#1  
Old 31st October 2008, 05:55
Moten Moten is offline
Member
 
Join Date: Oct 2008
Posts: 37
Thanks: 1
Thanked 1 Time in 1 Post
Default SASL Postfix MySQL issues

Having an issue trying to get SMTP SASL to work properly with mail clients. I have Postfix with Courier and Squirrelmail up and working properly with MySQL.

Authenticating users to be able to send mail however I can not seem to accomplish.

When I try to connect from a mail client it pops up for the password, but never takes it. Below is the pertinent data, but please let me know what else you need and I will provide.

I have been trying to resolve this forever now, so any help would be greatly appreciated.

Mail.log

Oct 31 00:50:59 AlbPostFix02 postfix/smtpd[5142]: connect from cpe-74-70-80-244.nycap.res.rr.com[74.70.80.244]
Oct 31 00:50:59 AlbPostFix02 postfix/smtpd[5142]: warning: cpe-74-70-80-244.nycap.res.rr.com[74.70.80.244]: SASL LOGIN authentication failed: authentication failure
Oct 31 00:50:59 AlbPostFix02 postfix/smtpd[5142]: lost connection after AUTH from cpe-74-70-80-244.nycap.res.rr.com[74.70.80.244]
Oct 31 00:50:59 AlbPostFix02 postfix/smtpd[5142]: disconnect from cpe-74-70-80-244.nycap.res.rr.com[74.70.80.244]
#


auth.log

Oct 31 00:50:51 AlbPostFix02 postfix/smtpd[5142]: sql_select option missing
Oct 31 00:50:51 AlbPostFix02 postfix/smtpd[5142]: auxpropfunc error no mechanism available
Oct 31 00:50:51 AlbPostFix02 postfix/smtpd[5142]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql
#


salsfinger

# saslfinger -s
saslfinger - postfix Cyrus sasl configuration Fri Oct 31 00:00:49 EDT 2008
version: 1.0.4
mode: server-side SMTP AUTH

-- basics --
Postfix: 2.5.1
System: Ubuntu 8.04.1 \n \l

-- smtpd is linked to --
libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7d8d000)

-- active SMTP AUTH and TLS parameters for smtpd --
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain =
smtpd_sasl_path = /etc/postfix/sasl:/usr/lib/sasl2
smtpd_sasl_security_options = noanonymous


-- listing of /usr/lib/sasl2 --
total 808
drwxr-xr-x 2 root root 4096 2008-10-29 11:57 .
drwxr-xr-x 58 root root 20480 2008-10-29 12:20 ..
-rw-r--r-- 1 root root 13568 2008-04-09 17:50 libanonymous.a
-rw-r--r-- 1 root root 862 2008-04-09 17:49 libanonymous.la
-rw-r--r-- 1 root root 12984 2008-04-09 17:50 libanonymous.so
-rw-r--r-- 1 root root 12984 2008-04-09 17:50 libanonymous.so.2
-rw-r--r-- 1 root root 12984 2008-04-09 17:50 libanonymous.so.2.0.22
-rw-r--r-- 1 root root 15834 2008-04-09 17:50 libcrammd5.a
-rw-r--r-- 1 root root 848 2008-04-09 17:49 libcrammd5.la
-rw-r--r-- 1 root root 15320 2008-04-09 17:50 libcrammd5.so
-rw-r--r-- 1 root root 15320 2008-04-09 17:50 libcrammd5.so.2
-rw-r--r-- 1 root root 15320 2008-04-09 17:50 libcrammd5.so.2.0.22
-rw-r--r-- 1 root root 46332 2008-04-09 17:50 libdigestmd5.a
-rw-r--r-- 1 root root 871 2008-04-09 17:49 libdigestmd5.la
-rw-r--r-- 1 root root 43020 2008-04-09 17:50 libdigestmd5.so
-rw-r--r-- 1 root root 43020 2008-04-09 17:50 libdigestmd5.so.2
-rw-r--r-- 1 root root 43020 2008-04-09 17:50 libdigestmd5.so.2.0.22
-rw-r--r-- 1 root root 13574 2008-04-09 17:50 liblogin.a
-rw-r--r-- 1 root root 842 2008-04-09 17:49 liblogin.la
-rw-r--r-- 1 root root 13268 2008-04-09 17:50 liblogin.so
-rw-r--r-- 1 root root 13268 2008-04-09 17:50 liblogin.so.2
-rw-r--r-- 1 root root 13268 2008-04-09 17:50 liblogin.so.2.0.22
-rw-r--r-- 1 root root 30016 2008-04-09 17:50 libntlm.a
-rw-r--r-- 1 root root 836 2008-04-09 17:49 libntlm.la
-rw-r--r-- 1 root root 29236 2008-04-09 17:50 libntlm.so
-rw-r--r-- 1 root root 29236 2008-04-09 17:50 libntlm.so.2
-rw-r--r-- 1 root root 29236 2008-04-09 17:50 libntlm.so.2.0.22
-rw-r--r-- 1 root root 13798 2008-04-09 17:50 libplain.a
-rw-r--r-- 1 root root 842 2008-04-09 17:49 libplain.la
-rw-r--r-- 1 root root 13396 2008-04-09 17:50 libplain.so
-rw-r--r-- 1 root root 13396 2008-04-09 17:50 libplain.so.2
-rw-r--r-- 1 root root 13396 2008-04-09 17:50 libplain.so.2.0.22
-rw-r--r-- 1 root root 22126 2008-04-09 17:50 libsasldb.a
-rw-r--r-- 1 root root 873 2008-04-09 17:49 libsasldb.la
-rw-r--r-- 1 root root 18080 2008-04-09 17:50 libsasldb.so
-rw-r--r-- 1 root root 18080 2008-04-09 17:50 libsasldb.so.2
-rw-r--r-- 1 root root 18080 2008-04-09 17:50 libsasldb.so.2.0.22
-rw-r--r-- 1 root root 23696 2008-04-09 17:50 libsql.a
-rw-r--r-- 1 root root 971 2008-04-09 17:49 libsql.la
-rw-r--r-- 1 root root 23140 2008-04-09 17:50 libsql.so
-rw-r--r-- 1 root root 23140 2008-04-09 17:50 libsql.so.2
-rw-r--r-- 1 root root 23140 2008-04-09 17:50 libsql.so.2.0.22
drwxr-xr-x 2 root root 4096 2008-10-29 11:51 sasl2
-rw-r--r-- 1 root root 250 2008-10-30 23:57 smtpd.conf

