Re: [courier-users] Courier-imap and authmysql

[Onno]

A couple of things to check...
a) make sure version in authdaemonrc is set to
authdaemond.mysql... If I understood correctly
courier-imap will otherwise start the first
authdaemond it will find in the directory and only
authdaemond.mysql can authenticate via mysql (and all
the other light weight methodes you've defined while
compiling)

b) make sure MYSQL_SERVER, MYSQL_USERNAME and
MYSQL_PASSWORD are correct, and ARE NOT followed by
any white space.

c) If you are using MYSQL_SOCKET make sure it points
to  socket file (The pre defined location in
authmysqlrc did not match with my setup for instance)

d) Trun DEBUG_LOGIN on to 1 or 2 so you can check
wether you have sent the right username and password
(not really relevant for you, since you don't get any
queries to you mysql server at all)


If above suggestions do not help to solve your problem
post the relevant configuration files, and maybe
somebody can spot your problem.

grz,
Onno

 I've setup a new mailserver with postfix-courier and
 mysql.
 The full postfix configuration works fine.
 Sending mail to server.domain -- postfix checks the
 user in mysql 
 (virtual_mailbox) and delivers correctly to the
 maildir.
 
 The problem comes with courier and authmysql.
 In the authdaemonrc file, the following is set :
  authmodulelist=authmysql authpam
 Doing this (with a presumably correct authmysqlrc
 file) doesn't work.
 Syslog says : incorrect login.
 Mysql logging : nothing happened over here (not even
 a connection)
 Switching the authmodulelist (like hereunder)
  authmodulelist=authpam authmysql
 seems to work fine (with locally created users
 however).
 
 Starting the authdaemon doesn't give errors, so i
 can't really see the 
 reason of this malfunctioning.
 Has anyone got an idea?
 
 Greetings,
 Ignace Quaghebeur
 
 


 Attention:
 
 The information contained in this message and or
 attachments is intended only for the 
 person or entity to which it is addressed and may
 contain confidential and/or privileged 
 material. Any review, retransmission, dissemination
 or other use of, or taking of any 
 action in reliance upon this information by persons
 or entities other than the intended 
 recipient is prohibited. If you received this in
 error, please contact the sender and 
 delete the material from any system and destroy any
 copies. 
 
 Jetair, its subsidiaries and/or its employees shall
 not be liable for the incorrect or 
 incomplete transmission of this e-mail or any
 attachments, nor responsible for any delay 
 in receipt.
 
 This e-mail message has been scanned for viruses.
 


 
 

---
 This SF.NET email is sponsored by:
 SourceForge Enterprise Edition + IBM + LinuxWorld =
 Something 2 See!
 http://www.vasoftware.com
 ___
 courier-users mailing list
 [EMAIL PROTECTED]
 Unsubscribe:
https://lists.sourceforge.net/lists/listinfo/courier-users


__
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com


---
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
___
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] mysql auth not working - updated

[Onno]

I had a look at your configuration.
I asume you were just mistaking the filenames of the
contents of you config files (authmysqlrc should have
been authdaemondrc and authdaemondrc should have been
imapd)

I had a look at you my sql contents as well and I
noticed you use the mysql password function to insert
the crypt password.
I think I have read some where you should use the
mysql encrypt(YourPasswordGoesHere) function. That
is what I use and seems to work.. It could explain
your problem.

grz,
Onno



--- Pedro Venda [EMAIL PROTECTED] wrote:
 On Sun, 2 Feb 2003 04:25:09 -0800 (PST) Onno
 [EMAIL PROTECTED] wrote:
 
  I had a look at a mysql log of my courier-imap
  installation. And to authenticate 1 user it uses
 only
  1 query (as it should)
 
 i read the faq, and there is a place where this is
 explained. There are, in
 fact, 3 queries... 1 to look for the user in the
 database, one for the
 alias/domain/virtual redirection and another for the
 password confirmation.
 
 I see only one. and it is just like yours.
 
