Virtual Users And Domains With Postfix, Courier And MySQL.. Authentication Problem

Discussion in 'HOWTO-Related Questions' started by stickyplaster, Dec 12, 2006.

  1. stickyplaster

    stickyplaster New Member

    Hi
    I followed the above howto, however, I am having problems logging in via any mail client e.g. thunderbird or web client.

    I can see from my file system that mail is being delivered okay in the user's mail box.

    I have checked and double checked all my settings/files/db tables etc. and my user password is stored encrypted. As mail_admin I can log into the mail database in mysql with the appropriate privileges using the password I stipulate in the various property files.

    Somewhere along the way authentication via the mail client is failing, but the only mail error I seem to be getting is 'imapd-ssl: LOGIN FAILED, the same with pop3-ssl.

    Has anyone any ideas where I am going wrong?

    thank you
     
  2. falko

    falko Super Moderator

    What's the exact error message you get in your mail client? What's the exact error message in your mail log? What's the output of
    Code:
    netstat -tap
    ?
     
  3. stickyplaster

    stickyplaster New Member

    Hi
    Thanks for getting back to me. I'll look and post the info when I get a chance.

    regards
     
  4. martinfst

    martinfst HowtoForge Supporter

    Server software?

    What server are you running on? I've been fighting authentication on my newly setup Ubuntu 6.10 past hours. I'm trying Courier with TB and Squirrelmail with zero results. I'll dig some deeper, but if I can't find it, I'll share my piece.
     
  5. stickyplaster

    stickyplaster New Member

    Hi folks

    'What server are you running on? I've been fighting authentication on my newly setup Ubuntu 6.10 past hours...'

    It's a Debian sarge VDS


    'What's the exact error message you get in your mail client?'

    My mail client just says login to server failed after I accept the ssl certificate


    'What's the exact error message in your mail log?'

    I have a few rather large logs mail.warn includes:
    postfix/master[24460]: warning: process /usr/lib/postfix/trivial-rewrite pid 17182 exit status 1
    postfix/master[24460]: warning: /usr/lib/postfix/trivial-rewrite: bad command startup -- throttling
    postfix/pickup[31048]: warning: B3BC0D113C3: message has been queued for 1 days
    postfix/pickup[31048]: warning: maildrop/15F97D113C1: Error writing message file
    postfix/pickup[31048]: warning: B912AD113C3: message has been queued for 1 days
    postfix/pickup[31048]: warning: maildrop/968DA6DDF5C: Error writing message file
    postfix/cleanup[8212]: warning: B3BC0D113C3: virtual_alias_maps map lookup problem for root@
    postfix/cleanup[8212]: warning: B912AD113C3: virtual_alias_maps map lookup problem for root@
    postfix/proxymap[13557]: warning: connect to mysql server 127.0.0.1: Can't connect to MySQL server on '127.0.0.1' (111)

    mail.err includes:
    imaplogin: LOGIN FAILED
    imaplogin: LOGIN FAILED
    imaplogin: DISCONNECTED, time=12
    postfix/trivial-rewrite[16422]: fatal: proxy:mysql:/etc/postfix/mysql-virtual_domains.cf(0,100): table lookup problem
    postfix/trivial-rewrite[16700]: fatal: proxy:mysql:/etc/postfix/mysql-virtual_domains.cf(0,100): table lookup problem

    I have redone the setup twice and checked/double checked my settings but in view of the above do I need to do so again???? though I'm pretty sure.....
    Don't know where the root is coming in as my user is set to mail_admin.

    netstat -tap:
    Active Internet connections (servers and established)
    Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
    tcp 0 0 :imaps *:* LISTEN -
    tcp 0 0 :pop3s *:* LISTEN -
    tcp 0 0 :pop3 *:* LISTEN -
    tcp 0 0 imap2 *:* LISTEN -
    tcp 0 0 -:www *:* LISTEN -
    tcp 0 0 :10002 *:* LISTEN -
    tcp 0 0 -:ssh *:* LISTEN -
    tcp 0 0 :smtp *:* LISTEN -
    tcp 0 0 :https *:* LISTEN -
    tcp 1 0 :smtp CLOSE_WAIT -
    tcp 38 0 :10002 CLOSE_WAIT -
    tcp 0 0 -:ssh ESTABLISHED-
     
