Proxmox postfix relayhost authentication error

I’ve grown to really appreciate the community version of the proxmox vitalization server, but because I’m too poor to afford the subscription version I tend to upgrade the entire server on a semi-annual basis. I do this by moving all the containers, or KVM images, to another proxmox server, then upgrade the now bare proxmox server using the updated proxmox install iso .  I then reconfigure the server to my specific needs using a bash script. One of the tasks in this script is to set up postfix’s relayhost config to allow my promox server to email via google’s smtp servers when something is wrong. It is usually pretty straight forward, but with proxmox version 4.0 (based on Debian Jessie) I got this error in /var/log/mail.log:

SASL authentication failed; cannot authenticate to server no mechanism available

Since I had used the exact same setup/configs as my prior servers I knew something was up. A quick search of google produced the answer. I needed to run:

aptitude install libsasl2-modules

And then everything worked. Thank you HowToForge for the answer.

For those who are interested, here’s the relevant portion of my install script

#Add email forwarding
aptitude install -y libsasl2-modules #this fixed a SASL authentication failed; cannot authenticate to server no mechanism available error
sed -i 's|relayhost =|relayhost = []:587|g' /etc/postfix/
sed -i 's|mynetworks =|mynetworks =, 10.X.X.X/24|g' /etc/postfix/
sed -i 's|inet_interfaces = loopback-only|inet_interfaces = all|g' /etc/postfix/
echo "smtp_use_tls=yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_sasl_security_options =
mydomain= $DOMAIN
myhostname= $HOSTNAME.$DOMAIN
myorigin=$HOSTNAME.$DOMAIN" >> /etc/postfix/
#add password db for email google authentication
echo "[]:587"$GOOGLE_PW > /etc/postfix/sasl_passwd
chmod 400 /etc/postfix/sasl_passwd
postmap /etc/postfix/sasl_passwd
#register aliases and restart postfix
echo "" >>/etc/aliases
/etc/init.d/postfix restart



Posted in Uncategorized | Leave a comment

Proxmox and ddwrt w/ differing subnets error

Some background: I run a small software consulting firm, but I’m also a family doc and I keep a few thousand pages of clinical notes in a semantic mediawiki (“NotesWiki”) that I host on my own servers. I wanted network redundancy of this NotesWiki so I enlisted my parent’s network 150 miles away. On my parents network I installed a proxmox VM server and placed the VM server on a separate subnet from my parents local subnet. There are lots of ways to do this using debian/Proxmox, but I decided to use a ddwrt router as the subnet separation point (me7). See drawing below for an explanation of my network.

This setup seemed easy enough but for some reason I could not direct network traffic from the internet to me20 (the webserver) despite correct port forwarding in twc1. After days of pinging, packet watching w/ wireshark, and pulling my hair out, I finally figured out what was going on. me20 is a virtual machine that sits on a proxmox VM Server (me29). I had set me29’s gateway as (me6) and this meant that packets which arrived at me20 from the internet would take a return path through me6. Obviously this didn’t work.  The solution was to set the gateway to the a more appropriate outgoing route (e.g.  See proxmox config image below.
proxmox setting

I hope this post saves someone else the frustration I experienced.

Posted in Debian, networking, Proxmox, Virtualization | Leave a comment

Alt-Tab in Citrix XenApp Remote Desktop

A number of enterprise health systems allow access to a shared EMR virtual server via XenApp.  It’s a nice way of separating concerns and enforcing security, however, there are a few configuration drawbacks.  One issue I ran into was the lack of windows quick-key functionality in remote windows desktops hosted on a XenApp server.  There is a solution though.  See this link for more info.  I run a windows 7 64 bit host system, so I needed to change the registry value at:

HKEY_CURRENT_USER\SOFTWARE\Wow6432Node\Citrix\ICA Client\Engine\Lockdown Profiles\All Regions\Lockdown\Virtual Channels\Keyboard


to equal “Remote” for Alt-Tab to work correctly on my system.  The value was blank prior to me adding the text “Remote”.

Posted in networking, Virtualization, Windows, Xen | Leave a comment