  Query:   SELECT id, crypt, clear, uid, gid,
 home,
  , , name FROM users WHERE id = JohnDoe
  
  In regard to debugging info  you can turn on a
  debugging option in etc/imapd  set
 DEBUG_LOGIN=2
  and the username and password will show up in you
  maillog (Remember to turn this off after your
 done)...
 
 yes, i have it like that already, but it does not
 tell me much... all it
 says is (like):
 
 Feb  2 01:02:04 gateway imapd: Connection,
 ip=[:::192.168.0.1]
 Feb  2 01:02:04 gateway imapd: LOGIN: DEBUG:
 ip=[:::192.168.0.1], command=CAPABILITY
 Feb  2 01:02:04 gateway imapd: LOGIN: DEBUG:
 ip=[:::192.168.0.1], command=LOGIN
 Feb  2 01:02:04 gateway imapd: LOGIN: DEBUG:
 ip=[:::192.168.0.1], username=testuser
 Feb  2 01:02:04 gateway imapd: LOGIN: DEBUG:
 ip=[:::192.168.0.1], password=password
 Feb  2 01:02:09 gateway imapd: LOGIN FAILED,
 ip=[:::192.168.0.1]
 Feb  2 01:02:09 gateway imapd: LOGIN: DEBUG:
 ip=[:::192.168.0.1], command=LOGOUT
 Feb  2 01:02:09 gateway imapd: LOGOUT,
 ip=[:::192.168.0.1]
  
 and the sql log for the same failure is as follows:
 
 030202  1:02:04  20 Connect
 courier_user@localhost on
  20 Init DB maildb
  20 Query   SELECT id,
 crypt, clear, uid, gid,
 home, maildir, quota, name FROM users WHERE id =
 testuser AND (imapok=1 AND mailok=1)
 
 more sql info:
 
 mysql select
 id,address,crypt,name,uid,gid,home,imapok,mailok
 from maildb.users;  


+--+---+--+---+--+--++++
 | id   | address   | crypt  
  | name  | uid  | gid  | home  
 | imapok | mailok |

+--+---+--+---+--+--++++
 | testuser | testuser@FQDN |
 5d2e19393cc5ef67 | test user | 1001 | 1001 |
 /home/testuser |  1 |  1 |

+--+---+--+---+--+--++++
 1 row in set (0.01 sec)
 
 mysql
 
 (please note that the logged query can be
 successfully executed, so i know
 the query is valid AND it returns a result - maybe i
 am wrong... but with
 the data i have, i guess the query is ok)
 
 this is like a real user in the system (testuser).
 it is not because of security
 considerations (i changed username+password) but
 settings are coherent. In
 the case i present, password(password) matches the
 table i show you, so
 this is a good forgery!!
 
  if this doen't help solving the problem post the
  relevant config and log files, maybe somebody can
 spot
  your problem that way
 
 here you are!
 
 thank you for the help. i am still getting auth
 failures like:
 
 root@gateway:~$ telnet localhost 143
 Trying ::1...
 telnet: connect to address ::1: No route to host
 Trying 127.0.0.1...
 Connected to localhost.
 Escape character is '^]'.
 * OK Courier-IMAP ready. Copyright 1998-2003 Double
 Precision, Inc.  See COPYING for distribution
 information.
 . login testuser password
 . NO Login failed.
 . logout
 * BYE Courier-IMAP server shutting down
 . OK LOGOUT completed
 Connection closed by foreign host.
 root@gateway:~$ 
 
 the running processes are ok:
 
 root@gateway:~$ ps ax | grep mysql
   681  p0  S  0:00.02

/usr/local/services/courier-imap-1.7.0/libexec/authlib/authdaemond.mysql
 start
   683  p0  S  0:00.04

/usr/local/services/courier-imap-1.7.0/libexec/authlib/authdaemond.mysql
 start
   684  p0  S  0:00.04

/usr/local/services/courier-imap-1.7.0/libexec/authlib/authdaemond.mysql
 start
   685  p0  S  0:00.04

/usr/local/services/courier-imap-1.7.0/libexec/authlib/authdaemond.mysql
 start
   686  p0  S  0:00.03

