sasl not working

Issac Kelly Thu, 16 Oct 2008 07:21:02 -0700

SASL is not working with mysql

#saslfinger -c
saslfinger - postfix Cyrus sasl configuration Thu Oct 16 07:09:52 PDT 2008
version: 1.0.2
mode: client-side SMTP AUTH


-- basics --
Postfix: 2.5.1
System: Ubuntu 8.04 \n \l

-- smtp is linked to --
    libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x00c8e000)

-- active SMTP AUTH and TLS parameters for smtp --
smtp_tls_note_starttls_offer = yes


-- listing of /usr/lib/sasl2 --
total 824
drwxr-xr-x  2 root root  4096 2008-10-15 18:02 .
drwxr-xr-x 55 root root 12288 2008-10-15 18:04 ..
-rw-r--r--  1 root root 13568 2008-04-09 14:50 libanonymous.a
-rw-r--r--  1 root root   862 2008-04-09 14:49 libanonymous.la
-rw-r--r--  1 root root 12984 2008-04-09 14:50 libanonymous.so
-rw-r--r--  1 root root 12984 2008-04-09 14:50 libanonymous.so.2
-rw-r--r--  1 root root 12984 2008-04-09 14:50 libanonymous.so.2.0.22
-rw-r--r--  1 root root 15834 2008-04-09 14:50 libcrammd5.a
-rw-r--r--  1 root root   848 2008-04-09 14:49 libcrammd5.la
-rw-r--r--  1 root root 15320 2008-04-09 14:50 libcrammd5.so
-rw-r--r--  1 root root 15320 2008-04-09 14:50 libcrammd5.so.2
-rw-r--r--  1 root root 15320 2008-04-09 14:50 libcrammd5.so.2.0.22
-rw-r--r--  1 root root 46332 2008-04-09 14:50 libdigestmd5.a
-rw-r--r--  1 root root   871 2008-04-09 14:49 libdigestmd5.la
-rw-r--r--  1 root root 43020 2008-04-09 14:50 libdigestmd5.so
-rw-r--r--  1 root root 43020 2008-04-09 14:50 libdigestmd5.so.2
-rw-r--r--  1 root root 43020 2008-04-09 14:50 libdigestmd5.so.2.0.22
-rw-r--r--  1 root root 13574 2008-04-09 14:50 liblogin.a
-rw-r--r--  1 root root   842 2008-04-09 14:49 liblogin.la
-rw-r--r--  1 root root 13268 2008-04-09 14:50 liblogin.so
-rw-r--r--  1 root root 13268 2008-04-09 14:50 liblogin.so.2
-rw-r--r--  1 root root 13268 2008-04-09 14:50 liblogin.so.2.0.22
-rw-r--r--  1 root root 30016 2008-04-09 14:50 libntlm.a
-rw-r--r--  1 root root   836 2008-04-09 14:49 libntlm.la
-rw-r--r--  1 root root 29236 2008-04-09 14:50 libntlm.so
-rw-r--r--  1 root root 29236 2008-04-09 14:50 libntlm.so.2
-rw-r--r--  1 root root 29236 2008-04-09 14:50 libntlm.so.2.0.22
-rw-r--r--  1 root root 13798 2008-04-09 14:50 libplain.a
-rw-r--r--  1 root root   842 2008-04-09 14:49 libplain.la
-rw-r--r--  1 root root 13396 2008-04-09 14:50 libplain.so
-rw-r--r--  1 root root 13396 2008-04-09 14:50 libplain.so.2
-rw-r--r--  1 root root 13396 2008-04-09 14:50 libplain.so.2.0.22
-rw-r--r--  1 root root 22126 2008-04-09 14:50 libsasldb.a
-rw-r--r--  1 root root   873 2008-04-09 14:49 libsasldb.la
-rw-r--r--  1 root root 18080 2008-04-09 14:50 libsasldb.so
-rw-r--r--  1 root root 18080 2008-04-09 14:50 libsasldb.so.2
-rw-r--r--  1 root root 18080 2008-04-09 14:50 libsasldb.so.2.0.22
-rw-r--r--  1 root root 23796 2008-09-01 10:10 libsql.a
-rw-r--r--  1 root root   875 2008-10-15 18:01 libsql.la
-rw-r--r--  1 root root   964 2008-09-01 10:09 libsql.la.old
-rw-r--r--  1 root root 21348 2008-10-15 18:00 libsql.so
-rw-r--r--  1 root root 21348 2008-10-15 18:00 libsql.so.2
-rw-r--r--  1 root root 21348 2008-10-15 18:00 libsql.so.2.0.19
-rw-r--r--  1 root root 23312 2008-09-01 10:10 libsql.so.2.0.22
-rw-r--r--  1 root root   278 2008-10-15 17:47 smtpd.conf


Cannot find the smtp_sasl_password_maps parameter in main.cf.
Client-side SMTP AUTH cannot work without this parameter!

