SASL authentication failures with SQL
Gerard Seibert
gerard at seibercom.net
Sat Nov 18 12:55:25 EST 2006
On Saturday 18 November 2006 11:55, Jason Dixon wrote:
> I'm building a new mailserver and am using Postfix with Cyrus-SASL's
> auxprop/sql mechanism. Passwords are stored via PostfixAdmin's md5
> in a MySQL table. When testing this configuration, I keep getting
> authentication failures. When I test with Thunderbird, I see the
> following:
>
> Nov 18 11:25:19 colo2 postfix/smtpd[29465]: warning: SASL
> authentication failure: no secret in database
> Nov 18 11:25:19 colo2 postfix/smtpd[29465]: warning: x.x.x.x: SASL
> CRAM-MD5 authentication failed: authentication failure
>
>
> And for OS X Mail.app, I see this:
>
> Nov 18 11:47:54 colo2 postfix/smtpd[5306]: warning: SASL
> authentication failure: Password verification failed
> Nov 18 11:47:54 colo2 postfix/smtpd[5306]: warning: x.x.x.x: SASL
> PLAIN authentication failed: authentication failure
>
>
> I've confirmed that Postfix/SASL are making a connection to the
> database, but have no other debugging information. I have no
> problems pulling the hashed password out of the table using the
> sql_select statement and the assigned authentication parameters.
> I've bumped up log_level, but that seems to have no effect. Here is
> my smtpd.conf file:
>
> pwcheck_method: auxprop
> auxprop_plugin: sql
> mech_list: plain cram-md5 digest-md5
> log_level: 5
> sql_engine: mysql
> sql_verbose: yes
> sql_hostnames: 127.0.0.1
> sql_user: postfix
> sql_passwd: postfix
> sql_database: postfix
> sql_select: SELECT password FROM mailbox WHERE username = '%u'
>
>
> And here is the MySQL table, with a sample query demonstrating the
> password format.
>
> $ mysql -h 127.0.0.1 -u postfix -p postfix
> Enter password:
> Welcome to the MySQL monitor. Commands end with ; or \g.
> Your MySQL connection id is 1924 to server version: 5.0.24a
>
> Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
>
> mysql> describe mailbox;
> +----------+--------------+------+-----+---------------------+-------+
>
> | Field | Type | Null | Key | Default | Extra |
>
> +----------+--------------+------+-----+---------------------+-------+
>
> | username | varchar(255) | NO | PRI | | |
> | password | varchar(255) | NO | | | |
> | name | varchar(255) | NO | | | |
> | maildir | varchar(255) | NO | | | |
> | quota | int(10) | NO | | -1 | |
> | domain | varchar(255) | NO | | | |
> | created | datetime | NO | | 0000-00-00 00:00:00 | |
> | modified | datetime | NO | | 0000-00-00 00:00:00 | |
> | active | tinyint(4) | NO | | 1 | |
>
> +----------+--------------+------+-----+---------------------+-------+
> 9 rows in set (0.00 sec)
>
> mysql> select password from mailbox limit 1;
> +------------------------------------+
>
> | password |
>
> +------------------------------------+
>
> | $1$5fffa3c6$L4.fk2NN25zQR/X8wehsO1 |
>
> +------------------------------------+
> 1 row in set (0.01 sec)
>
>
> Any idea why I'm getting these errors?
Just out of curiosity, have your tried the Postfix forum regarding this
problem? IMHO, that seems to be where you should be seeking assistance.
postfix-users at postfix.org
List-Subscribe: <mailto:majordomo at postfix.org>
--
Gerard
gerard at seibercom.net
" ... I told my doctor I got all the exercise I needed being a
pallbearer for all my friends who run and do exercises!"
Winston Churchill
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : https://lists.andrew.cmu.edu/mailman/private/cyrus-sasl/attachments/20061118/25d54001/attachment.bin
More information about the Cyrus-sasl
mailing list