/usr/local/services/courier-imap-1.7.0/libexec/authlib

Re: [courier-users] mysql auth not working - updated

[Onno]

I had a look at a mysql log of my courier-imap
installation. And to authenticate 1 user it uses only
1 query (as it should)

Query:   SELECT id, crypt, clear, uid, gid, home,
, , name FROM users WHERE id = JohnDoe

In regard to debugging info  you can turn on a
debugging option in etc/imapd  set DEBUG_LOGIN=2
and the username and password will show up in you
maillog (Remember to turn this off after your done)...


if this doen't help solving the problem post the
relevant config and log files, maybe somebody can spot
your problem that way

grz,
Onno



--- Pedro Venda [EMAIL PROTECTED] wrote:
  hi everyone!
  
  i am using courier imap 1.7.0 with authmysql.
 although it compiled fine
  (unlike courier imap 1.6.2 which hanged in the
 configure script... for
  which i found a solution but nobody cared, until
 courier imap 1.7.0 came
  fixed) i cannot access my mailboxes via authmysql.
  
  checking the maillog entries, i found out that the
 users are not being
  authenticated. i use encrypted passwords for
 everyone, but i can't seem
  to
  find any more debug info about this...
 
 after further investigation, i found out... well...
 nothing! i can see the
 queries via the mysql query-log feature, but i
 cannot see the results of
 those queries. I notice that the queries are made
 like:
 select field1,id,crypt,clear,field2,field3,... from
 users where id='username' and
 (imapok=1 and mailok=1)
 (imapok and mailok are booleans i created).
 Shouldn't the query use a
 where id='username' and crypt=password('password')
 instead of where
 id='username'?
 
 How many queries are made to a database in a sane
 (working) installation of
 courier with authmysql?
 
 note: i configured authmysqlrc, authdaemonrc and
 imapd. Are there any more
 configurations necessary? I think i am not
 forgetting anything...
  
  can anyone give me a hand on this?
  
  thank you!
 
 
 
 
 

---
 This SF.NET email is sponsored by:
 SourceForge Enterprise Edition + IBM + LinuxWorld =
 Something 2 See!
 http://www.vasoftware.com
 ___
 courier-users mailing list
 [EMAIL PROTECTED]
 Unsubscribe:
https://lists.sourceforge.net/lists/listinfo/courier-users


__
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com


---
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
___
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] mysql auth not working

[Onno]

Start mysql with (query) logging enabled, that way you
can easily find out, which query courier-imap is using
(If it can query mysql at all)

grz,
Onno


--- Pedro Venda [EMAIL PROTECTED] wrote:
 hi everyone!
 
 i am using courier imap 1.7.0 with authmysql.
 although it compiled fine
 (unlike courier imap 1.6.2 which hanged in the
 configure script... for
 which i found a solution but nobody cared, until
 courier imap 1.7.0 came
 fixed) i cannot access my mailboxes via authmysql.
 
 checking the maillog entries, i found out that the
 users are not being
 authenticated. i use encrypted passwords for
 everyone, but i can't seem to
 find any more debug info about this...
 
 can anyone give me a hand on this?
 
 thank you!
 
 
 

---
 This SF.NET email is sponsored by:
 SourceForge Enterprise Edition + IBM + LinuxWorld =
 Something 2 See!
 http://www.vasoftware.com
 ___
 courier-users mailing list
 [EMAIL PROTECTED]
 Unsubscribe:
https://lists.sourceforge.net/lists/listinfo/courier-users


__
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com


---
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
___
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Re: [courier-users] Re: imap mysql authentication problem

[Onno]

I tried this, but didn't work. I still can't
authenticate users via mysql. In this case I can't
even authenticate users from the local machine
anymore.
Any more suggestions?

grz,
Onno

--- Sam Varshavchik [EMAIL PROTECTED] wrote:
 Onno writes:
 
  AUTHDAEMONRC:
  authmodulelist=authcustom authcram authuserdb
  authldap authpam authmysql
 
 List authmysql and authldap first.
 


