SASL + Postfix strangeness
Michael Laccetti
michael at s2g-limited.com
Mon Oct 3 18:59:09 EDT 2005
The real configuration or the real log entry? Those are the "real" things. Am
I missing something?
-----Original Message-----
From: cyrus-sasl-bounces at lists.andrew.cmu.edu
[mailto:cyrus-sasl-bounces at lists.andrew.cmu.edu] On Behalf Of Andreas Winkelmann
Sent: October 3, 2005 03:13
To: cyrus-sasl at lists.andrew.cmu.edu
Subject: Re: SASL + Postfix strangeness
Am Monday 03 October 2005 01:11 schrieb Michael Laccetti:
> I'm busy trying to setup a Postfix server that uses SASL to
> authenticate users against a MySQL database. Postfix is configured
> properly, and I believe that SASL is as well.
>
> My smtpd.conf file:
> log_level: 3
> pwcheck_method: auxprop
> mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
> auxprop_plugin: sql
> sql_engine: mysql
> sql_hostnames: localhost
> sql_database: postfix
> sql_user: postfix
> sql_passwd: ------------
> sql_select: SELECT userPass FROM users WHERE username='%u' AND
> userrealm='%r' AND auth='1'
> sql_usessl: no
"...SELECT userPass FROM..."
> Whenever I attempt to authenticate myself, Postfix outputs the following:
> warning: SASL authentication failure: Password verification failed.
> So, I went and checked the auth logs. And that's when I noticed
> something strange. The sql_select statement is being populated in a strange
manner.
> Here is a sample: sql plugin doing query SELECT userPassword FROM
> users WHERE username='mail.example.com' AND
> userrealm='mail.codeogre.com' AND auth='1';
"...SELECT userPassword FROM..."
Either show us the real Configuration or the real Log-Entry.
> Apparently %u is being replaced with the realm, and not the username.
> How is that possible? Any ideas as to fixing this?
--
Andreas
--
------------------------ [ SECURITY NOTICE ]
------------------------
To: cyrus-sasl at lists.andrew.cmu.edu.
For your security, michael at s2g-limited.com
digitally signed this message on 03 October 2005 at 22:56:59 UTC.
Verify this digital signature at http://www.ciphire.com/verify.
------------------- [ CIPHIRE DIGITAL SIGNATURE ]
-------------------
Q2lwaGlyZSBTaWcuAjhjeXJ1cy1zYXNsQGxpc3RzLmFuZHJldy5jbXUuZWR1AG1pY2hhZ
WxAczJnLWxpbWl0ZWQuY29tAGVtYWlsIGJvZHkAlwUAAHwAfAAAAAEAAAA7t0FDlwUAAI
8CAAIAAgACACCF2JwL8FSZ12JHjaqi4keWch0Su1tLYkwGHFe6dbl/JgEAMU5HZi3bbCG
zHuBROgacg8f7vXlTdFsqED3Fgplg8g8I+os2+P9536RYF/ij2bc66H7b9TQAFsWff/Ke
wz38dr2ypwHUU2lnRW5k
--------------------- [ END DIGITAL SIGNATURE ]
---------------------
More information about the Cyrus-sasl
mailing list