AW: [Postfixbuch-users] SASL mit MySql Authentifizierung

Windecker, Robert R.Windecker at peak-networks.de
Do Jul 22 13:40:01 CEST 2004


Mahlzeit,

ich bin echt gleich vor dem durchdrehen......
so ich fasse noch mal zusammen:

# ========================================================================== 
# service type  private unpriv  chroot  wakeup  maxproc command + args 
#               (yes)   (yes)   (yes)   (never) (100) 
# ========================================================================== 
smtp      inet  n       -       n       -       -       smtpd -v

postconf -m 
static 
sdbm 
cidr 
pcre 
nis 
regexp 
environ 
mysql 
proxy 
ldap 
btree 
unix 
hash

leider immer noch der Fehler das der localhost nicht findet. Steht aber auch in den hosts drin!!!

Jul 22 12:39:23 nemo xxxxxx/xxxxxx-script: starting the xxxxxx mail system
Jul 22 12:39:23 nemo xxxxxx/master[26257]: daemon started -- version 2.1.1
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_string: mynetworks ~? debug_peer_list
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_string: mynetworks ~? fast_flush_domains
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_string: mynetworks ~? mynetworks
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_string: relay_domains ~? debug_peer_list
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_string: relay_domains ~? fast_flush_domains
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_string: relay_domains ~? mynetworks
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_string: relay_domains ~? permit_mx_backup_networks
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_string: relay_domains ~? qmqpd_authorized_clients
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_string: relay_domains ~? relay_domains
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_string: permit_mx_backup_networks ~? debug_peer_list
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_string: permit_mx_backup_networks ~? fast_flush_domains
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_string: permit_mx_backup_networks ~? mynetworks
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_string: permit_mx_backup_networks ~? permit_mx_backup_networks
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: connect to subsystem private/proxymap
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: send attr request = open
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: send attr table = unix:passwd.byname
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: send attr flags = 64
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: private/proxymap socket: wanted attribute: status
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: input attribute name: status
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: input attribute value: 0
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: private/proxymap socket: wanted attribute: flags
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: input attribute name: flags
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: input attribute value: 80
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: private/proxymap socket: wanted attribute: (list terminator)
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: input attribute name: (end)
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: dict_proxy_open: connect to map=unix:passwd.byname status=0 server_flags=0120
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: dict_open: proxy:unix:passwd.byname
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: dict_open: hash:/etc/aliases
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: dict_open: hash:/etc/xxxxxx/canonical
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: cfg_get_str: /etc/xxxxxx/mysql_virtual_alias_maps.cf: user = xxxxxx
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: cfg_get_str: /etc/xxxxxx/mysql_virtual_alias_maps.cf: password = xxxxxx
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: cfg_get_str: /etc/xxxxxx/mysql_virtual_alias_maps.cf: dbname = xxxxxx
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: cfg_get_str: /etc/xxxxxx/mysql_virtual_alias_maps.cf: table = alias
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: cfg_get_str: /etc/xxxxxx/mysql_virtual_alias_maps.cf: select_field = goto
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: cfg_get_str: /etc/xxxxxx/mysql_virtual_alias_maps.cf: where_field = address
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: cfg_get_str: /etc/xxxxxx/mysql_virtual_alias_maps.cf: additional_conditions = 
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: cfg_get_str: /etc/xxxxxx/mysql_virtual_alias_maps.cf: hosts = localhost
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: mysqlname_parse: /etc/xxxxxx/mysql_virtual_alias_maps.cf: adding host 'localhost' to list of mysql server hosts
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: dict_open: mysql:/etc/xxxxxx/mysql_virtual_alias_maps.cf
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: cfg_get_str: /etc/xxxxxx/mysql_virtual_mailbox_maps.cf: user = xxxxxx
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: cfg_get_str: /etc/xxxxxx/mysql_virtual_mailbox_maps.cf: password = xxxxxx
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: cfg_get_str: /etc/xxxxxx/mysql_virtual_mailbox_maps.cf: dbname = xxxxxx
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: cfg_get_str: /etc/xxxxxx/mysql_virtual_mailbox_maps.cf: table = mailbox
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: cfg_get_str: /etc/xxxxxx/mysql_virtual_mailbox_maps.cf: select_field = maildir
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: cfg_get_str: /etc/xxxxxx/mysql_virtual_mailbox_maps.cf: where_field = username
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: cfg_get_str: /etc/xxxxxx/mysql_virtual_mailbox_maps.cf: additional_conditions = 
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: cfg_get_str: /etc/xxxxxx/mysql_virtual_mailbox_maps.cf: hosts = localhost
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: mysqlname_parse: /etc/xxxxxx/mysql_virtual_mailbox_maps.cf: adding host 'localhost' to list of mysql server hosts
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: dict_open: mysql:/etc/xxxxxx/mysql_virtual_mailbox_maps.cf
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_string: smtpd_access_maps ~? debug_peer_list
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_string: smtpd_access_maps ~? fast_flush_domains
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_string: smtpd_access_maps ~? mynetworks
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_string: smtpd_access_maps ~? permit_mx_backup_networks
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_string: smtpd_access_maps ~? qmqpd_authorized_clients
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_string: smtpd_access_maps ~? relay_domains
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_string: smtpd_access_maps ~? smtpd_access_maps
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: smtpd_sasl_initialize: SASL config file is smtpd.conf
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_string: fast_flush_domains ~? debug_peer_list
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_string: fast_flush_domains ~? fast_flush_domains
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: watchdog_create: 0x80a0028 18000
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: watchdog_stop: 0x80a0028
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: watchdog_start: 0x80a0028
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: connection established
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: master_notify: status 0
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: name_mask: resource
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: name_mask: software
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: name_mask: noanonymous
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: connect from unknown[xxx.xxx.xxx.xxx]
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_list_match: unknown: no match
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_list_match: xxx.xxx.xxx.xxx: no match
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_list_match: unknown: no match
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: match_list_match: xxx.xxx.xxx.xxx: no match
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: > unknown[xxx.xxx.xxx.xxx]: 220 nemo.xxxx-xxxxxx.de ESMTP xxxxxx
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: watchdog_pat: 0x80a0028
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: < unknown[xxx.xxx.xxx.xxx]: EHLO robert
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: > unknown[xxx.xxx.xxx.xxx]: 250-nemo.xxxx-xxxxxx.de
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: > unknown[xxx.xxx.xxx.xxx]: 250-PIPELINING
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: > unknown[xxx.xxx.xxx.xxx]: 250-SIZE 10240000
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: > unknown[xxx.xxx.xxx.xxx]: 250-VRFY
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: > unknown[xxx.xxx.xxx.xxx]: 250-ETRN
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: > unknown[xxx.xxx.xxx.xxx]: 250-AUTH LOGIN PLAIN DIGEST-MD5 CRAM-MD5
Jul 22 12:40:24 nemo xxxxxx/smtpd[26311]: > unknown[xxx.xxx.xxx.xxx]: 250-AUTH=LOGIN PLAIN DIGEST-MD5 CRAM-MD5

