hello,

I tried to use sasl2 with MySQL without pam in the debian 4.0 but I did not have sucess.
I did not have success in making the user to use the smtp authentication. Somebody can help ? :)

I did install the following packages:
#apt-get install libsasl2-modules-sql libsasl2-modules libsasl2-2 libsasl2 libsasl2-dev libsasl2-modules sasl2-bin


/var/log/auth.log
"postfix/smtpd[3393]: sql plugin trying to open db 'postfix' on host 'localhost'
postfix/smtpd[3393]: sql plugin could not connect to host localhost "

my confs:
/etc/postfix/sasl/smtpd.conf
log_level:7
pwcheck_method: auxprop
auxprop_plugin: sql
sql_engine: mysql
mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
sql_hostnames:localhost,127.0.0.1
sql_user: postfix
sql_passwd: xxxx
sql_database: postfix
sql_select: SELECT password FROM mailbox WHERE username = '%u@%r'
sql_verbose: yes

/etc/default/saslauthd
START=YES
MECHANISMS="sql"
MECH_OPTIONS=""
THREADS=5
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"

/etc/postfix/main.cf
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients=yes

postfix/smtpd[3393]: sql plugin could not connect to host localhost "

What's the output of netstat -tap?

Hello, Falko, thanks for reply.

I followed your tutorial, but I tried to use sasl without pam.

is this the output of netstat -tap
11:56:02 root@ marte :~ # netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 localhost:mysql *:* LISTEN 2450/mysqld
tcp 0 0 marte.domain:domain *:* LISTEN 2359/named
tcp 0 0 localhost:domain *:* LISTEN 2359/named
tcp 0 0 *:smtp *:* LISTEN 2687/master
tcp 0 0 localhost:953 *:* LISTEN 2359/named
tcp6 0 0 *:imaps *:* LISTEN 2593/couriertcpd
tcp6 0 0 *:imap2 *:* LISTEN 2581/couriertcpd
tcp6 0 0 *:www *:* LISTEN 2785/apache2
tcp6 0 0 *:domain *:* LISTEN 2359/named
tcp6 0 0 *:ssh *:* LISTEN 2712/sshd
tcp6 0 0 *:smtp *:* LISTEN 2687/master
tcp6 0 0 ip6-localhost:953 *:* LISTEN 2359/named

Hm, MySQL is listening on localhost... :confused:

hello, Falko, thanks again for reply.

yes, mysql is running in the same machine of postfix

is not correct listen on localhost ?

what should I need to do ?


ps: sorry for my english.

Have you tried making sure you can connect with the mysql client with the details you provided? Example:

mysql -u postfix -p <password>
use postfix;
Then maybe...run a test query too:
SELECT password FROM mailbox WHERE username = '<test username>';
quit;

You could do that to verify that you can in fact connect normally, though it's probably not the case that you can't connect it's always good to eliminate possibilities.

Of course if you can't connect then you may be looking at problems with your MySQL installation, or a typo.

Thanks.

yes, I think so:

postfix runs in a chroot jail, so localhost will not work, unless you do the following:

# mkdir -p /var/spool/postfix/var/run/mysqld
# chown mysql /var/spool/postfix/var/run/mysqld
# ln /var/run/mysqld/mysqld.sock /var/spool/postfix/var/run/mysqld/mysqld.so

since the socket will be recreated every time MySQL restarts, so its best to add that lines into /etc/mysql/debian-start just before "exit 0":

# rm -rf /var/spool/postfix/var/run/mysqld/mysqld.sock
# ln /var/run/mysqld/mysqld.sock /var/spool/postfix/var/run/mysqld/mysqld.sock

pasted from:

http://kb.gosi.at/content/9/20/en/dbmail-mysql-postfix-debian-etch.html


and btw: you most likely won´t need saslauthdaemon running ... postfix directly interfaces with the authentication plugins from sasl.

I will try.
thank you :)

well if that doesn´t work, you should check the user credentials ...

just let me know how this story goes, I will stay as long as it takes :)