Cyrus-sasl + postfix + postgresql problem.

Patrick Ben Koetter p at state-of-mind.de
Sun Jun 21 06:19:29 EDT 2009


* Rafał Radecki <radecki.rafal at gmail.com>:
> Hi all. I'm currently installing an smtp server on CentOS 5.3. Part of it is
> to use PostgreSQL backend to store virtual users/domains/aliases/passwords
> and of course to use it for SASL authentication. My
> /usr/lib/sasl2/smtpd.conf file:
> 
> pwdcheck_method: auxprop

Typo! Must be:

pwcheck_method: auxprop

> sql_engine: pgsql
> sql_user: postfix
> sql_passwd: some_password
> sql_hostnames: localhost
> sql_database: postfix
> sql_select: SELECT password FROM mailbox WHERE username='%u@%r'
> mech_list: login plain

You could expand that to "login plain digest-md5 ntlm" if you have the
appropriate mechanisms installed.

> log_level: 4
> 
> My /etc/postfix/main.cf:
> 
> smtpd_sasl_auth_enable = yes
> broken_sasl_auth_clients = yes
> smtpd_sasl_local_domain = $mydomain
> smtpd_sasl_security_options = noanonymous
> smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated,
> \
> reject_unauth_destination
> 
> virtual_alias_maps = pgsql:/etc/postfix/pgsql_virtual_alias_maps.cf
> virtual_alias_domains = $virtual_alias_maps
> virtual_uid_maps = static:1004
> virtual_gid_maps = static:1004
> virtual_mailbox_base = /var/spool/mail/virtual
> virtual_mailbox_domains = pgsql:/etc/postfix/pgsql_virtual_domains_maps.cf
> virtual_mailbox_maps = pgsql:/etc/postfix/pgsql_virtual_mailbox_maps.cf
> #virtual_mailbox_limit = 51200000
> transport_maps = pgsql:/etc/postfix/pgsql_transport.cf
> 
> I use that line to insert a record to the PostgreSQL base:
> 
> postfix=>INSERT INTO mailbox(username, password, name, maildir)
> postfix->VALUES('rr at example.com','password','description','rr at example.com/'<http://rr@example.com/%27>
> );
> 
> But when i try to send mail through my server i get the following errors in
> /var/log/maillog:
> 
> warning: SASL authenticatin problem: unable to open db etc/sasldb2: no such
> file or directory

That's because of your typo. It can't find the pwcheck_method and falls back
to sasldb.


p at rick

-- 
All technical answers asked privately will be automatically answered on
the list and archived for public access unless privacy is explicitely
required and justified.

saslfinger (debugging SMTP AUTH):
<http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>


More information about the Cyrus-sasl mailing list