__
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com


---
This SF.NET email is sponsored by: Take your first step towards giving 
your online business a competitive advantage. Test-drive a Thawte SSL 
certificate - our easy online guide will show you how. Click here to get 
started: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0027en
___
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

[courier-users] imap mysql authentication problem

[Onno]

For a while now, I am working on a mailserver setup
using postfix, maildrop, imap and mysql. Most of it is
working fine now, but I'm not able to authenticate my
users with the use of a mysql database. As a local
user I can be authenticated
It seems to be a problem reported a couple of times
but none of them have any followups which reveal an
answer to my problem maybe you can help.


THE STORY IN A LITTLE MORE DETAIL:
if I telnet and LOGIN as a local user I get accepted
$ telnet localhost imap
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK Courier-IMAP ready. Copyright 1998-2002 Double
Precision, Inc.  See COPYING for distribution
information.
a LOGIN onno password
a OK LOGIN Ok.

but If I telnet and LOGIN as a user from the mysql
database I'm not accepted
$ telnet localhost imap
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK Courier-IMAP ready. Copyright 1998-2002 Double
Precision, Inc.  See COPYING for distribution
information.
a LOGIN test test
a NO Login failed.

I have changed the DEBUG_LOGIN=2 paramter in etc/imapd
and I find in /var/log/maillog
Jan 13 17:14:25 fire imapd: Connection,
ip=[:::127.0.0.1]
Jan 13 17:14:33 fire imapd: LOGIN: DEBUG:
ip=[:::127.0.0.1], command=LOGIN
Jan 13 17:14:33 fire imapd: LOGIN: DEBUG:
ip=[:::127.0.0.1], username=test
Jan 13 17:14:33 fire imapd: LOGIN: DEBUG:
ip=[:::127.0.0.1], password=test
Jan 13 17:14:38 fire imapd: LOGIN FAILED,
ip=[:::127.0.0.1]

I have also setup the logging for mysql and although
it logs all other database actions it doesn't show any
sign of imap trying to access the mysql database.

I have tried verius authmysqlrc options. Using the
socket, using the port, different usernames,
servernames etc all with no change in the result.

If you've got any ideas, let me know (see below for
some the fine details)

grz,
Onno


THE FINE DETAILS:
OS: RedHat 7.3
Kernel: 2.4.18
courier-imap-1.6.2-1.7.3 (build as rpm from source)
mysql: 3.23.49 (rpm build by RedHat)
gcc: 2.96-113

AUTHDAEMONRC:
authmodulelist=authcustom authcram authuserdb
authldap authpam authmysql
authmodulelistorig=authcustom authcram authuserdb
authldap authmysql authpam
daemons=5
version=authdaemond.mysql
authdaemonvar=/var/run/authdaemon.courier-imap

AUTHMYSQLRC:
MYSQL_SERVER localhost
MYSQL_USERNAME root
MYSQL_PASSWORD *
#MYSQL_SOCKET /var/lib/mysql/mysql.sock
MYSQL_PORT  3306
#MYSQL_OPT  0
MYSQL_DATABASE  maildb
MYSQL_USER_TABLEusers
MYSQL_CLEAR_PWFIELD clear
MYSQL_UID_FIELD uid
MYSQL_GID_FIELD gid
MYSQL_LOGIN_FIELD   id
MYSQL_HOME_FIELDhome
#MYSQL_MAILDIR_FIELD maildir

mysql: db - maildb table - users
mysql select id,clear,uid,gid,home,maildir from users

+--+---+-+-+--+---+
| id   | clear | uid | gid | home |
maildir   |
+--+---+-+-+--+---+
| test | test  | 502 | 502 | /home/vmail/test |
test/Maildir/ |
+--+---+-+-+--+---+
1 row in set (0.00 sec)


__
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com


---
This SF.NET email is sponsored by: FREE  SSL Guide from Thawte
are you planning your Web Server Security? Click here to get a FREE
Thawte SSL guide and find the answers to all your  SSL security issues.
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0026en
___
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users