postfix smtp authentication using mysql stored user/pass

rtresidd · *nix forums beginner Joined: 03 Oct 2008 Posts: 1

OK I'm stumped I've tried dozens of things to get this to work.
Background.
Fedora 9 with it's postfix rpms's etc. I checked the spec files from the source and they seem to include everything that is needed..
Additional packages that were installed via srpm include courier-authlib courier-imap and maildrop.
I'm trying to get postfix's smtp server to authenticate the user with method plain login. No crypt as I will force TLS (when I get it going)
The usernames / passwords etc are stored in a mysql table. This same table etc is being used for courier imap authentication etc as per the postfixvirtual setup on http://www.postfixvirtual.net/
There seems to be multiple references to a smtp.conf file that is to do with SASL/ SASL2 that contains the following:

pwcheck_method: auxprop
auxprop_plugin: sql
mech_list: plain login
sql_engine: mysql
sql_hostnames: localhost
sql_user: vmailuser
sql_passwd: password123
sql_database: mail
sql_select: select clear from postfix_users where email='%u@%r' and smtpaccess='Y'

it seems however that this particular sql query never gets executed anywhere.... where does it fit in??
I've linked the same file around to numerous places /etc/sasl2 folder, /usr/lib/sasl2 folder etc etc

Yes I have the sasl enabled lines etc correct (as far as I can tell) in main.cf
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated, reject_unauth_destination,permit

It seems that smtp is going down the pam.d path (fair enough as /etc/sysconfig/sasluthd is setup to use pam) and using the /etc/pam.d/smtp file.

I've tried putting a select into the pam.d file using the pam_mysql.so? module. which I installed seperately via another rpm.
auth required pam_mysql.so user=vmailuser password=password123 db=mail table=postfix_users usercolumn=email passwdcolumn=clear crypt=0

Then using
testsaslauthd -u testuser -r mydomain.com.au -p password123 -s smtp
I would get login failed also tried
testsaslauthd -u "testuser@mydomain.com.au" -p password123 -s smtp
which also failed
my mysql log showed that the correct sql query was triggered But the secure log said that authentication failed with
saslauthd : pam_mysql - SELECT returned no result.
arrrrrr hair pulling..
(I can run the identical query in mysql and get a result with the password, cutting and pasting what sasl requested directly into mysql)

If I give postfix a unix user for authentication it has no problem and authenticates correctly via pam.

Sorry if this sounds a bit confusing But I must have read and tried hundreds of things over the past few days and I just can't seem to get it to work.

BTW courier imap authenticates correctly using the mysql tables.. Seems it uses authdaemon to do it's authentication??? I've tried putting the authdaemon stuff in the sasl smtp.conf file also and that doesn't work..

Help Confused

Cheers
Richard

Google