SASL + Postfix strangeness

Michael Laccetti michael at s2g-limited.com
Mon Oct 3 18:59:09 EDT 2005


The real configuration or the real log entry?  Those are the "real" things.  Am
I missing something? 

-----Original Message-----
From: cyrus-sasl-bounces at lists.andrew.cmu.edu
[mailto:cyrus-sasl-bounces at lists.andrew.cmu.edu] On Behalf Of Andreas Winkelmann
Sent: October 3, 2005 03:13
To: cyrus-sasl at lists.andrew.cmu.edu
Subject: Re: SASL + Postfix strangeness

Am Monday 03 October 2005 01:11 schrieb Michael Laccetti:

> I'm busy trying to setup a Postfix server that uses SASL to 
> authenticate users against a MySQL database.  Postfix is configured 
> properly, and I believe that SASL is as well.
>
> My smtpd.conf file:
> log_level: 3
> pwcheck_method: auxprop
> mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
> auxprop_plugin: sql
> sql_engine: mysql
> sql_hostnames: localhost
> sql_database: postfix
> sql_user: postfix
> sql_passwd: ------------
> sql_select: SELECT userPass FROM users WHERE username='%u' AND 
> userrealm='%r' AND auth='1'
> sql_usessl: no

"...SELECT userPass FROM..."

> Whenever I attempt to authenticate myself, Postfix outputs the following:
> warning: SASL authentication failure: Password verification failed.  
> So, I went and checked the auth logs.  And that's when I noticed 
> something strange.  The sql_select statement is being populated in a strange
manner.
> Here is a sample: sql plugin doing query SELECT userPassword FROM 
> users WHERE username='mail.example.com' AND 
> userrealm='mail.codeogre.com' AND auth='1';

"...SELECT userPassword FROM..."

Either show us the real Configuration or the real Log-Entry.

> Apparently %u is being replaced with the realm, and not the username.  
> How is that possible?  Any ideas as to fixing this?

-- 
	Andreas



-- 
------------------------ [ SECURITY NOTICE ]
------------------------
To: cyrus-sasl at lists.andrew.cmu.edu.
For your security, michael at s2g-limited.com
digitally signed this message on 03 October 2005 at 22:56:59 UTC.
Verify this digital signature at http://www.ciphire.com/verify.
------------------- [ CIPHIRE DIGITAL SIGNATURE ]
-------------------
Q2lwaGlyZSBTaWcuAjhjeXJ1cy1zYXNsQGxpc3RzLmFuZHJldy5jbXUuZWR1AG1pY2hhZ
WxAczJnLWxpbWl0ZWQuY29tAGVtYWlsIGJvZHkAlwUAAHwAfAAAAAEAAAA7t0FDlwUAAI
8CAAIAAgACACCF2JwL8FSZ12JHjaqi4keWch0Su1tLYkwGHFe6dbl/JgEAMU5HZi3bbCG
zHuBROgacg8f7vXlTdFsqED3Fgplg8g8I+os2+P9536RYF/ij2bc66H7b9TQAFsWff/Ke
wz38dr2ypwHUU2lnRW5k
--------------------- [ END DIGITAL SIGNATURE ]
---------------------




More information about the Cyrus-sasl mailing list