Vahriç, * Vahriç Muhtaryan <vah...@doruk.net.tr>: > You can find out related out below.
thanks for the debug output. Your config looks okay. Your problem is - as I understand it - you want Cyrus SASL to do something it can't do: 1. If you list more than one host with $sql_hostnames then those hosts will be queried in order listed from left to right. 2. The first host in the list that answers will be used. Any other host will not be queried. 3. It is not possible to query all hosts at the same time. So, if you want to query several MySQL servers at the same time, it cannot be done. All I can think of is moving your data to one SQL server instance. OTOH maybe you can use mysql-proxy <http://forge.mysql.com/wiki/MySQL_Proxy>, configure that to transform the query to query both servers and let SASL query the mysql-proxy. HTH, p...@rick > Regards > Vahric > > [r...@postfix-auth1 ~]# ./saslfinger-1.0.3/saslfinger -s > saslfinger - postfix Cyrus sasl configuration Wed Nov 25 18:47:20 EET 2009 > version: 1.0.2 > mode: server-side SMTP AUTH > > -- basics -- > Postfix: 2.5.9 > System: CentOS release 5.4 (Final) > > -- smtpd is linked to -- > libsasl2.so.2 => /usr/lib64/libsasl2.so.2 (0x0000003dfba00000) > > -- active SMTP AUTH and TLS parameters for smtpd -- > broken_sasl_auth_clients = yes > smtpd_sasl_auth_enable = yes > > > -- listing of /usr/lib64/sasl2 -- > total 3500 > drwxr-xr-x 2 root root 4096 Nov 22 23:17 . > drwxr-xr-x 55 root root 36864 Nov 21 04:03 .. > -rwxr-xr-x 1 root root 890 Sep 4 03:04 libanonymous.la > -rwxr-xr-x 1 root root 15880 Sep 4 03:05 libanonymous.so > -rwxr-xr-x 1 root root 15880 Sep 4 03:05 libanonymous.so.2 > -rwxr-xr-x 1 root root 15880 Sep 4 03:05 libanonymous.so.2.0.22 > -rwxr-xr-x 1 root root 876 Sep 4 03:04 libcrammd5.la > -rwxr-xr-x 1 root root 19264 Sep 4 03:05 libcrammd5.so > -rwxr-xr-x 1 root root 19264 Sep 4 03:05 libcrammd5.so.2 > -rwxr-xr-x 1 root root 19264 Sep 4 03:05 libcrammd5.so.2.0.22 > -rwxr-xr-x 1 root root 899 Sep 4 03:04 libdigestmd5.la > -rwxr-xr-x 1 root root 48520 Sep 4 03:05 libdigestmd5.so > -rwxr-xr-x 1 root root 48520 Sep 4 03:05 libdigestmd5.so.2 > -rwxr-xr-x 1 root root 48520 Sep 4 03:05 libdigestmd5.so.2.0.22 > -rwxr-xr-x 1 root root 939 Sep 4 03:04 libgssapiv2.la > -rwxr-xr-x 1 root root 28096 Sep 4 03:05 libgssapiv2.so > -rwxr-xr-x 1 root root 28096 Sep 4 03:05 libgssapiv2.so.2 > -rwxr-xr-x 1 root root 28096 Sep 4 03:05 libgssapiv2.so.2.0.22 > -rwxr-xr-x 1 root root 883 Sep 4 03:04 libldapdb.la > -rwxr-xr-x 1 root root 17736 Sep 4 03:05 libldapdb.so > -rwxr-xr-x 1 root root 17736 Sep 4 03:05 libldapdb.so.2 > -rwxr-xr-x 1 root root 17736 Sep 4 03:05 libldapdb.so.2.0.22 > -rwxr-xr-x 1 root root 862 Sep 4 03:04 liblogin.la > -rwxr-xr-x 1 root root 16448 Sep 4 03:05 liblogin.so > -rwxr-xr-x 1 root root 16448 Sep 4 03:05 liblogin.so.2 > -rwxr-xr-x 1 root root 16448 Sep 4 03:05 liblogin.so.2.0.22 > -rwxr-xr-x 1 root root 864 Sep 4 03:04 libntlm.la > -rwxr-xr-x 1 root root 32704 Sep 4 03:05 libntlm.so > -rwxr-xr-x 1 root root 32704 Sep 4 03:05 libntlm.so.2 > -rwxr-xr-x 1 root root 32704 Sep 4 03:05 libntlm.so.2.0.22 > -rwxr-xr-x 1 root root 862 Sep 4 03:04 libplain.la > -rwxr-xr-x 1 root root 16416 Sep 4 03:05 libplain.so > -rwxr-xr-x 1 root root 16416 Sep 4 03:05 libplain.so.2 > -rwxr-xr-x 1 root root 16416 Sep 4 03:05 libplain.so.2.0.22 > -rwxr-xr-x 1 root root 936 Sep 4 03:04 libsasldb.la > -rwxr-xr-x 1 root root 893304 Sep 4 03:05 libsasldb.so > -rwxr-xr-x 1 root root 893304 Sep 4 03:05 libsasldb.so.2 > -rwxr-xr-x 1 root root 893304 Sep 4 03:05 libsasldb.so.2.0.22 > -rwxr-xr-x 1 root root 878 Sep 4 03:04 libsql.la > -rwxr-xr-x 1 root root 24808 Sep 4 03:05 libsql.so > -rwxr-xr-x 1 root root 24808 Sep 4 03:05 libsql.so.2 > -rwxr-xr-x 1 root root 24808 Sep 4 03:05 