  6. till

    till Super Moderator

    Either your mysql server is not running or it is not listening on 127.0.0.1 Please try to start the mysql server:

    /etc/init.d/mysql start
     
  7. stickyplaster

    stickyplaster New Member

    Hi

    No, MySql was/is running okay and I have the following in my.cnf:

    bind-address = 127.0.0.1 and there is no local .cnf file to override this as far as I can see.

    regards
     
  8. till

    till Super Moderator

    But mysql is not listening to TCP sockets as you can see in your netstat output. Please post the content of your my.cnf file.
     
  9. stickyplaster

    stickyplaster New Member

    #
    # The MySQL database server configuration file.
    #
    # You can copy this to one of:
    # - "/etc/mysql/my.cnf" to set global options,
    # - "~/.my.cnf" to set user-specific options.
    #
    # One can use all long options that the program supports.
    # Run program with --help to get a list of available options and with
    # --print-defaults to see which it would actually understand and use.
    #
    # For explanations see
    # http://dev.mysql.com/doc/mysql/en/server-system-variables.html

    # This will be passed to all mysql clients
    # It has been reported that passwords should be enclosed with ticks/quotes
    # escpecially if they contain "#" chars...
    # Remember to edit /etc/mysql/debian.cnf when changing the socket location.
    [client]
    port = 3306
    socket = /var/run/mysqld/mysqld.sock

    # Here is entries for some specific programs
    # The following values assume you have at least 32M ram

    # This was formally known as [safe_mysqld]. Both versions are currently parsed.
    [mysqld_safe]
    socket = /var/run/mysqld/mysqld.sock
    nice = 0

    [mysqld]
    old_passwords = false # inserted by debconf
    # We activated the above for connections from hosts running Debian Woody/Sarge!
    #
    # Prior to MySQL 5.0, user passwords were stored in a rather weak way. This
    # has been improved with the drawback that client programs shipped with
    # Debian Woody/Sarge (technically: linked against libmysqlclient.so.12 or
    # earlier) cannot connect any more if either their account has either been
    # created or their password has been modified using MySQL 5.0.
    # See http://dev.mysql.com/doc/refman/5.0/en/old-client.html
    #
    # * Basic Settings
    #
    user = mysql
    pid-file = /var/run/mysqld/mysqld.pid
    socket = /var/run/mysqld/mysqld.sock
    port = 3306
    basedir = /usr
    datadir = /var/lib/mysql
    tmpdir = /tmp
    language = /usr/share/mysql/english
    skip-external-locking
    #
    # Instead of skip-networking you can now listen only on
    # localhost which is more compatible and is not less secure.
    bind-address = 127.0.0.1
    #skip-networking
    #
    # * Fine Tuning
    #
    key_buffer = 16M
    max_allowed_packet = 16M
    thread_stack = 128K
    thread_cache_size = 8
    #
    # * Query Cache Configuration
    #
    query_cache_limit = 1048576
    query_cache_size = 16777216
    query_cache_type = 1
    #
    # * Logging and Replication
    #
    # Both location gets rotated by the cronjob.
    # Be aware that this log type is a performance killer.
    #log = /var/log/mysql/mysql.log
    #
    # Error logging goes to syslog. This is a Debian improvement :)
    #
    # Here you can see queries with especially long duration
    #log_slow_queries = /var/log/mysql/mysql-slow.log
    #
    # The following can be used as easy to replay backup logs or for replication.
    #server-id = 1
    log_bin = /var/log/mysql/mysql-bin.log
    # WARNING: Using expire_logs_days without bin_log crashes the server! See README.Debian!
    expire_logs_days = 10
    max_binlog_size = 100M
    #binlog_do_db = include_database_name
    #binlog_ignore_db = include_database_name
    #
    # * BerkeleyDB
    #
    # According to an MySQL employee the use of BerkeleyDB is now discouraged
    # and support for it will probably cease in the next versions.
    skip-bdb
    #
    # * InnoDB
    #
    # InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/.
    # Read the manual for more InnoDB related options. There are many!
    # You might want to disable InnoDB to shrink the mysqld process by circa 100MB.
    #skip-innodb
    #
    # * Security Features
    #
    # Read the manual, too, if you want chroot!
    # chroot = /var/lib/mysql/
    #
    # For generating SSL certificates I recommend the OpenSSL GUI "tinyca".
    #
    # ssl-ca=/etc/mysql/cacert.pem
    # ssl-cert=/etc/mysql/server-cert.pem
    # ssl-key=/etc/mysql/server-key.pem