Meine smpt.conf sieht so aus:

pwcheck_method: auxprop
mech_list: PLAIN LOGIN DIGEST-MD5 CRAM-MD5
auxprop_plugin: mysql
#sql_engine: mysql
mysql_user: postfix
mysql_passwd: postfix
mysql_database: postfix
mysql_statement: SELECT password FROM mailbox WHERE username : '%u at r%' and active='1'
mysql_verbose: yes
#host = localhost
mysql_server: localhost
mysql_port: 3306
#mysql_socket: /var/lib/mysql/mysql.sock
sasl_log_level: 3
#pwcheck_method: pam
#pwcheck_method: saslauthd
#mech_lost: PLAIN LOGIN
sql_usessl: no

Was soll oder kann ich machen ?? Mein cyrus-sasl habe ich so bebaut:

./configure --libdir=/usr/lib \
	--with-plugindir=/usr/lib/sasl2 \
	--prefix=/usr \
	--sysconfdir=/etc \
	--mandir=/usr/share/man \
	--with-saslauthd=/var/spool/postfix/var/state/saslauthd \
	--enable-pam \
	--enable-sample \
	--enable-login \
	--enable-plain \
	--disable-gssapi \
	--disable-checkapop \
	--with-openssl=/usr/include/openssl \
	--disable-cram \
	--disable-otp \
	--enable-krb4=no \
	--with-ldap=no \
	--without-dbpath \
	--with-dblib=none \
	--enable-mysql \
	--with-mysql=/usr/include/mysql

Ich weis so langsam nicht mehr weiter der Scheiß beschäftig mich jetzt schon Tage....

Mit freundlichen Grüßen

Robert

-----Ursprüngliche Nachricht-----
Von: Windecker, Robert 
Gesendet: Donnerstag, 22. Juli 2004 11:13
An: Eine Diskussionsliste rund um das Postfix-Buch.
Betreff: AW: [Postfixbuch-users] SASL mit MySql Authentifizierung

Hi,

ja danke du meinst bestimmt diesen hier:

http://www.viperstrike.com/~lopaka/sysadmin/cyrus-sasl-mysql-encrypt/

ich werde es mal versuchen ob der auch bei einer SuSE 9.0 funzt.

Thx

robert


-----Ursprüngliche Nachricht-----
Von: Patrick Ben Koetter [mailto:p at state-of-mind.de] 
Gesendet: Donnerstag, 22. Juli 2004 11:05
An: Eine Diskussionsliste rund um das Postfix-Buch.
Betreff: Re: [Postfixbuch-users] SASL mit MySql Authentifizierung

* Windecker, Robert <R.Windecker at peak-networks.de> [040722 10:59]:
> HI,
> 
> ja danke sieht schon besser aus ....... aber jetzt 
> 
> Das Passwort steht in MD5 in der DB drin. Mach ich das noch was falsch
> in der Authentifizierung????

Die Authentifizierung is OK. Du mußt aber die Passworte plaintext
abspeichern außer Du baust Cyrus-SASL.2.x mit einem patch. Wo der wieder
mal ist, weis ich nicht. Vielleicht mal cyrus-sasl Archiv
durchforsten...

p at rick

-- 
Ich behalte mir vor Nachrichten, die nicht an die Liste zurückgesendet
werden, zu ignorieren. Open Source Software verlangt auch offenen Zugang
zu Wissen, das schildert wie man sie einsetzt.
Entzieht den anderen dieses Wissen nicht, indem ihr unaufgefordert auf
einen privaten Kanal wechselt!

SMTP AUTH HOWTO: <http://postfix.state-of-mind.de/patrick.koetter/>
-- 
_______________________________________________
Postfixbuch-users mailingliste
JPBerlin - Mailbox und Politischer Provider
Postfixbuch-users at listi.jpberlin.de
http://listi.jpberlin.de/mailman/listinfo/postfixbuch-users

--
_______________________________________________
Postfixbuch-users mailingliste
JPBerlin - Mailbox und Politischer Provider
Postfixbuch-users at listi.jpberlin.de
http://listi.jpberlin.de/mailman/listinfo/postfixbuch-users




Mehr Informationen über die Mailingliste Postfixbuch-users