mysql virtual users wont authenticate on postfix/sasl

Issues related to software problems
Post Reply
aioshin
Posts: 28
Joined: 2005/05/30 05:13:28

mysql virtual users wont authenticate on postfix/sasl

Post by aioshin » 2005/06/24 05:41:53

I have installed postfix-courier-imap,mysql,tls,sasl and all is working fine, I followed the guide here http://postfixwiki.org/index.php?title=Virtual_Users_and_Domains_with_Courier-IMAP_and_MySQL, Imap and pop3 works fine, but I am not succesfully able to authenticate those virutal users via smtp, the log says "SASL LOGIN authentication failed" but those local users can authenticate via smtp without any problem... I found out thru googling that there is a package name pam-mysql, is it the one that I need to be installed, but I cant find one for Centos or redhat, can anyone help me on this? TIA

sorry, this was accidentally posted at centos3 forum, whereas , it shold be here.. I just dont know how to transfer so I just repost it here..

hughesjr
Site Admin
Posts: 251
Joined: 2004/12/05 01:51:26
Location: Corpus Christi, Texas, USA
Contact:

mysql virtual users wont authenticate on postfix/sasl

Post by hughesjr » 2005/06/26 20:35:23

There is a mysql-pam here:

i386:
http://centos.karan.org/el4/extras/stable/i386/RPMS/repodata/repoview/pam_mysql-0-0.50-5.html

x86_64:
http://centos.karan.org/el4/extras/stable/x86_64/RPMS/

Setup info for the repo:
http://centos.karan.org/

aioshin
Posts: 28
Joined: 2005/05/30 05:13:28

Re: mysql virtual users wont authenticate on postfix/sasl

Post by aioshin » 2005/06/27 08:36:18

thanks for the info... I already installed pam_mysql, I add the repo to my yum.conf...
but anyway, I still have a problem, how should i do this...?

the pam_mysql readme says:
#-----------------------------------------------------------------------------------------------
auth optional pam_mysql.so user=root passwd=password
account required pam_mysql.so user=root passwd=password

The options that it understands are: Defaults are in ()

user(nobody) -- The user with access to the open the connection to mysql
and has permission to read the table with the passwords.
passwd("") -- Password for the same.
host(localhost) -- Machine that is running the sql server
db(mysql) -- database that contents the table with the user/password combos
table(user) -- table that you want to use for the user/password checking
usercolumn(User) -- column that has the username field
passwdcolumn(password) -- column that has the password field
crypt(0) -- Used to decide to use MySQL's PASSWORD() function or crypt()
0 = No encryption. Passwords in database in plaintext. NOT recommended!
1 = Use crypt
2 = Use MySQL PASSWORD() function
#----------------------------------------------------------------------------------------------



#and Here's my actual config (/etc/pam.d/smtp.postfix)
auth required pam_mysql.so user=postfix passwd=postfix db=postfix table=mailbox usercolumn=username passwdcolumn=password crypt=2
account required pam_mysql.so user=postfix passwd=postfix db=postfix table=mailbox usercolumn=username passwdcolumn=password crypt=2
#----------------------------------------------------------------------------------------------

THe original /etc/pam.d/smtp.postfix
#--------------------------------------------------------------------
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth
#-----------------------------------------------------------------------------------------------


I'd based those info I put on smtp.postfix from my authmysqlrc.
It works fine so I assume that those are correct
#-----------------------------------------------------authmysqlrc
MYSQL_SERVER localhost
MYSQL_USERNAME postfix
MYSQL_PASSWORD postfix
MYSQL_SOCKET /var/lib/mysql/mysql.sock
MYSQL_OPT 0
MYSQL_DATABASE postfix
MYSQL_USER_TABLE mailbox
MYSQL_CRYPT_PWFIELD password
MYSQL_LOGIN_FIELD username
#----------------------------------------------------------------------------------------------


my /usr/lib/sasl/smtpd.conf and /usr/lib/sasl2/smtpd.conf
#-----------------------------------
pwcheck_method: pam
#-----------------------------------


am I missing something here? or what about with my /etc/pam.d/smtp.postfix config....?


