From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Tue, 13 Apr 2004 19:36:57 +0900 From: Alexei Takaseev To: ALT Linux Community Subject: Re: [Comm] Postfix+SMTP AUTH (libsasl2-plugin-sql) Message-Id: <20040413193657.298d27f9.alexei@taf.ru> In-Reply-To: <407B7F8B.2090602@inbox.ru> References: <407B7F8B.2090602@inbox.ru> Organization: /dev/null X-Mailer: Sylpheed version 0.9.10 (GTK+ 1.2.10; i586-alt-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=KOI8-R Content-Transfer-Encoding: 8bit X-BeenThere: community@altlinux.ru X-Mailman-Version: 2.1.4 Precedence: list Reply-To: community@altlinux.ru List-Id: Mailing list for ALT Linux users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Apr 2004 10:45:11 -0000 Archived-At: List-Archive: List-Post: On Tue, 13 Apr 2004 11:50:03 +0600 Квашин Антон wrote: > Привет Всем. > > Настраиваю систему: postfix-2.0.3 + sasl2 + mysql = virtual domains + > SMTP-AUTH > по статье: > http://www.atmsk.ru/index.php?option=articles&task=viewarticle&artid=26 > > postfix собран с поддержкой MySQL и sasl2. > использую libsasl2-plugin-sql - SASL2 MySQL and PostgreSQL mechanism > plugin. > > Часть конфига Postfix: /etc/postfix/main.cf > smtpd_sasl_auth_enable = yes > smtp_sasl_security_options = noanonymous > broken_sasl_auth_clients = yes > smtpd_recipient_restrictions = permit_sasl_authenticated, > permit_mynetworks, check > smtpd_etrn_restrictions = permit_mynetworks, reject > > Конфиг smtpd: /usr/lib/sasl2/smtpd.conf > allowplaintext: yes > sasl_pwcheck_method: auxprop > mysql_user: postfix > mysql_passwd: *** > mysql_hostnames: junior.esoo.ru > mysql_database: mail > mysql_statement: select password from aliases where alias='%u@%r' > mysql_verbose: yes > > Делаю: > [foo@junior reg]$ telnet junior 25 > Trying 213.135.97.13... > Connected to junior. > Escape character is '^]'. > 220 junior.esoo.ru ESMTP Postfix > ehlo junior.esoo.ru > 250-junior.esoo.ru > 250-PIPELINING > 250-SIZE 10240000 > 250-ETRN > 250-AUTH CRAM-MD5 DIGEST-MD5 LOGIN PLAIN NTLM SRP OTP > 250-AUTH=CRAM-MD5 DIGEST-MD5 LOGIN PLAIN NTLM SRP OTP > 250 8BITMIME > auth plain > 334 > Zm9vLmVzb28ucnUAZm9vLmVzb28ucnUAbk9uYW1l > 535 Error: authentication failed > quit > 221 Bye > Connection closed by foreign host. > > Строка plain получена: perl -MMIME::Base64 -e 'print > encode_base64("login\0login\0passwd");' > > Логи: > /var/log/mail > Apr 13 11:38:59 junior postfix/smtpd[4355]: warning: SASL > authentication failure: > Password verification failed > Apr 13 11:38:59 junior postfix/smtpd[4355]: warning: > junior.esoo.ru[213.135.97.13] > : SASL plain authentication failed > Apr 13 11:39:04 junior postfix/smtpd[4355]: disconnect from > junior.esoo.ru[213.135 > .97.13] > > /var/log/auth/all > Apr 13 11:38:39 junior postfix/smtpd[4355]: sql_select option missing > Apr 13 11:38:39 junior postfix/smtpd[4355]: auxpropfunc error -4 > Apr 13 11:38:39 junior postfix/smtpd[4355]: _sasl_plugin_load failed > on sasl_auxpr > op_plug_init for plugin: sql > > > Видимо, в /usr/lib/sasl2/smtpd.conf должно быть определение > sql_select. > > Кто-нибудь сталкивался с такой проблемой? Какая версия SASL? Мой /usr/lib/sasl2/smtpd.conf: auxprop_plugin: sql sql_engine: pgsql sql_user: user sql_passwd: password sql_hostnames: hostname sql_database: mailbase sql_statement: select password from mailusers where username = '%u' \ and domain_n ame = '%r' and active = 1 Это для PostgreSQL, cyrus-sasl2-2.1.17-alt3. Побробно смотреть /usr/share/doc/cyrus-sasl2-2.1.17/HTML/options.html