Loading ...
Sorry, an error occurred while loading the content.

Re: login username / different domain

Expand Messages
  • Jim Douglas
    ... It was the link that was causing the problem, I can authenticate now from one terminal window to the other... Now, after putting these setting in main.cf..
    Message 1 of 24 , Oct 1, 2006
    • 0 Attachment
      >From: Patrick Ben Koetter <p@...>
      >To: postfix-users@...
      >Subject: Re: login username / different domain
      >Date: Sun, 1 Oct 2006 21:39:11 +0200
      >
      >* Jim Douglas <jdz99@...>:
      > > >A Typo?
      > > >smptd.conf should be smtpd.conf !
      > >
      > > Yes, it's a typo it is spelled correctly except in this email...
      >
      >okay.
      >
      > > >On localhost or on 127.0.0.1? (Yes, there may be a difference in
      >MySQL...)
      > > >
      > > >As sql_user: root with sql_passwd: mypassword (you shouldn't be using
      >root,
      > > >by the way...)
      > >
      > > MySQL is ok on localhost and 127.0.0.1..."root" is just till I get
      >things
      > > working..
      >
      >okay.
      >
      > > >> I have reviewed the steps many times at this point and really
      >appreciate
      > > >> your feedback.
      > > >
      > > >Okay. Check the smptd-typo, which should be smtpd.conf. Then check if
      > > >libsql is there now and send saslfinger -s output to reflect the
      >current
      > > >state.
      > >
      > > libsql is in /usr/local/lib/sasl2 and I linked them, like so,
      > > ln -s /usr/local/lib/sasl2 /usr/lib/sasl2
      >
      >Not successfully as you can see in the saslfinger output...
      >
      > > >You should be able to see sasl2-sample-server and -client communicating
      > > >with each other when you start the server and connect to it from a
      > > >different terminal window.
      > >
      > > sasl2-sample-server -s rcmd -p 8000 returns,
      > > trying 10, 1, 6
      > > bind: Address already in use
      > > trying 2, 1, 6
      > > bind: Address already in use
      > > Couldn't bind to any socket
      >
      >No idea what you are doing different...
      >
      > > When I run in a second window and enter,
      > > sasl2-sample-client -s rcmd -p 8000 -m PLAIN 127.0.0.1
      > >
      > > Nothing happens....
      > >
      > > >
      > > >If you start sasl2-sample-server without binding it to any mechanism as
      > > >well start the client without "-m PLAIN", then the client should tell
      >you
      > > >all mechanisms the server offered, which should be what you have in
      > > >smtpd.conf.
      > >
      > > sasl2-sample-server returns,
      > > trying 10, 1, 6
      > > bind: Address already in use
      > > trying 2, 1, 6
      > > bind: Address already in use
      > > Couldn't bind to any socket
      > >
      > > ...without the -m PLAIN I get,
      > > usage: client [-p port] [-s service] [-m mech] [-p port] host
      > >
      > >
      > > saslfiger -s output...
      > >
