From: Alexei Takaseev <alexei@taf.ru>
To: ALT Linux Community <community@altlinux.ru>
Subject: Re: [Comm] Postfix+SMTP AUTH (libsasl2-plugin-sql)
Date: Tue, 13 Apr 2004 19:36:57 +0900
Message-ID: <20040413193657.298d27f9.alexei@taf.ru> (raw)
In-Reply-To: <407B7F8B.2090602@inbox.ru>
On Tue, 13 Apr 2004 11:50:03 +0600
Квашин Антон <non2002@inbox.ru> wrote:
> Привет Всем.
>
> Настраиваю систему: postfix-2.0.3 + sasl2 + mysql = virtual domains +
> SMTP-AUTH
> по статье:
> http://www.atmsk.ru/index.php?option=articles&task=viewarticle&artid=26
>
> postfix собран с поддержкой MySQL и sasl2.
> использую libsasl2-plugin-sql - SASL2 MySQL and PostgreSQL mechanism
> plugin.
>
> Часть конфига Postfix: /etc/postfix/main.cf
> smtpd_sasl_auth_enable = yes
> smtp_sasl_security_options = noanonymous
> broken_sasl_auth_clients = yes
> smtpd_recipient_restrictions = permit_sasl_authenticated,
> permit_mynetworks, check
> smtpd_etrn_restrictions = permit_mynetworks, reject
>
> Конфиг smtpd: /usr/lib/sasl2/smtpd.conf
> allowplaintext: yes
> sasl_pwcheck_method: auxprop
> mysql_user: postfix
> mysql_passwd: ***
> mysql_hostnames: junior.esoo.ru
> mysql_database: mail
> mysql_statement: select password from aliases where alias='%u@%r'
> mysql_verbose: yes
>
> Делаю:
> [foo@junior reg]$ telnet junior 25
> Trying 213.135.97.13...
> Connected to junior.
> Escape character is '^]'.
> 220 junior.esoo.ru ESMTP Postfix
> ehlo junior.esoo.ru
> 250-junior.esoo.ru
> 250-PIPELINING
> 250-SIZE 10240000
> 250-ETRN
> 250-AUTH CRAM-MD5 DIGEST-MD5 LOGIN PLAIN NTLM SRP OTP
> 250-AUTH=CRAM-MD5 DIGEST-MD5 LOGIN PLAIN NTLM SRP OTP
> 250 8BITMIME
> auth plain
> 334
> Zm9vLmVzb28ucnUAZm9vLmVzb28ucnUAbk9uYW1l
> 535 Error: authentication failed
> quit
> 221 Bye
> Connection closed by foreign host.
>
> Строка plain получена: perl -MMIME::Base64 -e 'print
> encode_base64("login\0login\0passwd");'
>
> Логи:
> /var/log/mail
> Apr 13 11:38:59 junior postfix/smtpd[4355]: warning: SASL
> authentication failure:
> Password verification failed
> Apr 13 11:38:59 junior postfix/smtpd[4355]: warning:
> junior.esoo.ru[213.135.97.13]
> : SASL plain authentication failed
> Apr 13 11:39:04 junior postfix/smtpd[4355]: disconnect from
> junior.esoo.ru[213.135
> .97.13]
>
> /var/log/auth/all
> Apr 13 11:38:39 junior postfix/smtpd[4355]: sql_select option missing
> Apr 13 11:38:39 junior postfix/smtpd[4355]: auxpropfunc error -4
> Apr 13 11:38:39 junior postfix/smtpd[4355]: _sasl_plugin_load failed
> on sasl_auxpr
> op_plug_init for plugin: sql
>
>
> Видимо, в /usr/lib/sasl2/smtpd.conf должно быть определение
> sql_select.
>
> Кто-нибудь сталкивался с такой проблемой?
Какая версия SASL?
Мой /usr/lib/sasl2/smtpd.conf:
auxprop_plugin: sql
sql_engine: pgsql
sql_user: user
sql_passwd: password
sql_hostnames: hostname
sql_database: mailbase
sql_statement: select password from mailusers where username = '%u' \
and domain_n ame = '%r' and active = 1
Это для PostgreSQL, cyrus-sasl2-2.1.17-alt3.
Побробно смотреть /usr/share/doc/cyrus-sasl2-2.1.17/HTML/options.html
next prev parent reply other threads:[~2004-04-13 10:36 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-04-13 5:50 Квашин Антон
2004-04-13 10:36 ` Alexei Takaseev [this message]
2004-04-13 11:59 ` Квашин Антон
2004-04-13 12:48 ` Re[2]: " Alexander Leschinsky
2004-04-13 13:07 ` Klimchev Konstantin
2004-04-13 14:12 ` Re[2]: " Alexander Leschinsky
2004-04-14 8:54 ` [Comm] " Денис Смирнов
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20040413193657.298d27f9.alexei@taf.ru \
--to=alexei@taf.ru \
--cc=community@altlinux.ru \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
ALT Linux Community general discussions
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/community/0 community/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 community community/ http://lore.altlinux.org/community \
mandrake-russian@linuxteam.iplabs.ru community@lists.altlinux.org community@lists.altlinux.ru community@lists.altlinux.com
public-inbox-index community
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.community
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git