Re: [courier-users] Courier-imap and authmysql
A couple of things to check... a) make sure version in authdaemonrc is set to authdaemond.mysql... If I understood correctly courier-imap will otherwise start the first authdaemond it will find in the directory and only authdaemond.mysql can authenticate via mysql (and all the other light weight methodes you've defined while compiling) b) make sure MYSQL_SERVER, MYSQL_USERNAME and MYSQL_PASSWORD are correct, and ARE NOT followed by any white space. c) If you are using MYSQL_SOCKET make sure it points to socket file (The pre defined location in authmysqlrc did not match with my setup for instance) d) Trun DEBUG_LOGIN on to 1 or 2 so you can check wether you have sent the right username and password (not really relevant for you, since you don't get any queries to you mysql server at all) If above suggestions do not help to solve your problem post the relevant configuration files, and maybe somebody can spot your problem. grz, Onno I've setup a new mailserver with postfix-courier and mysql. The full postfix configuration works fine. Sending mail to server.domain -- postfix checks the user in mysql (virtual_mailbox) and delivers correctly to the maildir. The problem comes with courier and authmysql. In the authdaemonrc file, the following is set : authmodulelist=authmysql authpam Doing this (with a presumably correct authmysqlrc file) doesn't work. Syslog says : incorrect login. Mysql logging : nothing happened over here (not even a connection) Switching the authmodulelist (like hereunder) authmodulelist=authpam authmysql seems to work fine (with locally created users however). Starting the authdaemon doesn't give errors, so i can't really see the reason of this malfunctioning. Has anyone got an idea? Greetings, Ignace Quaghebeur Attention: The information contained in this message and or attachments is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any system and destroy any copies. Jetair, its subsidiaries and/or its employees shall not be liable for the incorrect or incomplete transmission of this e-mail or any attachments, nor responsible for any delay in receipt. This e-mail message has been scanned for viruses. --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] mysql auth not working - updated
I had a look at your configuration. I asume you were just mistaking the filenames of the contents of you config files (authmysqlrc should have been authdaemondrc and authdaemondrc should have been imapd) I had a look at you my sql contents as well and I noticed you use the mysql password function to insert the crypt password. I think I have read some where you should use the mysql encrypt(YourPasswordGoesHere) function. That is what I use and seems to work.. It could explain your problem. grz, Onno --- Pedro Venda [EMAIL PROTECTED] wrote: On Sun, 2 Feb 2003 04:25:09 -0800 (PST) Onno [EMAIL PROTECTED] wrote: I had a look at a mysql log of my courier-imap installation. And to authenticate 1 user it uses only 1 query (as it should) i read the faq, and there is a place where this is explained. There are, in fact, 3 queries... 1 to look for the user in the database, one for the alias/domain/virtual redirection and another for the password confirmation. I see only one. and it is just like yours. Query: SELECT id, crypt, clear, uid, gid, home, , , name FROM users WHERE id = JohnDoe In regard to debugging info you can turn on a debugging option in etc/imapd set DEBUG_LOGIN=2 and the username and password will show up in you maillog (Remember to turn this off after your done)... yes, i have it like that already, but it does not tell me much... all it says is (like): Feb 2 01:02:04 gateway imapd: Connection, ip=[:::192.168.0.1] Feb 2 01:02:04 gateway imapd: LOGIN: DEBUG: ip=[:::192.168.0.1], command=CAPABILITY Feb 2 01:02:04 gateway imapd: LOGIN: DEBUG: ip=[:::192.168.0.1], command=LOGIN Feb 2 01:02:04 gateway imapd: LOGIN: DEBUG: ip=[:::192.168.0.1], username=testuser Feb 2 01:02:04 gateway imapd: LOGIN: DEBUG: ip=[:::192.168.0.1], password=password Feb 2 01:02:09 gateway imapd: LOGIN FAILED, ip=[:::192.168.0.1] Feb 2 01:02:09 gateway imapd: LOGIN: DEBUG: ip=[:::192.168.0.1], command=LOGOUT Feb 2 01:02:09 gateway imapd: LOGOUT, ip=[:::192.168.0.1] and the sql log for the same failure is as follows: 030202 1:02:04 20 Connect courier_user@localhost on 20 Init DB maildb 20 Query SELECT