      > > saslfinger - postfix Cyrus sasl configuration Sun Oct 1 09:44:44 EDT
      >2006
      > > version: 1.0
      > > mode: server-side SMTP AUTH
      > >
      > > -- basics --
      > > Postfix: 2.3.3
      > > System: Fedora Core release 5 (Bordeaux)
      > >
      > > -- smtpd is linked to --
      > > libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x00409000)
      > >
      > > -- active SMTP AUTH and TLS parameters for smtpd --
      > > broken_sasl_auth_clients = yes
      > > smtpd_sasl_auth_enable = yes
      > > smtpd_sasl_authenticated_header = yes
      > > smtpd_sasl_local_domain =
      > > smtpd_sasl_security_options = noanonymous
      > >
      > >
      > > -- listing of /usr/lib/sasl --
      > > total 132
      > > drwxr-xr-x 2 root root 4096 Sep 30 14:26 .
      > > drwxr-xr-x 125 root root 110592 Sep 30 14:13 ..
      > > -rw-r--r-- 1 root root 0 Sep 30 14:23 smptd.conf
      > > -rw-r--r-- 1 root root 263 Sep 30 14:26 smtpd.conf
      > > -rw-r--r-- 1 root root 263 Sep 30 14:15 smtpd.conf~
      > > -rw-r--r-- 1 root root 263 Sep 30 13:18 smtpd.conf.rpmsave
      > >
      > > -- listing of /usr/lib/sasl2 --
      >
      >This is not the content of /usr/local/lib/sasl2, but it should be.
      >
      > > total 3060
      > > drwxr-xr-x 2 root root 4096 Oct 1 09:44 .
      > > drwxr-xr-x 125 root root 110592 Sep 30 14:13 ..
      > > -rwxr-xr-x 1 root root 884 Feb 20 2006 libanonymous.la
      > > -rwxr-xr-x 1 root root 14668 Feb 20 2006 libanonymous.so
      > > -rwxr-xr-x 1 root root 14668 Feb 20 2006 libanonymous.so.2
      > > -rwxr-xr-x 1 root root 14668 Feb 20 2006 libanonymous.so.2.0.21
      > > -rwxr-xr-x 1 root root 856 Feb 20 2006 liblogin.la
      > > -rwxr-xr-x 1 root root 15080 Feb 20 2006 liblogin.so
      > > -rwxr-xr-x 1 root root 15080 Feb 20 2006 liblogin.so.2
      > > -rwxr-xr-x 1 root root 15080 Feb 20 2006 liblogin.so.2.0.21
      > > -rwxr-xr-x 1 root root 856 Feb 20 2006 libplain.la
      > > -rwxr-xr-x 1 root root 15144 Feb 20 2006 libplain.so
      > > -rwxr-xr-x 1 root root 15144 Feb 20 2006 libplain.so.2
      > > -rwxr-xr-x 1 root root 15144 Feb 20 2006 libplain.so.2.0.21
      > > -rwxr-xr-x 1 root root 941 Feb 20 2006 libsasldb.la
      > > -rwxr-xr-x 1 root root 909324 Feb 20 2006 libsasldb.so
      > > -rwxr-xr-x 1 root root 909324 Feb 20 2006 libsasldb.so.2
      > > -rwxr-xr-x 1 root root 909324 Feb 20 2006 libsasldb.so.2.0.21
      > > -rw-r--r-- 1 root root 0 Sep 30 14:27 out
      > > -rw-r--r-- 1 root root 890 Oct 1 09:44 output.txt
      > > -rw-r--r-- 1 root root 0 Sep 30 14:27 out.txt
      > > -rw-r--r-- 1 root root 26 Sep 29 14:03 sample.conf
      > > drwxr-xr-x 2 root root 4096 Sep 30 13:35 sasl2
      > > -rw-r--r-- 1 root root 0 Sep 30 14:23 smptd.conf
      > > -rw-r--r-- 1 root root 26 Sep 29 14:03 smtpd.conf
      > > -rw-r--r-- 1 root root 275 Sep 29 20:07 smtpd.conf~
      > > -rw-r--r-- 1 root root 262 Sep 29 20:07 smtpd.conf.rpmsave
      > > -rw-r--r-- 1 root root 0 Sep 30 12:53 test