# postconf -n
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = amavis:[127.0.0.1]:10024
debug_peer_list = 127.0.0.1, 68.59.9.16
delay_warning_time = 4h
disable_vrfy_command = yes
inet_interfaces = all
local_recipient_maps =
mailbox_size_limit = 0
maximal_backoff_time = 8000s
maximal_queue_lifetime = 7d
minimal_backoff_time = 1000s
mydestination =
mydomain = servee.com
myhostname = ec2-75-101-148-70.compute-1.amazonaws.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mynetworks_style = host
myorigin = $mydomain
readme_directory = no
recipient_delimiter = +
smtp_helo_timeout = 60s
smtp_tls_note_starttls_offer = yes
smtpd_banner = Servee SMTP ESMTP
smtpd_client_restrictions = reject_rbl_client sbl.spamhaus.org,
reject_rbl_client blackholes.easynet.nl, reject_rbl_client
dnsbl.njabl.org
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_delay_reject = yes
smtpd_hard_error_limit = 12
smtpd_helo_required = yes
smtpd_helo_restrictions = warn_if_reject reject_non_fqdn_hostname,
reject_invalid_hostname, permit
smtpd_recipient_limit = 16
smtpd_recipient_restrictions = reject_unauth_pipelining,
permit_mynetworks, permit_sasl_authenticated,
reject_non_fqdn_recipient, reject_unknown_recipient_domain,
reject_unauth_destination, check_policy_service inet:127.0.0.1:60000,
permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = permit_sasl_authenticated,
permit_mynetworks, warn_if_reject reject_non_fqdn_sender,
reject_unknown_sender_domain, reject_unauth_pipelining, permit
smtpd_soft_error_limit = 3
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/postfix/postfix.cert
smtpd_tls_key_file = /etc/postfix/postfix.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = no
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 450
virtual_alias_maps = mysql:/etc/postfix/mysql_alias.cf
virtual_gid_maps = mysql:/etc/postfix/mysql_gid.cf
virtual_mailbox_base = /mnt/spool/mail/virtual
virtual_mailbox_domains = mysql:/etc/postfix/mysql_domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_mailbox.cf
virtual_uid_maps = mysql:/etc/postfix/mysql_uid.cf

and
# more /etc/postfix/sasl/smtpd.conf
auxprop_plugin: sql
mech_list: plain login cram-md5 digest-md5
sql_engine: mysql
sql_hostnames: 127.0.0.1
sql_user: mail
sql_passwd: mailasaur33$323
sql_database: maildb
sql_select: select clear from users where id='[EMAIL PROTECTED]' and enabled = 1
sql_verbose: true
log_level: 7

SASL is not connecting to the mysql database.
 in /var/log/auth.log
Oct 16 07:06:41 postfix/smtpd[2027]: sql auxprop plugin using mysql engine

and mysql is set to log all queries but these queries from the same
time are from Postfix trying to deliver mail, not from SASL trying to
authenticate a user.
                    333 Quit
081016  7:04:53     334 Connect     [EMAIL PROTECTED] on maildb
                    334 Query       SELECT destination FROM aliases WHERE
mail='csc.com' and enabled = 1
                    335 Connect     [EMAIL PROTECTED] on maildb
                    335 Query       SELECT domain FROM domains WHERE
domain='csc.com' and enabled = 1
                    334 Query       SELECT destination FROM aliases WHERE
mail='threefound.com' and enabled = 1
                    335 Query       SELECT domain FROM domains WHERE
domain='threefound.com' and enabled = 1
081016  7:06:41     336 Connect     [EMAIL PROTECTED] on maildb
                    336 Query       SELECT destination FROM aliases WHERE
mail='yahoo.com' and enabled = 1
                    337 Connect     [EMAIL PROTECTED] on maildb
                    337 Query       SELECT domain FROM domains WHERE
domain='yahoo.com' and enabled = 1

Saslfinger seems to think that I need a password maps file, but the
documentation I read said that was optional.

I'm very confused by this whole ordeal.  Are there any mail servers
that are easier to administer?

sasl not working

Reply via email to