-- listing of /usr/local/lib/sasl2 --
total 12
drwxr-xr-x 2 root root 4096 2008-10-29 11:51 .
drwxr-xr-x 4 root root 4096 2008-10-29 11:50 ..
-rw-r--r-- 1 root root 231 2008-10-30 23:58 smtpd.conf

-- listing of /etc/postfix/sasl --
total 20
drwxr-xr-x 3 root root 4096 2008-10-30 18:37 .
drwxr-xr-x 3 root root 4096 2008-10-29 11:45 ..
drwxr-xr-x 2 root root 4096 2008-10-30 09:55 lala
-rw-r--r-- 1 root root 470 2008-10-30 23:56 smtpd.conf
-rw------- 1 root root 211 2008-10-30 18:37 smtpd.conf.save




-- content of /usr/lib/sasl2/smtpd.conf --
pwcheck_method: authprop
auxprop_plugin: mysql
mech_list: sql plain login
sql_engine: mysql
sql_hostnames: localhost
sql_user: --- replaced ---
sql_passwd: --- replaced ---
sql_database: maildb
sql_select: select clear from users where id='%u@%r' and enabled = 1


-- content of /usr/local/lib/sasl2/smtpd.conf --
pwcheck_method: auxprop
auxprop_plugin: mysql
sql_engine: mysql
mech_list: sql plain login
sql_hostnames: localhost
sql_user: --- replaced ---
sql_passwd: --- replaced ---
sql_database: maildb
sql_select: select clear from users where id='%u@%r'


-- content of /etc/postfix/sasl/smtpd.conf --
#pwcheck_method: auxprop
#auxprop_plugin: mysql
#sql_engine: mysql
#mech_list: sql plain login
#sql_hostnames: localhost
sql_user: --- replaced ---
sql_passwd: --- replaced ---
#sql_database: maildb
#sql_select: select crypt from users where id='%u@%r'

pwcheck_method: saslauthd
mech_list: plain login
allow_plaintext: true
auxprop_plugin: mysql
sql_hostnames: 127.0.0.1
sql_user: --- replaced ---
sql_passwd: --- replaced ---
sql_database: maildb
sql_select: select clear from users where id='%u@%r'


-- content of /etc/postfix/sasl/smtpd.conf --
#pwcheck_method: auxprop
#auxprop_plugin: mysql
#sql_engine: mysql
#mech_list: sql plain login
#sql_hostnames: localhost
sql_user: --- replaced ---
sql_passwd: --- replaced ---
#sql_database: maildb
#sql_select: select crypt from users where id='%u@%r'

pwcheck_method: saslauthd
mech_list: plain login
allow_plaintext: true
auxprop_plugin: mysql
sql_hostnames: 127.0.0.1
sql_user: --- replaced ---
sql_passwd: --- replaced ---
sql_database: maildb
sql_select: select clear from users where id='%u@%r'



-- active services in /etc/postfix/master.cf --
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
smtp inet n - - - - smtpd
587 inet n - n - - smtpd
-o smtpd_enforce_tls=yes
-o smtpd_sasl_auth_enable=yes
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - n 300 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp
-o smtp_fallback_relay=
showq unix n - - - - showq
error unix - - - - - error
retry unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}

-- mechanisms on localhost --
250-AUTH LOGIN PLAIN NTLM CRAM-MD5 DIGEST-MD5
250-AUTH=LOGIN PLAIN NTLM CRAM-MD5 DIGEST-MD5