      > >
      > > -- listing of /usr/local/lib/sasl2 --
      > > total 2280
      > > drwxr-xr-x 2 root root 4096 Sep 30 13:35 .
      > > drwxr-xr-x 4 root root 4096 Sep 30 13:35 ..
      > > -rwxr-xr-x 1 root root 695 Sep 30 13:35 libanonymous.la
      > > -rwxr-xr-x 1 root root 55287 Sep 30 13:35 libanonymous.so
      > > -rwxr-xr-x 1 root root 55287 Sep 30 13:35 libanonymous.so.2
      > > -rwxr-xr-x 1 root root 55287 Sep 30 13:35 libanonymous.so.2.0.22
      > > -rwxr-xr-x 1 root root 683 Sep 30 13:34 libcrammd5.la
      > > -rwxr-xr-x 1 root root 61405 Sep 30 13:34 libcrammd5.so
      > > -rwxr-xr-x 1 root root 61405 Sep 30 13:34 libcrammd5.so.2
      > > -rwxr-xr-x 1 root root 61405 Sep 30 13:34 libcrammd5.so.2.0.22
      > > -rwxr-xr-x 1 root root 713 Sep 30 13:34 libdigestmd5.la
      > > -rwxr-xr-x 1 root root 126446 Sep 30 13:34 libdigestmd5.so
      > > -rwxr-xr-x 1 root root 126446 Sep 30 13:34 libdigestmd5.so.2
      > > -rwxr-xr-x 1 root root 126446 Sep 30 13:34 libdigestmd5.so.2.0.22
      > > -rwxr-xr-x 1 root root 763 Sep 30 13:34 libgssapiv2.la
      > > -rwxr-xr-x 1 root root 79626 Sep 30 13:34 libgssapiv2.so
      > > -rwxr-xr-x 1 root root 79626 Sep 30 13:34 libgssapiv2.so.2
      > > -rwxr-xr-x 1 root root 79626 Sep 30 13:34 libgssapiv2.so.2.0.22
      > > -rwxr-xr-x 1 root root 679 Sep 30 13:35 liblogin.la
      > > -rwxr-xr-x 1 root root 56483 Sep 30 13:35 liblogin.so
      > > -rwxr-xr-x 1 root root 56483 Sep 30 13:35 liblogin.so.2
      > > -rwxr-xr-x 1 root root 56483 Sep 30 13:35 liblogin.so.2.0.22
      > > -rwxr-xr-x 1 root root 668 Sep 30 13:34 libotp.la
      > > -rwxr-xr-x 1 root root 121082 Sep 30 13:34 libotp.so
      > > -rwxr-xr-x 1 root root 121082 Sep 30 13:34 libotp.so.2
      > > -rwxr-xr-x 1 root root 121082 Sep 30 13:34 libotp.so.2.0.22
      > > -rwxr-xr-x 1 root root 679 Sep 30 13:34 libplain.la
      > > -rwxr-xr-x 1 root root 56941 Sep 30 13:34 libplain.so
      > > -rwxr-xr-x 1 root root 56941 Sep 30 13:34 libplain.so.2
      > > -rwxr-xr-x 1 root root 56941 Sep 30 13:34 libplain.so.2.0.22
      > > -rwxr-xr-x 1 root root 704 Sep 30 13:34 libsasldb.la
      > > -rwxr-xr-x 1 root root 98065 Sep 30 13:34 libsasldb.so
      > > -rwxr-xr-x 1 root root 98065 Sep 30 13:34 libsasldb.so.2
      > > -rwxr-xr-x 1 root root 98065 Sep 30 13:34 libsasldb.so.2.0.22
      > > -rwxr-xr-x 1 root root 690 Sep 30 13:35 libsql.la
      > > -rwxr-xr-x 1 root root 59571 Sep 30 13:35 libsql.so
      > > -rwxr-xr-x 1 root root 59571 Sep 30 13:35 libsql.so.2
      > > -rwxr-xr-x 1 root root 59571 Sep 30 13:35 libsql.so.2.0.22
      > >
      > >
      > >
      > >
      > > -- content of /usr/lib/sasl/smtpd.conf --
      >
      >Your MySQL config from /usr/lib/sasl/smtpd.conf will never be read, because
      >Postfix uses Cyrus-SASL.2.x. and that means it searches for
      >/usr/lib/sasl2/smtpd.conf.
      >
      ># cp /usr/lib/sasl/smtpd.conf /usr/lib/sasl2/smtpd.conf
      >
      >
      > > log_level: 3
      > >
      > > pwcheck_method: auxprop
