[WBEL-users] Postfix sasl mylsq : SASL PLAIN authentication failed

Christian Huegel christian.huegel@fedoraforum.de
Sat, 16 Oct 2004 14:32:02 +0200 

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig0D37B2A0670B3C9528A0C6CF
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: quoted-printable

Casper Pedersen wrote:
> Hi Christian,
>=20
> Did you do a 'services saslauthd restart'?
>=20
> Regards/Casper
>=20
>=20
> On Sat, 2004-10-16 at 13:58, Christian Huegel wrote:
>=20
>>Casper Pedersen wrote:
>>
>>>Hi Christian,
>>>
>>>I had some problem to get it to work (pam authentication), and I found
>>>that I had to add: "saslauthd_version: 2" to smtpd.conf to get postfix
>>>to work.
>>>
>>>Regards/Casper
>>>
>>>On Sat, 2004-10-16 at 01:53, Christian Huegel wrote:
>>>
>>>
>>>>Hello everybody,
>>>>
>>>>
>>>>i=C2=B4m trying to set up postfix with sasl AUTH against an mysql-dat=
abase=20
>>>>and when i connect from evolution i get the following message in mail=
.log :
>>>>	SASL PLAIN authentication failed
>>>>
>>>>
>>>>Here are the configs i=C2=B4m using:
>>>>/usr/lib/sasl2/smtpd.conf:
>>>>
>>>> log_level: 3
>>>>pwcheck_method: auxprop
>>>>auxprop_plugin: sql
>>>>mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
>>>>sql_engine: mysql
>>>>sql_hostnames: localhost
>>>>sql_user: vmailuser
>>>>sql_passwd: *****
>>>>sql_database: mail
>>>>sql_select: select clear from postfix_users where email=3D'%u@%r'
>>>>sql_usessl: no
>>>>
>>>>/etc/postfix/main.cf:
>>>>
>>>>-----snip--------
>>>>smtpd_sasl_auth_enable =3D yes
>>>>smtpd_sasl_security_options =3D noanonymous
>>>>smtpd_sasl_local_domain =3D $myhostname
>>>>broken_sasl_auth_clients =3D yes
>>>>smtpd_recipient_restrictions =3D permit_sasl_authenticated,
>>>>reject_unauth_destination
>>>>alias_maps =3D mysql:/etc/postfix/mysql-aliases.cf
>>>>relocated_maps =3D mysql:/etc/postfix/mysql-relocated.cf
>>>>smtpd_helo_required =3D yes
>>>>disable_vrfy_command =3D yes
>>>>smtpd_data_restrictions =3D reject_unauth_pipelining
>>>>smtpd_etrn_restrictions =3D reject
>>>>
>>>># SSL Part
>>>>
>>>>smtpd_use_tls =3D yes
>>>>smtp_use_tls =3D yes
>>>>smtpd_tls_auth_only =3D no
>>>>smtp_tls_note_starttls_offer =3D yes
>>>>smtpd_tls_key_file =3D /etc/postfix/ssl/smtpd.key
>>>>smtpd_tls_cert_file =3D /etc/postfix/ssl/smtpd.crt
>>>>smtpd_tls_CAfile =3D /etc/postfix/ssl/cacert.pem
>>>>smtpd_tls_loglevel =3D 1
>>>>smtpd_tls_received_header =3D yes
>>>>smtpd_tls_session_cache_timeout =3D 3600s
>>>>tls_random_source =3D dev:/dev/urandom
>>>>-------snap------------
>>>>
>>>>telnet localhost 25
>>>>
>>>>ehlo localhost
>>>>250-mail.postfix.de
>>>>250-PIPELINING
>>>>250-SIZE 10240000
>>>>250-ETRN
>>>>250-STARTTLS
>>>>250-AUTH PLAIN LOGIN DIGEST-MD5 CRAM-MD5
>>>>250-AUTH=3DPLAIN LOGIN DIGEST-MD5 CRAM-MD5
>>>>250 8BITMIME
>>>>
>>>>The imapd-ssl authentication with the same username and passwort work=
s=20
>>>>fine with mysql.
>>>>
>>>>
>>>>
>>>>Am i missing something?
>>>>
>>>>Thanks, i guess i goo to sleep now: trying about 5 hours to get this=20
>>>>working and i=C2=B4m kind of frustated.
>>>>
>>>>Best regards
>>>>
>>>>Christian
>>
>>
>>Hi Casper,
>>
>>i tried adding the option: saslauthd_version: 2 to=20
>>/usr/lib/sasl2/smtpd.conf as yu suggested but it didn=C2=B4t work ;(
>>
>>Thx anyway
>>
>>Regard
>>
>>Christian


Hi Casper,

 > Did you do a 'services saslauthd restart'?

Yes i did restart the service.

Addidtional i=C2=B4ve started the authdaemond which comes with courier=20
(location: /usr/local/courier/libexec/authlib/authdaemond)

In the process list the authlibs are shown:

/usr/local/courier/sbin/courierlogger -pid=3D/usr/local
13738 ?        S      0:00=20
/usr/local/courier/libexec/authlib/authdaemond.mysql
13739 ?        S      0:00=20
/usr/local/courier/libexec/authlib/authdaemond.mysql
13740 ?        S      0:00=20
/usr/local/courier/libexec/authlib/authdaemond.mysql
13741 ?        S      0:00=20
/usr/local/courier/libexec/authlib/authdaemond.mysql
13742 ?        S      0:00=20
/usr/local/courier/libexec/authlib/authdaemond.mysql
13743 ?        S      0:00=20
/usr/local/courier/libexec/authlib/authdaemond.mysql


I don`t have any clue why this isn=C2=B4t working..

Btw Casper, please replay below the quote..;)


Regards
Christian

--------------enig0D37B2A0670B3C9528A0C6CF
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBcRTFiiBsp2eSNRIRAh3YAJ0SmL0UjUkEbJ0ZQOn9AbKfqid+MQCfdQRf
LsI3Cd3jfyoP+rcDaegO8ww=
=mhJH
-----END PGP SIGNATURE-----

--------------enig0D37B2A0670B3C9528A0C6CF--