here's the var/log/maillog the moment I tried to send message with a certain virtual user
#-------------------------------------------------------------------------------------------
SSL_accept:SSLv3 flush data
Jun 27 16:29:56 localhost postfix/smtpd[3446]: TLS connection established from xbox[2xx.xx.xx.xxx]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Jun 27 16:29:56 localhost postfix/smtpd[3446]: pam_sm_authenticate called.
Jun 27 16:29:56 localhost postfix/smtpd[3446]: dbuser changed.
Jun 27 16:29:56 localhost postfix/smtpd[3446]: dbpasswd changed.
Jun 27 16:29:56 localhost postfix/smtpd[3446]: database changed.
Jun 27 16:29:56 localhost postfix/smtpd[3446]: table changed.
Jun 27 16:29:56 localhost postfix/smtpd[3446]: usercolumn changed.
Jun 27 16:29:56 localhost postfix/smtpd[3446]: passwdcolumn changed.
Jun 27 16:29:56 localhost postfix/smtpd[3446]: crypt changed.
Jun 27 16:29:56 localhost postfix/smtpd[3446]: db_connect called.
Jun 27 16:29:56 localhost postfix/smtpd[3446]: returning 0 .
Jun 27 16:29:56 localhost postfix/smtpd[3446]: db_checkpasswd called.
Jun 27 16:29:56 localhost postfix/smtpd[3446]: pam_mysql: where clause =
Jun 27 16:29:56 localhost postfix/smtpd[3446]: SELECT password FROM mailbox WHERE username='user@mydomain.org'
Jun 27 16:29:56 localhost postfix/smtpd[3446]: returning 7 .
Jun 27 16:29:56 localhost postfix/smtpd[3446]: returning 7 after db_checkpasswd.
Jun 27 16:29:56 localhost postfix/smtpd[3446]: warning: xbox[2xx.xx.xx.xxx]: SASL PLAIN authentication failed
Jun 27 16:29:56 localhost postfix/smtpd[3446]: pam_sm_authenticate called.
Jun 27 16:29:56 localhost postfix/smtpd[3446]: dbuser changed.
Jun 27 16:29:56 localhost postfix/smtpd[3446]: dbpasswd changed.
Jun 27 16:29:56 localhost postfix/smtpd[3446]: database changed.
Jun 27 16:29:56 localhost postfix/smtpd[3446]: table changed.
Jun 27 16:29:56 localhost postfix/smtpd[3446]: usercolumn changed.
Jun 27 16:29:56 localhost postfix/smtpd[3446]: passwdcolumn changed.
Jun 27 16:29:56 localhost postfix/smtpd[3446]: crypt changed.
Jun 27 16:29:56 localhost postfix/smtpd[3446]: db_connect called.
Jun 27 16:29:56 localhost postfix/smtpd[3446]: returning 0 .
Jun 27 16:29:56 localhost postfix/smtpd[3446]: db_checkpasswd called.
Jun 27 16:29:56 localhost postfix/smtpd[3446]: pam_mysql: where clause =
Jun 27 16:29:56 localhost postfix/smtpd[3446]: SELECT password FROM mailbox WHERE username='user@mydomain.org'
Jun 27 16:29:56 localhost postfix/smtpd[3446]: returning 7 .
Jun 27 16:29:56 localhost postfix/smtpd[3446]: returning 7 after db_checkpasswd.
Jun 27 16:29:56 localhost postfix/smtpd[3446]: warning: xbox[2xx.xx.xx.xxx]: SASL LOGIN authentication failed
Jun 27 16:30:00 localhost postfix/smtpd[3446]: pam_sm_authenticate called.
Jun 27 16:30:00 localhost postfix/smtpd[3446]: dbuser changed.
Jun 27 16:30:00 localhost postfix/smtpd[3446]: dbpasswd changed.
Jun 27 16:30:00 localhost postfix/smtpd[3446]: database changed.
Jun 27 16:30:00 localhost postfix/smtpd[3446]: table changed.
Jun 27 16:30:00 localhost postfix/smtpd[3446]: usercolumn changed.
