be marked as resolved.
 
Was having a similar problem. Tried a lot of different things as well and this is what fixed my issue.

# Added configuration for Postfix SASL
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix

In regards to this fix as "not wise to use, as the postfix user and group isn't used by Plesk. You might be opening your server up more problems":

Specifically adding the unix_listener /var/spool/postfix/private/auth settings in dovecot.conf, have successfully integrated SASL authentication between Postfix and Dovecot, allowing email to send correctly. This setup effectively overrides or bypasses the original smtpd_sasl_path = private/auth by creating a Dovecot-managed listener socket where Postfix can authenticate.

The reason this works is that Dovecot is handling the authentication directly via the /var/spool/postfix/private/auth socket, rather than relying on Plesk’s plesk_saslauthd. By specifying user = postfix and group = postfix in the listener configuration, we’ve ensured compatibility with Postfix’s user permissions, sidestepping Plesk’s plesk_saslauthd setup.

Using postfix as the user and group for the listener socket should be fine, provided that access is strictly limited to Postfix, as Dovecot permissions are designed to prevent unauthorized access. This approach is common on non-Plesk-managed servers but might lack some of Plesk’s additional restrictions. Since Plesk’s plesk_saslauthd socket is not in use here, future updates may not automatically revert or alter this setup. However, it’s good to document this change for reference, as updates or Plesk repairs could potentially restore smtpd_sasl_path to private/plesk_saslauthd. In such a case, you would need to reapply these modifications.

I'm open to better solutions that involve using plesk_saslauthd but for some reason this stopped working and I couldn't figure out why not.

 
Back
Top