id, crypt, clear, uid, gid, home, maildir, quota, name FROM users WHERE id = testuser AND (imapok=1 AND mailok=1) more sql info: mysql select id,address,crypt,name,uid,gid,home,imapok,mailok from maildb.users; +--+---+--+---+--+--++++ | id | address | crypt | name | uid | gid | home | imapok | mailok | +--+---+--+---+--+--++++ | testuser | testuser@FQDN | 5d2e19393cc5ef67 | test user | 1001 | 1001 | /home/testuser | 1 | 1 | +--+---+--+---+--+--++++ 1 row in set (0.01 sec) mysql (please note that the logged query can be successfully executed, so i know the query is valid AND it returns a result - maybe i am wrong... but with the data i have, i guess the query is ok) this is like a real user in the system (testuser). it is not because of security considerations (i changed username+password) but settings are coherent. In the case i present, password(password) matches the table i show you, so this is a good forgery!! if this doen't help solving the problem post the relevant config and log files, maybe somebody can spot your problem that way here you are! thank you for the help. i am still getting auth failures like: root@gateway:~$ telnet localhost 143 Trying ::1... telnet: connect to address ::1: No route to host Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. * OK Courier-IMAP ready. Copyright 1998-2003 Double Precision, Inc. See COPYING for distribution information. . login testuser password . NO Login failed. . logout * BYE Courier-IMAP server shutting down . OK LOGOUT completed Connection closed by foreign host. root@gateway:~$ the running processes are ok: root@gateway:~$ ps ax | grep mysql 681 p0 S 0:00.02 /usr/local/services/courier-imap-1.7.0/libexec/authlib/authdaemond.mysql start 683 p0 S 0:00.04 /usr/local/services/courier-imap-1.7.0/libexec/authlib/authdaemond.mysql start 684 p0 S 0:00.04 /usr/local/services/courier-imap-1.7.0/libexec/authlib/authdaemond.mysql start 685 p0 S 0:00.04 /usr/local/services/courier-imap-1.7.0/libexec/authlib/authdaemond.mysql start 686 p0 S 0:00.03 /usr/local/services/courier-imap-1.7.0/libexec/authlib
Re: [courier-users] mysql auth not working - updated
I had a look at a mysql log of my courier-imap installation. And to authenticate 1 user it uses only 1 query (as it should) Query: SELECT id, crypt, clear, uid, gid, home, , , name FROM users WHERE id = JohnDoe In regard to debugging info you can turn on a debugging option in etc/imapd set DEBUG_LOGIN=2 and the username and password will show up in you maillog (Remember to turn this off after your done)... if this doen't help solving the problem post the relevant config and log files, maybe somebody can spot your problem that way grz, Onno --- Pedro Venda [EMAIL PROTECTED] wrote: hi everyone! i am using courier imap 1.7.0 with authmysql. although it compiled fine (unlike courier imap 1.6.2 which hanged in the configure script... for which i found a solution but nobody cared, until courier imap 1.7.0 came fixed) i cannot access my mailboxes via authmysql. checking the maillog entries, i found out that the users are not being authenticated. i use encrypted passwords for everyone, but i can't seem to find any more debug info about this... after further investigation, i found out... well... nothing! i can see the queries via the mysql query-log feature, but i cannot see the results of those queries. I notice that the queries are made like: select field1,id,crypt,clear,field2,field3,... from users where id='username' and (imapok=1 and mailok=1) (imapok and mailok are booleans i created). Shouldn't the query use a where id='username' and crypt=password('password') instead of where id='username'? How many queries are made to a database in a sane (working) installation of courier with authmysql? note: i configured authmysqlrc, authdaemonrc and imapd. Are there any more configurations necessary? I think i am not forgetting anything... can anyone give me a hand on this? thank you! --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] mysql auth not working