    [mysqldump]
    quick
    quote-names
    max_allowed_packet = 16M

    [mysql]
    #no-auto-rehash # faster start of mysql but no tab completition

    [isamchk]
    key_buffer = 16M

    #
    # * NDB Cluster
    #
    # See /usr/share/doc/mysql-server-*/README.Debian for more information.
    #
    # The following configuration is read by the ndbd storage daemons,
    # not from the ndb_mgmd management daemon.
    #
    # [MYSQL_CLUSTER]
    # ndb-connectstring=127.0.0.1

    thank you
     
  10. falko

    falko Super Moderator

    What's the output of
    Code:
    /etc/init.d/mysql restart
    ,
    Code:
    ps aux|grep -i mysql
    and
    Code:
    netstat -tap
    ?
     
  11. stickyplaster

    stickyplaster New Member

    mysql seems to be showing now:

    Active Internet connections (servers and established)
    Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
    tcp 0 0 :imaps *:* LISTEN -
    tcp 0 0 :pop3s *:* LISTEN -
    tcp 0 0 :mysql *:* LISTEN -
    tcp 0 0 :pop3 *:* LISTEN -
    tcp 0 0 :imap2 *:* LISTEN -
    tcp 0 0 :www *:* LISTEN -
    tcp 0 0 :10002 *:* LISTEN -
    tcp 0 0 :ssh *:* LISTEN -
    tcp 0 0 :smtp *:* LISTEN -
    tcp 0 0 :https *:* LISTEN -
    tcp 0 52 ssh ESTABLISHED-
    tcp 38 0 :CLOSE_WAIT -

    but still no joy.

    regards
     
  12. stickyplaster

    stickyplaster New Member

    I am seeing mysql on localhost now:

    tcp 0 0 :mysql localhost:37249 TIME_WAIT -
    tcp 0 0 :mysql localhost:37250 TIME_WAIT -
    tcp 0 0 localhost:37249 mysql TIME_WAIT -

    still no luck though :( ho hum
     
  13. falko

    falko Super Moderator

    Do you use 127.0.0.1 in your configuration files (as recommended by the tutorial) or localhost?
     
  14. stickyplaster

    stickyplaster New Member

    Hi
    As far as I am aware I have used 127.0.0.1 throughout
     
  15. Tortanick

    Tortanick New Member

    Its a long shot but I had an authentication problem that was caused by putting squigles in my MySQL password. (not root the one SASL uses). Try only useing numbers and letters in you're password.
     
  16. stickyplaster

    stickyplaster New Member

    Hi
    Unfortunately my password is only letters and numbers. I am going to have to rethink this one I feel.

    regards
     
  17. falko

    falko Super Moderator

    I think you should compare all your configuration files again with those of the tutorial. Also take care about their format (tabs, spaces, ...). Courier is very finicky about this.
     
  18. stickyplaster

    stickyplaster New Member

    I have done both many times, believe me.

    Perhaps I'm just going to have to accept that I can't get it to work. :confused:

    Thanks for all your help.

    regards
     

Share This Page