-- end of saslfinger output --






postconf

# postconf -n

alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
delay_warning_time = 4h
disable_vrfy_command = yes
html_directory = /usr/share/doc/postfix/html
inet_interfaces = all
local_recipient_maps =
mailbox_size_limit = 0
maximal_backoff_time = 8000s
maximal_queue_lifetime = 7d
minimal_backoff_time = 1000s
mydestination =
myhostname = albpostfix02.domain.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = domain.com
readme_directory = /usr/share/doc/postfix
recipient_delimiter = +
relayhost =
smtp_helo_timeout = 60s
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_restrictions = reject_rbl_client sbl.spamhaus.org, reject_rbl_client blackholes.easynet.nl, reject_rbl_client dnsbl.njabl.org
smtpd_delay_reject = yes
smtpd_hard_error_limit = 12
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, warn_if_reject, reject_invalid_hostname, permit
smtpd_recipient_limit = 16
smtpd_recipient_restrictions = reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain =
smtpd_sasl_path = /etc/postfix/sasl:/usr/lib/sasl2
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_pipelining, permit
smtpd_soft_error_limit = 3
unknown_local_recipient_reject_code = 450
virtual_alias_maps = mysql:/etc/postfix/mysql_alias.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_mailbox.cf
#
Reply With Quote
Sponsored Links
  #2  
Old 31st October 2008, 15:30
Moten Moten is offline
Member
 
Join Date: Oct 2008
Posts: 37
Thanks: 1
Thanked 1 Time in 1 Post
Default RE:SASL Postfix MySQL issues

Still can not get this figured out. I have read through how-to's here as well as many other places. Have searched for the answer on Google for over a week now.

Anyone who can help, it would be greatly appreciated. SASL is making me want to jump off a cliff.
Reply With Quote
  #3  
Old 31st October 2008, 16:45
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

Did you follow a tutorial to set this up? If so, which one (URL)?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #4  
Old 31st October 2008, 17:08
Moten Moten is offline
Member
 
Join Date: Oct 2008
Posts: 37
Thanks: 1
Thanked 1 Time in 1 Post
Default

Originally I followed the flurdy guide - http://flurdy.com/docs/postfix/

Then had issues with SASL authentication and have tried lots of stuff since. Most all of it has been removed, but there may still possibly be something hanging around I am not seeing.

Thanks
Reply With Quote
  #5  
Old 1st November 2008, 16:36
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

Which distribution are you using?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #6  
Old 3rd November 2008, 14:58
Moten Moten is offline
Member
 
Join Date: Oct 2008
Posts: 37
Thanks: 1
Thanked 1 Time in 1 Post
Default

Ubuntu 8.04
Reply With Quote
  #7  
Old 4th November 2008, 13:55
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

Please try this guide: http://www.howtoforge.com/virtual-us...ail-ubuntu8.04
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
Moten (6th November 2008)
  #8  
Old 5th November 2008, 01:02
Moten Moten is offline
Member
 
Join Date: Oct 2008
Posts: 37
Thanks: 1
Thanked 1 Time in 1 Post
Default

Tried that guide on a fresh install and everything is working nicely.

Only thing I am having an issue with is connecting to mysql remotely.

I gave the user access, and they can login from phpmyadmin.

Commented out the bind-address in my.cnf also.

Using MySQL Admin I get

Host 'x.x.x.x' is not allowed to connect to this mysql server.

Host table in mysql looks like:

Code:
Host 	Db 	Select_priv 	Insert_priv 	Update_priv 	Delete_priv 	Create_priv 	Drop_priv 	Grant_priv 	References_priv 	Index_priv 	Alter_priv 	Create_tmp_table_priv 	Lock_tables_priv 	Create_view_priv 	Show_view_priv 	Create_routine_priv 	Alter_routine_priv 	Execute_priv
% 	% 	Y 	      Y         	Y 	      Y 	      Y 	      Y 	      Y 	      Y 	        Y 	      Y 	      Y 	      Y 	      Y 	      Y 	        Y 	      Y  	      Y
Reply With Quote
  #9  
Old 5th November 2008, 19:09
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

Please make sure that the user table contains the correct hostname.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #10  
Old 6th November 2008, 00:00
Moten Moten is offline
Member
 
Join Date: Oct 2008
Posts: 37
Thanks: 1
Thanked 1 Time in 1 Post
 
Default

user table did surely enough have a value messing it up. Everything else in the tutorial is working great, thanks for putting it together, and for the help.
Reply With Quote
Reply

Bookmarks

Tags
postfix, sasl, ubuntu

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Undelivered Mail Returned to Sender Error202 General 5 7th May 2009 11:14
localhost postfix/master: fatal: bind 127.0.0.1 port 125: Permission denied g18c Installation/Configuration 4 24th March 2009 17:39
Management/system config/settings & /server/settings not working!! dactor Installation/Configuration 9 6th February 2008 09:11
Centos 4.4 32bit Hangs, High Server load 3cwired_com Server Operation 11 16th November 2006 15:47
Verify email setup meekish Installation/Configuration 28 27th October 2006 15:36


All times are GMT +2. The time now is 19:39.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.