      > >
      > > auxprop_plugin: sql
      > > mech_list: PLAIN LOGIN
      > > sql_engine: mysql
      > > sql_hostnames: 127.0.0.1
      > > sql_user: --- replaced ---
      > > sql_passwd: --- replaced ---
      > > sql_database: dbmail
      > > sql_select: select passwd from dbmail_users where userid = '%u' and
      >passwd=
      > > '%r'
      > >
      > > -- content of /usr/lib/sasl2/smtpd.conf --
      > > pwcheck_method: saslauthd
      > >
      > >
      > > -- active services in /etc/postfix/master.cf --
      > > # service type private unpriv chroot wakeup maxproc command + args
      > > # (yes) (yes) (yes) (never) (100)
      > > smtp inet n - n - - smtpd
      > > pickup fifo n - n 60 1 pickup
      > > cleanup unix n - n - 0 cleanup
      > > qmgr fifo n - n 300 1 qmgr
      > > tlsmgr unix - - n 1000? 1 tlsmgr
      > > rewrite unix - - n - - trivial-rewrite
      > > bounce unix - - n - 0 bounce
      > > defer unix - - n - 0 bounce
      > > trace unix - - n - 0 bounce
      > > verify unix - - n - 1 verify
      > > flush unix n - n 1000? 0 flush
      > > proxymap unix - - n - - proxymap
      > > smtp unix - - n - - smtp
      > > relay unix - - n - - smtp
      > > -o fallback_relay=
      > > showq unix n - n - - showq
      > > error unix - - n - - error
      > > discard unix - - n - - discard
      > > local unix - n n - - local
      > > virtual unix - n n - - virtual
      > > lmtp unix - - n - - lmtp
      > > anvil unix - - n - 1 anvil
      > > scache unix - - n - 1 scache
      > >
      > > dbmail-lmtp unix - - n - - lmtp -v
      > >
      > > maildrop unix - n n - - pipe
      > > flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
      > >
      > > old-cyrus unix - n n - - pipe
      > > flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension}
      > > ${user}
      > > cyrus unix - n n - - pipe
      > > user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m
      > > ${extension} ${user}
      > > uucp unix - n n - - pipe
      > > flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
      > > ($recipient)
      > > ifmail unix - n n - - pipe
      > > flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
      > > bsmtp unix - n n - - pipe
      > > flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop
      > > $recipient
      > >
      > > -- mechanisms on localhost --
      > >
      > >
      > > Thanks again,
      > > Jim
      > >
      > >
      > >
      > > >That's a good way to verify, smtpd.conf gets read...
      > > >
      > > >p@rick
      > > >
      > > >
      > > >--
      > > >The Book of Postfix
      > > ><http://www.postfix-book.com>
      > > >saslfinger (debugging SMTP AUTH):
      > > ><http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
      > >
      > >
      >
      >--
      >The Book of Postfix
      ><http://www.postfix-book.com>
      >saslfinger (debugging SMTP AUTH):
      ><http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>

