I am in the process of migrating my mail server from Ubuntu Dapper to Debian Etch (Ubuntu dropped PPC support and I just got a G4 to play with, so switching architectures too). For the most part everything has been as painless as copying the appropriate configuration files and installing the requisite packages. One thing I'm having trouble with is getting postfix to authenticate users using sasl reading from a mysql backend when they send mail (using squirrelmail to send).
<br><br>When I try to send from squirrelmail I get the following error:<br>Authentication failed<br>Server replied: 535 5.7.0 Error: authentication failed: authentication failure<br><br>Checking the log files says the same thing:
<br>May 17 17:33:48 g4 postfix/smtpd[3286]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory<br>May 17 17:33:48 g4 postfix/smtpd[3286]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
<br><br>I've been digging around the Internet looking for an answer all afternoon and comparing the configuration between the two systems. The configuration for the pieces of the mail system is almost identical (by virtue of having copied the files directly w/ minimal modification). The configuration works flawlessly on the old system; Squirrelmail authenticates with postfix, which uses sasl to query mysql. Judging from the error messages that show up in the mail logs, it makes me think that sasl is trying to authenticate against its own (non-existent) user database rather than sql. The sasl bits of the /etc/postfix/main.cf are as follows:
<br><br># sasl stuff (per the howto)<br>smtpd_sasl_auth_enable = yes<br>broken_sasl_auth_clients = yes<br># below line was previous working config, changed to see if there is any effect.<br>#smtpd_sasl_path = /etc/postfix/sasl:/usr/lib/sasl2
<br>smtpd_sasl_path = /etc/postfix/sasl<br>smtpd_sasl_security_options = noanonymous<br>smtpd_sasl_local_domain =<br><br>/etc/postfix/sasl/smtpd.conf is the file that should be referenced by the smtpd_sasl_path in <a href="http://main.cf">
main.cf</a>. It's contents are as follows:<br><br>pwcheck_method: auxprop<br>auxprop_plugin: sql<br>mech_list: plain login cram-md5 digest-md5<br>sql_engine: mysql<br>sql_hostnames: <a href="http://127.0.0.1">127.0.0.1
</a><br>sql_user: xyzuser<br>sql_passwd: xyzpass<br>sql_database: maildb<br>sql_select: select clear from users where id='%u@%r' and enabled = 1<br><br>FWIW, Squirrelmail is attempting to authenticate with DIGEST-MD5. I believe I have the required packages installed on the new system, the relevant version numbers are:
<br><br>new: libsasl2-2 2.1.22<br>old: libsasl2 2.1.19<br><br>new: libsasl2-modules-sql 2.1.22<br>old: libsasl2-modules-sql 2.1.19<br><br>new: postfix 2.3.8<br>old: postfix 2.2.10<br><br>If anyone has any thoughts on this, i would really love to hear them as I'd really like to be able to send mail again.
<br><br>Cheers,<br><br>Tom Johnson<br><br><br><br>