libsql.so.2.0.22 > -rw-r--r-- 1 root root 25 Mar 15 2007 Sendmail.conf > -rw-r--r-- 1 root root 280 Nov 22 23:17 smtpd.conf > > -- listing of /usr/lib/sasl2 -- > total 3440 > drwxr-xr-x 2 root root 4096 Nov 20 13:43 . > drwxr-xr-x 50 root root 28672 Nov 20 13:43 .. > -rwxr-xr-x 1 root root 884 Sep 4 03:04 libanonymous.la > -rwxr-xr-x 1 root root 14372 Sep 4 03:04 libanonymous.so > -rwxr-xr-x 1 root root 14372 Sep 4 03:04 libanonymous.so.2 > -rwxr-xr-x 1 root root 14372 Sep 4 03:04 libanonymous.so.2.0.22 > -rwxr-xr-x 1 root root 870 Sep 4 03:04 libcrammd5.la > -rwxr-xr-x 1 root root 16832 Sep 4 03:04 libcrammd5.so > -rwxr-xr-x 1 root root 16832 Sep 4 03:04 libcrammd5.so.2 > -rwxr-xr-x 1 root root 16832 Sep 4 03:04 libcrammd5.so.2.0.22 > -rwxr-xr-x 1 root root 893 Sep 4 03:04 libdigestmd5.la > -rwxr-xr-x 1 root root 47172 Sep 4 03:04 libdigestmd5.so > -rwxr-xr-x 1 root root 47172 Sep 4 03:04 libdigestmd5.so.2 > -rwxr-xr-x 1 root root 47172 Sep 4 03:04 libdigestmd5.so.2.0.22 > -rwxr-xr-x 1 root root 933 Sep 4 03:04 libgssapiv2.la > -rwxr-xr-x 1 root root 26496 Sep 4 03:04 libgssapiv2.so > -rwxr-xr-x 1 root root 26496 Sep 4 03:04 libgssapiv2.so.2 > -rwxr-xr-x 1 root root 26496 Sep 4 03:04 libgssapiv2.so.2.0.22 > -rwxr-xr-x 1 root root 877 Sep 4 03:04 libldapdb.la > -rwxr-xr-x 1 root root 15484 Sep 4 03:04 libldapdb.so > -rwxr-xr-x 1 root root 15484 Sep 4 03:04 libldapdb.so.2 > -rwxr-xr-x 1 root root 15484 Sep 4 03:04 libldapdb.so.2.0.22 > -rwxr-xr-x 1 root root 856 Sep 4 03:04 liblogin.la > -rwxr-xr-x 1 root root 14752 Sep 4 03:04 liblogin.so > -rwxr-xr-x 1 root root 14752 Sep 4 03:04 liblogin.so.2 > -rwxr-xr-x 1 root root 14752 Sep 4 03:04 liblogin.so.2.0.22 > -rwxr-xr-x 1 root root 858 Sep 4 03:04 libntlm.la > -rwxr-xr-x 1 root root 31548 Sep 4 03:04 libntlm.so > -rwxr-xr-x 1 root root 31548 Sep 4 03:04 libntlm.so.2 > -rwxr-xr-x 1 root root 31548 Sep 4 03:04 libntlm.so.2.0.22 > -rwxr-xr-x 1 root root 856 Sep 4 03:04 libplain.la > -rwxr-xr-x 1 root root 14848 Sep 4 03:04 libplain.so > -rwxr-xr-x 1 root root 14848 Sep 4 03:04 libplain.so.2 > -rwxr-xr-x 1 root root 14848 Sep 4 03:04 libplain.so.2.0.22 > -rwxr-xr-x 1 root root 930 Sep 4 03:04 libsasldb.la > -rwxr-xr-x 1 root root 905200 Sep 4 03:04 libsasldb.so > -rwxr-xr-x 1 root root 905200 Sep 4 03:04 libsasldb.so.2 > -rwxr-xr-x 1 root root 905200 Sep 4 03:04 libsasldb.so.2.0.22 > -rwxr-xr-x 1 root root 878 Sep 4 03:04 libsql.la > -rwxr-xr-x 1 root root 23080 Sep 4 03:04 libsql.so > -rwxr-xr-x 1 root root 23080 Sep 4 03:04 libsql.so.2 > -rwxr-xr-x 1 root root 23080 Sep 4 03:04 libsql.so.2.0.22 > > -- listing of /etc/sasl2 -- > total 16 > drwxr-xr-x 2 root root 4096 Nov 20 13:43 . > drwxr-xr-x 82 root root 4096 Nov 25 18:20 .. > > > > > -- content of /usr/lib64/sasl2/smtpd.conf -- > log_level: 7 > pwcheck_method: auxprop > auxprop_plugin: sql > mech_list: plain login > sql_engine: mysql > sql_hostnames: (212.58.4.184:3306,212.58.4.247:3306) > sql_user: --- replaced --- > sql_passwd: --- replaced --- > sql_database: postfix > sql_select: select clear from postfix_smtp where email='%...@%r' > > > -- active services in /etc/postfix/master.cf -- > # service type private unpriv chroot wakeup maxproc command + args > # (yes) (yes) (yes) (never) (100) > smtp inet n - n - - smtpd > pickup fifo n - n 60 1 pickup > cleanup unix n - n - 0 cleanup > qmgr fifo n - n 300 1 qmgr > tlsmgr unix - - n 1000? 1 tlsmgr > rewrite unix - - n - - trivial-rewrite > bounce unix - - n - 0 bounce > defer unix - - n - 0 bounce > trace unix - - n - 0 bounce > verify unix - - n - 1 verify > flush unix n - n 1000? 