Patrick, --- > -- content of /usr/lib/sasl2/smtpd.conf -- > log_level: 7 > pwcheck_method: auxprop > #pwcheck_method: pam > auxprop_plugin: sql > mech_list: plain login cram-md5 digest-md5 > sql_engine: mysql > sql_hostnames: 127.0.0.1 > sql_user: --- replaced --- > sql_passwd: --- replaced --- > sql_database: postfix > sql_select: select password from smtp_auth_users where username='%u' and status='true' > # @%r This one looks almost good, but it's at the wrong location. --- I have this conf at the right place in /etc/postfix/sasl, but, when I use the configuration to use the sql plugin, postfix tells me the info below: --- Oct 23 23:04:23 lira postfix/smtpd[10999]: SASL authentication debug: could not find auxprop plugin, was searching for 'sql' --- -----Original Message----- From: cyrus-sasl-bounces@xxxxxxxxxxxxxxxxxxxx [mailto:cyrus-sasl-bounces@xxxxxxxxxxxxxxxxxxxx] On Behalf Of Patrick Ben Koetter Sent: sexta-feira, 26 de Outubro de 2007 8:20 To: cyrus-sasl@xxxxxxxxxxxxxxxxxxxx Subject: Re: No SQL module found * Jorge Bastos <mysql.jorge@xxxxxxxxxx>: > Ops sorry, > > --- > lira:~# saslfinger -s > saslfinger - postfix Cyrus sasl configuration Thu Oct 25 22:33:25 WEST 2007 > version: 1.0.2 > mode: server-side SMTP AUTH > > -- basics -- > Postfix: 2.4.6 > System: Debian GNU/Linux lenny/sid \n \l > > -- smtpd is linked to -- > libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7cd5000) > > -- active SMTP AUTH and TLS parameters for smtpd -- > broken_sasl_auth_clients = yes > smtpd_sasl_auth_enable = yes > smtpd_sasl_local_domain = lira Is "lira" the FQDN-hostname? What do your SQL users login names look like? localpart@domainpart? > smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem > smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key > smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache > smtpd_use_tls = yes Turn off TLS while you test. You don't want your client to start a TLS session you can't look into. > -- listing of /usr/lib/sasl2 -- > total 786 > drwxr-xr-x 2 root root 1424 2007-10-24 13:47 . > drwxr-xr-x 52 root root 17728 2007-10-25 10:09 .. > -rw-r--r-- 1 root root 13312 2007-10-20 21:11 libanonymous.a > -rw-r--r-- 1 root root 855 2007-10-20 21:11 libanonymous.la > -rw-r--r-- 1 root root 12824 2007-10-20 21:11 libanonymous.so > -rw-r--r-- 1 root root 12824 2007-10-20 21:11 libanonymous.so.2 > -rw-r--r-- 1 root root 12824 2007-10-20 21:11 libanonymous.so.2.0.22 > -rw-r--r-- 1 root root 15482 2007-10-20 21:11 libcrammd5.a > -rw-r--r-- 1 root root 841 2007-10-20 21:11 libcrammd5.la > -rw-r--r-- 1 root root 15000 2007-10-20 21:11 libcrammd5.so > -rw-r--r-- 1 root root 15000 2007-10-20 21:11 libcrammd5.so.2 > -rw-r--r-- 1 root root 15000 2007-10-20 21:11 libcrammd5.so.2.0.22 > -rw-r--r-- 1 root root 45092 2007-10-20 21:11 libdigestmd5.a > -rw-r--r-- 1 root root 864 2007-10-20 21:11 libdigestmd5.la > -rw-r--r-- 1 root root 41932 2007-10-20 21:11 libdigestmd5.so > -rw-r--r-- 1 root root 41932 2007-10-20 21:11 libdigestmd5.so.2 > -rw-r--r-- 1 root root 41932 2007-10-20 21:11 libdigestmd5.so.2.0.22 > -rw-r--r-- 1 root root 13462 2007-10-20 21:11 liblogin.a > -rw-r--r-- 1 root root 835 2007-10-20 21:11 liblogin.la > -rw-r--r-- 1 root root 13300 2007-10-20 21:11 liblogin.so > -rw-r--r-- 1 root root 13300 2007-10-20 21:11 liblogin.so.2 > -rw-r--r-- 1 root root 13300 2007-10-20 21:11 liblogin.so.2.0.22 > -rw-r--r-- 1 root root 28820 2007-10-20 21:11 libntlm.a > -rw-r--r-- 1 root root 829 2007-10-20 21:11 libntlm.la > -rw-r--r-- 1 root root 28276 2007-10-20 21:11 libntlm.so > -rw-r--r-- 1 root root 28276 2007-10-20 21:11 libntlm.so.2 > -rw-r--r-- 1 root root 28276 2007-10-20 21:11 libntlm.so.2.0.22 > -rw-r--r-- 1 root root 13686 2007-10-20 21:11 libplain.a > -rw-r--r-- 1 root root 835 2007-10-20 21:11 libplain.la > -rw-r--r-- 1 root root 13460 2007-10-20 21:11 libplain.so > -rw-r--r-- 1 root root 13460 2007-10-20 21:11 libplain.so.2 > -rw-r--r-- 1 root root 13460 2007-10-20 21:11 libplain.so.2.0.22 > -rw-r--r-- 1 root root 21594 2007-10-20 21:11 libsasldb.a > -rw-r--r-- 1 root root 856 2007-10-20 21:11 libsasldb.la > -rw-r--r-- 1 root root 18028 2007-10-20 21:11 libsasldb.so > -rw-r--r-- 1 root root 18028 2007-10-20 21:11 libsasldb.so.2 > -rw-r--r-- 1 root root 18028 2007-10-20 21:11 libsasldb.so.2.0.22 > -rw-r--r-- 1 root root 23456 2007-10-20 21:11 libsql.a > -rw-r--r-- 1 root root 