      It was the link that was causing the problem, I can authenticate now from
      one terminal window to the other...

      Now, after putting these setting in main.cf..

      broken_sasl_auth_clients = yes
      smtpd_sasl_auth_enable = yes
      smtpd_sasl_security_options = noanonymous
      smtpd_sasl_local_domain =
      smtpd_recipient_restrictions = permit_mynetworks,
      reject_invalid_hostname,
      reject_non_fqdn_sender,
      reject_non_fqdn_recipient,
      reject_unknown_recipient_domain,
      reject_unauth_pipelining,
      reject_unknown_sender_domain,
      permit_sasl_authenticated,
      reject_unauth_destination

      I get an error in my log after trying to login from webmail,

      Oct 1 20:39:20 cpe-22-63-233-133 authdaemond: failed to connect to mysql
      server (server=mysql.example.com, userid=admin): Unknown MySQL server host
      'mysql.example.com' (1)
      Oct 1 20:39:20 cpe-22-63-233-133 imapd: LOGIN FAILED, user=foo,
      ip=[::ffff:22-63-233-133]
      Oct 1 20:39:20 cpe-22-63-233-133 imapd: authentication error: Input/output
      error

      ...where can I change "mysql.example.com"?

      I thought we specified this info in smtpd.conf?


      Thanks,
      Jim
    • Patrick Ben Koetter
      ... fine. ... The error stems not from Postfix, but from Courier IMAP s authdaemond server. You need to fix it in authdaemond s config and the best people to
      Message 2 of 24 , Oct 1, 2006
      • 0 Attachment
        * Jim Douglas <jdz99@...>:
        > It was the link that was causing the problem, I can authenticate now from
        > one terminal window to the other...

        fine.

        > Now, after putting these setting in main.cf..
        >
        > broken_sasl_auth_clients = yes
        > smtpd_sasl_auth_enable = yes
        > smtpd_sasl_security_options = noanonymous
        > smtpd_sasl_local_domain =
        > smtpd_recipient_restrictions = permit_mynetworks,
        > reject_invalid_hostname,
        > reject_non_fqdn_sender,
        > reject_non_fqdn_recipient,
        > reject_unknown_recipient_domain,
        > reject_unauth_pipelining,
        > reject_unknown_sender_domain,
        > permit_sasl_authenticated,
        > reject_unauth_destination
        >
        > I get an error in my log after trying to login from webmail,
        >
        > Oct 1 20:39:20 cpe-22-63-233-133 authdaemond: failed to connect to mysql
        > server (server=mysql.example.com, userid=admin): Unknown MySQL server host
        > 'mysql.example.com' (1)

        The error stems not from Postfix, but from Courier IMAP's authdaemond server.
        You need to fix it in authdaemond's config and the best people to support you
        with that are the ones on the Courier mailing list.

        p@rick

        --
        The Book of Postfix
        <http://www.postfix-book.com>
        saslfinger (debugging SMTP AUTH):
        <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
      • Jim Douglas
        ... It s been a long time since I set this up...I guess I need to configure the IMAP server... Any sugestion on which one is better than another? Jim
        Message 3 of 24 , Oct 2, 2006
        • 0 Attachment
          >From: Patrick Ben Koetter <p@...>
          >To: postfix-users@...
          >Subject: Re: login username / different domain
          >Date: Mon, 2 Oct 2006 08:56:50 +0200
          >
          >* Jim Douglas <jdz99@...>:
          > > It was the link that was causing the problem, I can authenticate now
          >from
          > > one terminal window to the other...
          >
          >fine.
          >
          > > Now, after putting these setting in main.cf..
          > >
          > > broken_sasl_auth_clients = yes
          > > smtpd_sasl_auth_enable = yes
          > > smtpd_sasl_security_options = noanonymous
          > > smtpd_sasl_local_domain =
          > > smtpd_recipient_restrictions = permit_mynetworks,
          > > reject_invalid_hostname,
          > > reject_non_fqdn_sender,
          > > reject_non_fqdn_recipient,
          > > reject_unknown_recipient_domain,
          > > reject_unauth_pipelining,
          > > reject_unknown_sender_domain,
          > > permit_sasl_authenticated,
          > > reject_unauth_destination
          > >
          > > I get an error in my log after trying to login from webmail,
          > >
          > > Oct 1 20:39:20 cpe-22-63-233-133 authdaemond: failed to connect to
          >mysql
          > > server (server=mysql.example.com, userid=admin): Unknown MySQL server
          >host
          > > 'mysql.example.com' (1)
          >
          >The error stems not from Postfix, but from Courier IMAP's authdaemond
          >server.
          >You need to fix it in authdaemond's config and the best people to support
          >you
          >with that are the ones on the Courier mailing list.
          >
          >p@rick
          >
          >--
          >The Book of Postfix
          ><http://www.postfix-book.com>
          >saslfinger (debugging SMTP AUTH):
          ><http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>

          It's been a long time since I set this up...I guess I need to configure the
          IMAP server... Any sugestion on which one is better than another?

          Jim
        Your message has been successfully submitted and would be delivered to recipients shortly.