postfix, sasl2 e mysql in debian etch

Discussion in 'Server Operation' started by matulio, Aug 3, 2007.

  1. matulio

    matulio New Member


    I tried to use sasl2 with MySQL without pam in the debian 4.0 but I did not have sucess.
    I did not have success in making the user to use the smtp authentication. Somebody can help ? :)

    I did install the following packages:
    #apt-get install libsasl2-modules-sql libsasl2-modules libsasl2-2 libsasl2 libsasl2-dev libsasl2-modules sasl2-bin

    "postfix/smtpd[3393]: sql plugin trying to open db 'postfix' on host 'localhost'
    postfix/smtpd[3393]: sql plugin could not connect to host localhost "

    my confs:
    pwcheck_method: auxprop
    auxprop_plugin: sql
    sql_engine: mysql
    sql_user: postfix
    sql_passwd: xxxx
    sql_database: postfix
    sql_select: SELECT password FROM mailbox WHERE username = '%[email protected]%r'
    sql_verbose: yes

    OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"

    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    smtpd_sasl_local_domain = $myhostname
  2. falko

    falko Super Moderator ISPConfig Developer

    What's the output of
    netstat -tap
  3. matulio

    matulio New Member

    Hello, Falko, thanks for reply.

    I followed your tutorial, but I tried to use sasl without pam.

    is this the output of netstat -tap
    11:56:02 [email protected] marte :~ # netstat -tap
    Active Internet connections (servers and established)
    Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
    tcp 0 0 localhost:mysql *:* LISTEN 2450/mysqld
    tcp 0 0 marte.domain:domain *:* LISTEN 2359/named
    tcp 0 0 localhost:domain *:* LISTEN 2359/named
    tcp 0 0 *:smtp *:* LISTEN 2687/master
    tcp 0 0 localhost:953 *:* LISTEN 2359/named
    tcp6 0 0 *:imaps *:* LISTEN 2593/couriertcpd
    tcp6 0 0 *:imap2 *:* LISTEN 2581/couriertcpd
    tcp6 0 0 *:www *:* LISTEN 2785/apache2
    tcp6 0 0 *:domain *:* LISTEN 2359/named
    tcp6 0 0 *:ssh *:* LISTEN 2712/sshd
    tcp6 0 0 *:smtp *:* LISTEN 2687/master
    tcp6 0 0 ip6-localhost:953 *:* LISTEN 2359/named
  4. falko

    falko Super Moderator ISPConfig Developer

    Hm, MySQL is listening on localhost... :confused:
  5. matulio

    matulio New Member

    hello, Falko, thanks again for reply.

    yes, mysql is running in the same machine of postfix

    is not correct listen on localhost ?

    what should I need to do ?

    ps: sorry for my english.
  6. geekman

    geekman New Member

    Have you tried making sure you can connect with the mysql client with the details you provided? Example:

    mysql -u postfix -p <password>
    use postfix;
    Then a test query too:
    SELECT password FROM mailbox WHERE username = '<test username>';

    You could do that to verify that you can in fact connect normally, though it's probably not the case that you can't connect it's always good to eliminate possibilities.

    Of course if you can't connect then you may be looking at problems with your MySQL installation, or a typo.

  7. gosi

    gosi New Member

    yes, I think so:

    postfix runs in a chroot jail, so localhost will not work, unless you do the following:

    # mkdir -p /var/spool/postfix/var/run/mysqld
    # chown mysql /var/spool/postfix/var/run/mysqld
    # ln /var/run/mysqld/mysqld.sock /var/spool/postfix/var/run/mysqld/

    since the socket will be recreated every time MySQL restarts, so its best to add that lines into /etc/mysql/debian-start just before "exit 0":

    # rm -rf /var/spool/postfix/var/run/mysqld/mysqld.sock
    # ln /var/run/mysqld/mysqld.sock /var/spool/postfix/var/run/mysqld/mysqld.sock

    pasted from:

    and btw: you most likely won´t need saslauthdaemon running ... postfix directly interfaces with the authentication plugins from sasl.
  8. matulio

    matulio New Member

    I will try.
    thank you :)
  9. gosi

    gosi New Member

    well if that doesn´t work, you should check the user credentials ...

    just let me know how this story goes, I will stay as long as it takes :)

Share This Page