964 2007-10-20 21:11 libsql.la > -rw-r--r-- 1 root root 22996 2007-10-20 21:11 libsql.so > -rw-r--r-- 1 root root 22996 2007-10-20 21:11 libsql.so.2 > -rw-r--r-- 1 root root 22996 2007-10-20 21:11 libsql.so.2.0.22 > -rw-r--r-- 1 root root 330 2007-08-25 13:55 smtpd.conf okay > -- listing of /etc/postfix/sasl -- > total 13 > drwxr-xr-x 2 root root 160 2007-10-23 23:07 . > drwxr-xr-x 3 root root 688 2007-10-24 13:54 .. > -rw-r--r-- 1 root root 117 2005-11-20 20:02 como_criar_certificado_ssl > -rw-r--r-- 1 root root 381 2007-10-23 23:07 smtpd.conf > -rw-r--r-- 1 root root 349 2007-08-25 19:43 smtpd.conf_ori okay > -- content of /usr/lib/sasl2/smtpd.conf -- > log_level: 7 > pwcheck_method: auxprop > #pwcheck_method: pam > auxprop_plugin: sql > mech_list: plain login cram-md5 digest-md5 > sql_engine: mysql > sql_hostnames: 127.0.0.1 > sql_user: --- replaced --- > sql_passwd: --- replaced --- > sql_database: postfix > sql_select: select password from smtp_auth_users where username='%u' and status='true' > # @%r This one looks almost good, but it's at the wrong location. > -- content of /etc/postfix/sasl/smtpd.conf -- > #saslauthd_path: /var/run/saslauthd/mux > #log_level: 7 > pwcheck_method: auxprop > auxprop_plugin: sasldb > #auxprop_plugin: sql > mech_list: plain login cram-md5 digest-md5 > > #sql_engine: mysql > #sql_hostnames: 127.0.0.1 > sql_user: --- replaced --- > sql_passwd: --- replaced --- > #sql_database: postfix > #sql_select: select password from smtp_auth_users where username='%u' and status='true' > # @%r This one works for sasldb only. Copy /usr/lib/sasl2/smtpd.conf to /etc/postfix/sasl/smtpd.conf and change $sql_hostnames to get a TCP connection like this: sql_hostnames: localhost If you use localhost the mysql client will attemt a TCP connection. If you use 127.0.0.1 it will try to connect using a UNIX domain socket. At least that's what I have been told... > -- active services in /etc/postfix/master.cf -- > # service type private unpriv chroot wakeup maxproc command + args > # (yes) (yes) (yes) (never) (100) > > > > > scan unix - - n - 16 smtp -o smtp_send_xforward_command=yes 16 Processes? You must have a powerful machine sitting there. Usually 2 - 10 processes is normal. > 127.0.0.1:10025 inet n - n - 16 smtpd These process numbers you can open up. > -o content_filter= > -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks > -o smtpd_helo_restrictions= > -o smtpd_client_restrictions= > -o smtpd_sender_restrictions= > -o smtpd_recipient_restrictions=permit_mynetworks,reject > -o mynetworks_style=host > -o smtpd_authorized_xforward_hosts=127.0.0.0/8 > > > dbmail-lmtp unix - - n - - lmtp -o disable_dns_lookups=yes > > > smtp inet n - n - - smtpd -o content_filter=spamfilter: > > spamfilter unix - n n - - pipe flags=Rq user=spamfilter argv=/usr/bin/postfixfilter -f ${sender} -- ${recipient} > > > pickup fifo n - - 60 1 pickup > cleanup unix n - - - 0 cleanup > qmgr fifo n - - 300 1 qmgr > > tlsmgr unix - - - 1000? 1 tlsmgr > rewrite unix - - - - - trivial-rewrite > bounce unix - - - - 0 bounce > defer unix - - - - 0 bounce > trace unix - - - - 0 bounce > verify unix - - - - 1 verify > flush unix n - - 1000? 0 flush > proxymap unix - - n - - proxymap > smtp unix - - - - - smtp > relay unix - - - - - smtp > -o fallback_relay= > showq unix n - - - - showq > error unix - - - - - error > discard unix - - - - - discard > local unix - n n - - local > virtual unix - n n - - virtual > lmtp unix - - - - - lmtp > anvil unix - - - - 1 anvil > scache unix - - - - 1 scache > maildrop unix - n n - - pipe > flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient} > uucp unix - n n - - pipe > flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) > ifmail unix - n n - - pipe > flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) > bsmtp unix - n n - - pipe > flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient > scalemail-backend unix - n n - 2 pipe > flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} > mailman unix - - n - - pipe > flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py > ${nexthop} ${user} > > -- mechanisms on localhost -- > 250-AUTH CRAM-MD5 DIGEST-MD5 LOGIN PLAIN > 250-AUTH=CRAM-MD5 DIGEST-MD5 LOGIN PLAIN This looks good. p@rick -- The Book of Postfix <http://www.postfix-book.com> saslfinger (debugging SMTP AUTH): <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
