Loading ...
Sorry, an error occurred while loading the content.

Postfix / Sasl Authentication Issue

Expand Messages
  • erol@diabolic.ca
    Before I begin, yes I have checked for others having this problem. However none of what I ve found has solved the problems I ve encountered. The issue this.
    Message 1 of 3 , Feb 1 9:31 AM
    • 0 Attachment
      Before I begin, yes I have checked for others having this problem.
      However none of what I've found has solved the problems I've
      encountered.

      The issue this. I'm trying to make postfix+sasl authenticate
      against a mysql database which already has all the necessary
      usernames and passwords. The goal of this is to allow anyone who
      authenticates to use the machine as an outbound mail relay.

      When I try and authenticate and send test messages I receive the
      following error:

      postfix/smtpd[16262]: sql_select option missing
      postfix/smtpd[16262]: auxpropfunc error no mechanism available
      postfix/smtpd[16262]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

      However I have the following info in my smtpd.conf file:

      sasl_pwcheck_method: auxprop
      sasl_auxprop_plugin: mysql
      mysql_user: postfix
      mysql_passwd: xxxxx
      mysql_hostnames: localhost
      mysql_database: db_name
      mysql_statement: SELECT user,pass FROM members WHERE user = '%u'
      mysql_verbose: yes

      My main.cf looks like:
      (Ive stripped it down until I get it to work)

      myhostname = server.domain.tld
      alias_maps = hash:/etc/aliases
      alias_database = hash:/etc/aliases
      myorigin = /etc/mailname
      mydestination = localhost, localhost.localdomain
      relayhost =
      mynetworks = 127.0.0.0/8
      mailbox_command =
      mailbox_size_limit = 0
      recipient_delimiter = +
      inet_interfaces = all
      smtpd_sasl_local_domain =
      smtpd_sasl_auth_enable = yes
      smtpd_sasl_security_options = noanonymous
      broken_sasl_auth_clients = yes
      smtpd_recipient_restrictions = permit_mynetworks,
      permit_sasl_authenticated, reject_unauth_destination,permit
      smtpd_tls_auth_only = no
      smtp_use_tls = yes
      smtpd_use_tls = yes
      smtp_tls_note_starttls_offer = yes
      smtpd_tls_key_file = /etc/postfix/ssl/privkey.pem
      smtpd_tls_cert_file = /etc/postfix/ssl/cert.pem
      smtpd_tls_loglevel = 1
      smtpd_tls_received_header = yes
      smtpd_tls_session_cache_timeout = 3600s
      tls_random_source = dev:/dev/urandom

      If it matters I am running this on Debian and I do have the
      following packages installed:

      bsasl2
      libsasl2-dev
      libsasl2-modules
      libsasl2-modules-sql
      sasl2-bin
      postfix
      postfix-doc
      postfix-mysql
      postfix-tls

      I've been looking at this for so long that I am lost and I'd
      appreciate any help that anyone out there has.

      Thanks much,

      /erol
    • mouss
      ... FYI, main.cf gets almost always ignored here. Only postconf -n is accepted/trusted. see http://www.postfix.org/DEBUG_README.html#mail for how to get help
      Message 2 of 3 , Feb 1 10:00 AM
      • 0 Attachment
        erol@... a écrit :
        > [snip]
        >
        > postfix/smtpd[16262]: sql_select option missing
        > postfix/smtpd[16262]: auxpropfunc error no mechanism available
        > postfix/smtpd[16262]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql
        >
        > However I have the following info in my smtpd.conf file:
        >
        > sasl_pwcheck_method: auxprop
        > sasl_auxprop_plugin: mysql
        > mysql_user: postfix
        > mysql_passwd: xxxxx
        > mysql_hostnames: localhost
        > mysql_database: db_name
        > mysql_statement: SELECT user,pass FROM members WHERE user = '%u'
        > mysql_verbose: yes
        >
        > My main.cf looks like:
        > (Ive stripped it down until I get it to work)
        >

        FYI, main.cf gets almost always ignored here. Only 'postconf -n' is
        accepted/trusted. see
        http://www.postfix.org/DEBUG_README.html#mail
        for how to get help on the list.

        > [snip]

        >
        > If it matters I am running this on Debian and I do have the
        > following packages installed:
        >
        > bsasl2
        > libsasl2-dev
        > libsasl2-modules
        > libsasl2-modules-sql
        > sasl2-bin
        > postfix
        > postfix-doc
        > postfix-mysql
        > postfix-tls
        >

        you have no mechanisms (nor in smtpd.conf, no installed). you need to
        install modules for PLAIN, LOGIN, ... etc and add them to smtpd.conf.
      • Patrick Ben Koetter
        ... passwords must be plaintext or Cyrus-SASL.2.x libsql will not be able to process authentication. ... Cyrus-SASL.2.x can t find the library that provides
        Message 3 of 3 , Feb 1 11:55 AM
        • 0 Attachment
          * erol@... <erol@...>:
          > Before I begin, yes I have checked for others having this problem.
          > However none of what I've found has solved the problems I've
          > encountered.
          >
          > The issue this. I'm trying to make postfix+sasl authenticate
          > against a mysql database which already has all the necessary
          > usernames and passwords. The goal of this is to allow anyone who

          passwords must be plaintext or Cyrus-SASL.2.x libsql will not be able to
          process authentication.

          > authenticates to use the machine as an outbound mail relay.
          >
          > When I try and authenticate and send test messages I receive the
          > following error:
          >
          > postfix/smtpd[16262]: sql_select option missing
          > postfix/smtpd[16262]: auxpropfunc error no mechanism available
          > postfix/smtpd[16262]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

          Cyrus-SASL.2.x can't find the library that provides the sql method. On Debian
          it should be in /usr/lib/sasl2. If there's no libsql* you need to install
          them.

          p@rick

          --
          The Book of Postfix
          <http://www.postfix-book.com>
          saslfinger (debugging SMTP AUTH):
          <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
        Your message has been successfully submitted and would be delivered to recipients shortly.