i have a postfix installation that uses smtpd-auth via mysql, using the cyrus-sasl library for mysql access with cyrus-sasl-2.1.18-r2 smtp auth fails, while no connection to the mysql db is made at all Reproducible: Always Steps to Reproduce: 1. setup postfix with smtpd auth using mysql via cyrus-sasl use something like this as /etc/sasl2/smtpd.conf : pwcheck_method: auxprop auxprop_plugin: mysql auto_transition: no mysql_hostnames: localhost mysql_user: postfix mysql_passwd: nonofyourinterest mysql_database: postfix mysql_statement: select password from mailbox where username = '%u@%r' mysql_verbose: true 2. update cyrus-sasl to 2.1.18-r2 3. be surprised by users being unable to send their mail via smtpd-auth Actual Results: mail.log: Jul 18 17:59:18 MYHOST postfix/smtpd[23910]: TLS connection established from YYYYYYY: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) Jul 18 17:59:18 MYHOST postfix/smtpd[23910]: connect from YYYYYYY Jul 18 17:59:19 MYHOST postfix/smtpd[23910]: warning: SASL authentication failure: no secret in database Jul 18 17:59:19 MYHOST postfix/smtpd[23910]: warning: YYYYYYY: SASL CRAM-MD5 authentication failed Jul 18 17:59:22 MYHOST postfix/smtpd[23910]: warning: Read failed in network_biopair_interop with errno=0: num_read=0, want_read=5 Jul 18 17:59:22 MYHOST postfix/smtpd[23910]: lost connection after AUTH from YYYYYYY Jul 18 17:59:22 MYHOST postfix/smtpd[23910]: disconnect from YYYYYYY mysql.log: - no entry at all,nada, nothing Expected Results: mail.log: Jul 18 17:45:01 MYHOST postfix/smtpd[4008]: TLS connection established from YYYYYYY: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) Jul 18 17:45:01 MYHOST postfix/smtpd[4008]: connect from YYYYYYY Jul 18 17:45:01 MYHOST postfix/smtpd[4008]: 716FE1B001D: client=YYYYYYY, sasl_method=CRAM-MD5, sasl_username=XXXXXXX Jul 18 17:45:01 MYHOST postfix/cleanup[4013]: 716FE1B001D: message-id=<dontneedthisfordebug@invalid> Jul 18 17:45:01 MYHOST postfix/qmgr[2168]: 716FE1B001D: from=<XXXXXXX>, size=577, nrcpt=1 (queue active) Jul 18 17:45:01 MYHOST postfix/smtpd[4008]: disconnect from YYYYYYY mysql.log: 19 Connect postfix@localhost on 19 Init DB postfix 19 Query select password from mailbox where username = 'XXXXXXX' 19 Query select password from mailbox where username = 'XXXXXXX' 19 Quit saslauthd is not running, pam is not used (at least not for sasl or smtpd-auth) i tried to re-compile postfix, for maybe bindings to the new libs were broken, but it did not change the overall result, smtpd-auth with cyrus-sasl did still not work. emerge info: Portage 2.0.50-r9 (default-x86-1.4, gcc-3.3.3, glibc-2.3.3.20040420-r0, 2.4.20-gentoo-r20) ================================================================= System uname: 2.4.20-gentoo-r20 i686 AMD Duron(tm) processor Gentoo Base System version 1.4.16 Autoconf: sys-devel/autoconf-2.59-r3 Automake: sys-devel/automake-1.8.3 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CFLAGS="-march=athlon -O2 -pipe" CHOST="i686-pc-linux-gnu" COMPILER="gcc3" CONFIG_PROTECT="/etc /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-march=athlon -O2 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoaddcvs ccache fixpackages sandbox" GENTOO_MIRRORS="http://gentoo.oregonstate.edu http://distro.ibiblio.org/pub/Linux/distributions/gentoo" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="3dnow apache apm avi berkdb crypt doc encode extensions flash foomaticdb gd gdbm gif gpm gtk2 imap imlib innodb java jpeg libg++ libwww mad maildir mikmod mmx mpeg mysql ncurses nls oggvorbis opengl oss pam pdflib perl png python quicktime readline sasl slang spell ssl tcpd tetex tiff truetype x86 xml2 xv zlib"
The options have been changed from cyrus-sasl-2.1.17, IIRC. your smtpd.conf should be: pwcheck_method: auxprop auxprop_plugin: sql sql_engine: mysql auto_transition: no sql_hostnames: localhost sql_user: postfix sql_passwd: nonofyourinterest sql_database: postfix sql_statement: select password from mailbox where username = '%u@%r' sql_verbose: true read file:///usr/share/doc/cyrus-sasl-[your_installed_version]/html/options.html for correct options.
*** This bug has been marked as a duplicate of 39497 ***
Eric, are the SQL statements in your mysql.log correct? Do they return a CRAM-MD5 password hash? Do they return the correct hash? Have you tested them connected as user postfix?
you are right, I should point you to the other bug for reference instead.
and closing this as INVALID. Please open a new bug with the correct options usage.