Jun 27 16:30:00 localhost postfix/smtpd[3446]: passwdcolumn changed.
Jun 27 16:30:00 localhost postfix/smtpd[3446]: crypt changed.
Jun 27 16:30:00 localhost postfix/smtpd[3446]: db_connect called.
Jun 27 16:30:00 localhost postfix/smtpd[3446]: returning 0 .
Jun 27 16:30:00 localhost postfix/smtpd[3446]: db_checkpasswd called.
Jun 27 16:30:00 localhost postfix/smtpd[3446]: pam_mysql: where clause =
Jun 27 16:30:00 localhost postfix/smtpd[3446]: SELECT password FROM mailbox WHERE username='user@mydomain.org'
Jun 27 16:30:00 localhost postfix/smtpd[3446]: returning 7 .
Jun 27 16:30:00 localhost postfix/smtpd[3446]: returning 7 after db_checkpasswd.
Jun 27 16:30:00 localhost postfix/smtpd[3446]: warning: xbox[2xx.xx.xx.xxx]: SASL PLAIN authentication failed
Jun 27 16:30:01 localhost postfix/smtpd[3446]: pam_sm_authenticate called.
Jun 27 16:30:01 localhost postfix/smtpd[3446]: dbuser changed.
Jun 27 16:30:01 localhost postfix/smtpd[3446]: dbpasswd changed.
Jun 27 16:30:01 localhost postfix/smtpd[3446]: database changed.
Jun 27 16:30:01 localhost postfix/smtpd[3446]: table changed.
Jun 27 16:30:01 localhost postfix/smtpd[3446]: usercolumn changed.
Jun 27 16:30:01 localhost postfix/smtpd[3446]: passwdcolumn changed.
Jun 27 16:30:01 localhost postfix/smtpd[3446]: crypt changed.
Jun 27 16:30:01 localhost postfix/smtpd[3446]: db_connect called.
Jun 27 16:30:01 localhost postfix/smtpd[3446]: returning 0 .
Jun 27 16:30:01 localhost postfix/smtpd[3446]: db_checkpasswd called.
Jun 27 16:30:01 localhost postfix/smtpd[3446]: pam_mysql: where clause =
Jun 27 16:30:01 localhost postfix/smtpd[3446]: SELECT password FROM mailbox WHERE username='user@mydomain.org'
Jun 27 16:30:01 localhost postfix/smtpd[3446]: returning 7 .
Jun 27 16:30:01 localhost postfix/smtpd[3446]: returning 7 after db_checkpasswd.
Jun 27 16:30:01 localhost postfix/smtpd[3446]: warning: xbox[2xx.xx.xx.xxx]: SASL LOGIN authentication failed
Jun 27 16:30:05 localhost postfix/smtpd[3446]: lost connection after AUTH from xbox[2xx.xx.xx.xxx]
Jun 27 16:30:05 localhost postfix/smtpd[3446]: disconnect from xbox[2xx.xx.xx.xxx]
#-----------------------------------------------------------------------------------------------------------------


what else should I do next....?

I really appreciate your help and input...

TIA

aioshin
Posts: 28
Joined: 2005/05/30 05:13:28

Re: mysql virtual users wont authenticate on postfix/sasl [solved]

Post by aioshin » 2005/06/27 09:22:59

I got it.....

in my [quote]#and Here's my actual config (/etc/pam.d/smtp.postfix)
auth required pam_mysql.so user=postfix passwd=postfix db=postfix table=mailbox usercolumn=username passwdcolumn=password crypt=2
account required pam_mysql.so user=postfix passwd=postfix db=postfix table=mailbox usercolumn=username passwdcolumn=password crypt=2
#----------------------------------------------------------------------------------------------[/quote]

where crypt=2, i just chage it to 1, and it works, am now able to authenticate my virtual users's email tru smtp-sasl/tls...


thanks and cheers! :pint:

Post Reply

Return to “CentOS 4 - Software Support”