-   Linux - Server (
-   -   Postfix + Mysql + Sasl SMTP Auth Problem (

Jukas 10-30-2007 10:10 PM

Postfix + Mysql + Sasl SMTP Auth Problem
I'm running a Debian Etch based system running Postfix 2.3.8 (I believe) + Mysql 5.0.32 + Courier IMAP + Amavis + SpamAssassin + PostfixAdmin 2.1.0 handling email for virtual domains. Usernames and Passwords are stored in the MySQL database and passwords are encrypted in md5crypt.

The problem is when I try and SMTP Auth it just bounces the username and password. Here is my config information

smtpd_banner = $myhostname ESMTP $mail_name
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

inet_interfaces = all

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

alias_maps = hash:/etc/aliases
myorigin =
myhostname =
mydestination =
relayhost =
mynetworks =
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter =
virtual_alias_domains =
virtual_alias_maps = mysql:/etc/postfix/
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = mysql:/etc/postfix/
virtual_mailbox_limit = 51200000
virtual_mailbox_maps = mysql:/etc/postfix/
virtual_minimum_uid = 110
virtual_transport = virtual
virtual_uid_maps = static:110
virtual_gid_maps = static:110
smtpd_tls_auth_only = no
smtpd_use_tls = no
smtpd_sasl_auth_enable = yes
smtpd_sasl2_auth_enable = yes
smtpd_sasl_application_name = smtpd
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
content_filter = amavis:[]:10024
smtpd_helo_required = yes
smtpd_client_restrictions =
smtpd_sender_restrictions = reject_non_fqdn_sender, reject_unknown_sender_domain
smtpd_hard_error_limit = 10
smtpd_soft_error_limit = 8


pwcheck_method: auxprop
auxprop_plugin: sql
mech_list: plain login
log_level: 7
sql_engine: mysql
sql_hostnames: localhost
sql_user: someuser
sql_passwd: somepassword
sql_database: postfix
sql_table: mailbox
sql_select: select password from mailbox where username='%u@%r'

When I try and send mail here is what's posted in the logs.


Oct 30 19:08:21 nix postfix/smtpd[21207]: sql plugin create statement from cmusaslsecretPLAIN user
Oct 30 19:08:21 nix postfix/smtpd[21207]: sql plugin doing query select password from mailbox where username='';


Oct 30 19:08:21 nix postfix/smtpd[21207]: warning:]: SASL LOGIN authentication failed: authentication failure
However if I change the /etc/sasl/smtpd.conf to hand off to courier authdaemon as follows:


pwcheck_method: authdaemond
log_level: 7
mech_list: PLAIN LOGIN

I can smtp auth and send mail just fine, but I'm concerned I'm sending the password in plain text and I'm seeing the following in my auth.log


Oct 30 19:35:32 nix postfix/smtpd[21539]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql
Oct 30 20:07:38 nix postfix/smtpd[22761]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

Anyone know what I'm doing wrong, or if it's even possible to do what I'm trying?

All times are GMT -5. The time now is 08:37 AM.