0 flush > proxymap unix - - n - - proxymap > proxywrite unix - - n - 1 proxymap > smtp unix - - n - - smtp > relay unix - - n - - smtp > -o smtp_fallback_relay= > showq unix n - n - - showq > error unix - - n - - error > retry unix - - n - - error > discard unix - - n - - discard > local unix - n n - - local > virtual unix - n n - - virtual > lmtp unix - - n - - lmtp > anvil unix - - n - 1 anvil > scache unix - - n - 1 scache > > -- mechanisms on localhost -- > 250-AUTH LOGIN PLAIN > 250-AUTH=LOGIN PLAIN > > > -- end of saslfinger output -- > > -----Original Message----- > From: owner-postfix-us...@postfix.org > [mailto:owner-postfix-us...@postfix.org] On Behalf Of Patrick Ben Koetter > Sent: Tuesday, November 24, 2009 11:08 PM > To: postfix-users@postfix.org > Subject: Re: About SMTP Auth with Mysql > > * Vahriç Muhtaryan <vah...@doruk.net.tr>: > > Any postfix guy have a knowledge about this issue > > Really I would like to solve this and debug > > Actually smtp -v do not show the problem also verbose mode to for sasl > > Any idea ? > > It is the Postfix smtpd-daemon and not the smtp-client. If you debug add "-v" > to smtpd, not smtp. > > Download saslfinger and run it: > > saslfinger (debugging SMTP AUTH): > <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/> > > Send debug output to the list. > > > -----Original Message----- > > From: owner-postfix-us...@postfix.org > > [mailto:owner-postfix-us...@postfix.org] On Behalf Of Vahriç Muhtaryan > > Sent: Sunday, November 22, 2009 11:21 PM > > To: 'Patrick Ben Koetter'; postfix-users@postfix.org > > Subject: RE: About SMTP Auth with Mysql > > > > I hope that until find the right mailbox and pass it should query each > > setted mysql server but not ! > > For to be sure I'm sending different mailbox name and password and wait > > postfix make query step by step but not. > > I told you before with different syntax postfix do differnt actions > > I don't know this is really postfix problem our cyrus problem but I couldn'T > > find any solution > > When you check cyrus docs my sytax is ok but its not working > > İts drive me crazy > > Sorry, but I don't understand what you write. > > p...@rick > > > > > > > > > Regards > > Vahric > > > > -----Original Message----- > > From: owner-postfix-us...@postfix.org > > [mailto:owner-postfix-us...@postfix.org] On Behalf Of Patrick Ben Koetter > > Sent: Sunday, November 22, 2009 4:44 PM > > To: postfix-users@postfix.org > > Subject: Re: About SMTP Auth with Mysql > > > > * Vahriç Muhtaryan <vah...@doruk.net.tr>: > > > Hi, > > > > > > (212.58.4.184,212.58.4.247) not worked > > > (212.58.4.184:3306,212.58.4.247:3306)query arrive to 4.247 but not to 184 > > > 212.58.4.184:3306,212.58.4.247:3306 query arrive to 4.184 but not to 247 > > > 212.58.4.184:3306 212.58.4.247:3306 query arrive to 4.184 but not to 247 > > > sql_hostnames: 212.58.4.184 212.58.4.247 query arrive to 4.184 but not to > > > 247 > > > > How did you test? > > > > Just in case you think it should query both servers at the same time: No, > > it's > > not supposed to do that. > > > > If the 1st server in the list is inaccessible, it should try the second. > > > > Have you tested that? > > > > p...@rick > > > > -- > > All technical questions asked privately will be automatically answered on > > the > > list and archived for public access unless privacy is explicitely required > > and > > justified. > > > > saslfinger (debugging SMTP AUTH): > > <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/> > > > > -- > All technical questions asked privately will be automatically answered on the > list and archived for public access unless privacy is explicitely required and > justified. > > saslfinger (debugging SMTP AUTH): > <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/> > -- state of mind Digitale Kommunikation http://www.state-of-mind.de Franziskanerstraße 15 Telefon +49 89 3090 4664 81669 München Telefax +49 89 3090 4666 Amtsgericht München Partnerschaftsregister PR 563