Start mysql with (query) logging enabled, that way you can easily find out, which query courier-imap is using (If it can query mysql at all) grz, Onno --- Pedro Venda [EMAIL PROTECTED] wrote: hi everyone! i am using courier imap 1.7.0 with authmysql. although it compiled fine (unlike courier imap 1.6.2 which hanged in the configure script... for which i found a solution but nobody cared, until courier imap 1.7.0 came fixed) i cannot access my mailboxes via authmysql. checking the maillog entries, i found out that the users are not being authenticated. i use encrypted passwords for everyone, but i can't seem to find any more debug info about this... can anyone give me a hand on this? thank you! --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Re: imap mysql authentication problem
I tried this, but didn't work. I still can't authenticate users via mysql. In this case I can't even authenticate users from the local machine anymore. Any more suggestions? grz, Onno --- Sam Varshavchik [EMAIL PROTECTED] wrote: Onno writes: AUTHDAEMONRC: authmodulelist=authcustom authcram authuserdb authldap authpam authmysql List authmysql and authldap first. __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com --- This SF.NET email is sponsored by: Take your first step towards giving your online business a competitive advantage. Test-drive a Thawte SSL certificate - our easy online guide will show you how. Click here to get started: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0027en ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] imap mysql authentication problem
For a while now, I am working on a mailserver setup using postfix, maildrop, imap and mysql. Most of it is working fine now, but I'm not able to authenticate my users with the use of a mysql database. As a local user I can be authenticated It seems to be a problem reported a couple of times but none of them have any followups which reveal an answer to my problem maybe you can help. THE STORY IN A LITTLE MORE DETAIL: if I telnet and LOGIN as a local user I get accepted $ telnet localhost imap Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. * OK Courier-IMAP ready. Copyright 1998-2002 Double Precision, Inc. See COPYING for distribution information. a LOGIN onno password a OK LOGIN Ok. but If I telnet and LOGIN as a user from the mysql database I'm not accepted $ telnet localhost imap Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. * OK Courier-IMAP ready. Copyright 1998-2002 Double Precision, Inc. See COPYING for distribution information. a LOGIN test test a NO Login failed. I have changed the DEBUG_LOGIN=2 paramter in etc/imapd and I find in /var/log/maillog Jan 13 17:14:25 fire imapd: Connection, ip=[:::127.0.0.1] Jan 13 17:14:33 fire imapd: LOGIN: DEBUG: ip=[:::127.0.0.1], command=LOGIN Jan 13 17:14:33 fire imapd: LOGIN: DEBUG: ip=[:::127.0.0.1], username=test Jan 13 17:14:33 fire imapd: LOGIN: DEBUG: ip=[:::127.0.0.1], password=test Jan 13 17:14:38 fire imapd: LOGIN FAILED, ip=[:::127.0.0.1] I have also setup the logging for mysql and although it logs all other database actions it doesn't show any sign of imap trying to access the mysql database. I have tried verius authmysqlrc options. Using the socket, using the port, different usernames, servernames etc all with no change in the result. If you've got any ideas, let me know (see below for some the fine details) grz, Onno THE FINE DETAILS: OS: RedHat 7.3 Kernel: 2.4.18 courier-imap-1.6.2-1.7.3 (build as rpm from source) mysql: 3.23.49 (rpm build by RedHat) gcc: 2.96-113 AUTHDAEMONRC: authmodulelist=authcustom authcram authuserdb authldap authpam authmysql authmodulelistorig=authcustom authcram authuserdb authldap authmysql authpam daemons=5 version=authdaemond.mysql authdaemonvar=/var/run/authdaemon.courier-imap AUTHMYSQLRC: MYSQL_SERVER localhost MYSQL_USERNAME root MYSQL_PASSWORD * #MYSQL_SOCKET /var/lib/mysql/mysql.sock MYSQL_PORT 3306 #MYSQL_OPT 0 MYSQL_DATABASE maildb MYSQL_USER_TABLEusers MYSQL_CLEAR_PWFIELD clear MYSQL_UID_FIELD uid MYSQL_GID_FIELD gid MYSQL_LOGIN_FIELD id MYSQL_HOME_FIELDhome #MYSQL_MAILDIR_FIELD maildir mysql: db - maildb table - users mysql select id,clear,uid,gid,home,maildir from users +--+---+-+-+--+---+ | id | clear | uid | gid | home | maildir | +--+---+-+-+--+---+ | test | test | 502 | 502 | /home/vmail/test | test/Maildir/ | +--+---+-+-+--+---+ 1 row in set (0.00 sec) __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com --- This SF.NET email is sponsored by: FREE SSL Guide from Thawte are you planning your Web Server Security? Click here to get a FREE Thawte SSL guide and find the answers to all your SSL security issues. http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0026en ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users