Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Mail server, auxprop error
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
audiodef
Watchman
Watchman


Joined: 06 Jul 2005
Posts: 6308
Location: /usr/lib64/lv2

PostPosted: Sat Jul 05, 2014 3:11 pm    Post subject: Mail server, auxprop error Reply with quote

My mail server setup, that has been working for many months now, has suddenly gone on vacation.

tail -f /var/log/messages using web mail:

Code:

Jul  5 14:59:16 audiodef postfix/smtpd[3663]: SQL engine 'sql' not supported
Jul  5 14:59:16 audiodef postfix/smtpd[3663]: auxpropfunc error no mechanism available
Jul  5 14:59:16 audiodef postfix/smtpd[3663]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql
Jul  5 14:59:25 audiodef roundcube: IMAP Error: Login failed for (user)@(domain) from (ip_address). AUTHENTICATE PLAIN: no mechanism available in /var/www/mail/htdocs/program/lib/Roundcube/rcube_imap.php on line 184 (POST /?_task=login&_action=login)


Same tail from Thunderbird:

Code:

Jul  5 15:03:18 audiodef imap[3844]: accepted connection
Jul  5 15:03:18 audiodef master[4026]: about to exec /usr/lib64/cyrus/imapd
Jul  5 15:03:18 audiodef imap[4026]: executed
Jul  5 15:03:18 audiodef imap[4026]: SQL engine 'mysql' not supported
Jul  5 15:03:18 audiodef imap[4026]: auxpropfunc error no mechanism available
Jul  5 15:03:18 audiodef imap[4026]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql
Jul  5 15:03:18 audiodef master[4029]: about to exec /usr/lib64/cyrus/imapd
Jul  5 15:03:18 audiodef imap[4029]: executed
Jul  5 15:03:18 audiodef imap[4027]: imapd:Loading hard-coded DH parameters
Jul  5 15:03:18 audiodef imap[4027]: TLS server engine: No CA file specified. Client side certs may not work
Jul  5 15:03:18 audiodef imap[4028]: imapd:Loading hard-coded DH parameters
Jul  5 15:03:18 audiodef imap[4028]: TLS server engine: No CA file specified. Client side certs may not work
Jul  5 15:03:18 audiodef imap[4026]: imapd:Loading hard-coded DH parameters
Jul  5 15:03:18 audiodef imap[4026]: TLS server engine: No CA file specified. Client side certs may not work
Jul  5 15:03:18 audiodef imap[3844]: imapd:Loading hard-coded DH parameters
Jul  5 15:03:18 audiodef imap[3844]: TLS server engine: No CA file specified. Client side certs may not work
Jul  5 15:03:18 audiodef imap[4027]: SSL_accept() incomplete -> wait
Jul  5 15:03:18 audiodef imap[4028]: SSL_accept() incomplete -> wait
Jul  5 15:03:18 audiodef imap[4026]: SSL_accept() incomplete -> wait
Jul  5 15:03:18 audiodef imap[3844]: SSL_accept() incomplete -> wait
Jul  5 15:03:19 audiodef imap[4027]: SSL_accept() succeeded -> done
Jul  5 15:03:19 audiodef imap[4027]: starttls: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits new) no authentication
Jul  5 15:03:19 audiodef imap[4026]: SSL_accept() succeeded -> done
Jul  5 15:03:19 audiodef imap[3844]: SSL_accept() succeeded -> done
Jul  5 15:03:19 audiodef imap[4026]: starttls: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits new) no authentication
Jul  5 15:03:19 audiodef imap[3844]: starttls: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits new) no authentication
Jul  5 15:03:19 audiodef imap[4028]: SSL_accept() succeeded -> done
Jul  5 15:03:19 audiodef imap[4028]: starttls: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits new) no authentication
Jul  5 15:03:19 audiodef imap[4027]: unknown password verifier(s) auxprop
Jul  5 15:03:19 audiodef imap[4027]: badlogin: pool-(ip_identifier).(service_provider) [ip_address] plain [SASL(-4): no mechanism available: Password verification failed]
Jul  5 15:03:19 audiodef imap[3844]: unknown password verifier(s) auxprop
Jul  5 15:03:19 audiodef imap[3844]: badlogin: pool-(ip_identifier).(service_provider) [ip_address] plain [SASL(-4): no mechanism available: Password verification failed]


etc.

main.cf:

Code:

queue_directory = /var/spool/postfix
message_size_limit = 102400000
mailbox_size_limit = 1024000000
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
default_privs = nobody
myhostname = (my domain)
mydomain = (my domain)
virtual_mailbox_domains = (list of my domains)
myorigin = $myhostname
alias_maps = mysql:/etc/postfix/validate.cf
virtual_mailbox_maps = mysql:/etc/postfix/validate.cf
mailbox_transport = lmtp:unix:/var/imap/socket/lmtp
virtual_transport = lmtp:unix:/var/imap/socket/lmtp
inet_interfaces = all
mydestination = $myhostname, localhost
local_recipient_maps = $alias_maps, $virtual_mailbox_maps
unknown_local_recipient_reject_code = 550
mynetworks = (server_ip), 127.0.0.0/8
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_authenticated_header = yes
broken_sasl_auth_clients = yes
smtpd_tls_auth_only = yes
mail_spool_directory = /var/spool/mail
smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
local_destination_concurrency_limit = 2
default_destination_concurrency_limit = 20
debug_peer_level = 2
debugger_command =
         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
         ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = postdrop
smtpd_tls_security_level = may
smtpd_tls_cert_file = /etc/ssl/postfix/server.crt
smtpd_tls_key_file = /etc/ssl/postfix/server.key
#smtpd_tls_CAfile = /etc/ssl/postfix/root.crt
smtpd_tls_ask_ccert = no
smtpd_tls_loglevel = 1
smtpd_recipient_restrictions =
        permit_mynetworks,
        permit_sasl_authenticated,
        reject_unauth_destination
biff = no
empty_address_recipient = MAILER-DAEMON
tls_random_source = dev:/dev/urandom
smtp_tls_note_starttls_offer = yes

content_filter = scan:[127.0.0.1]:10025

smtpd_delay_reject = no
smtpd_client_restrictions =
        permit_mynetworks
        reject_rbl_client ix.dnsbl.manitu.net
        reject_rbl_client cbl.abuseat.org
        reject_rbl_client b.barracudacentral.org
        reject_rbl_client new.spam.dnsbl.sorbs.net
        reject_rbl_client zen.spamhaus.org

#Mail from Verizon gets incorrectly filtered out
#reject_rbl_client new.spam.dnsbl.sorbs.net

transport_maps = hash:/etc/postfix/transport


master.cf:

Code:

smtp      inet  n       -       n       -       -       smtpd
pickup    fifo  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
tlsmgr    unix  -       -       n       1000?   1       tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       n       -       -       smtp
        -o smtp_fallback_relay=
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
retry     unix  -       -       n       -       -       error
discard   unix  -       -       n       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
scache    unix  -       -       n       -       1       scache
submission inet n      -       n       -       -       smtpd

# AV scan filter (used by content_filter)
scan      unix  -       -       n       -       16      smtp
        -o smtp_send_xforward_command=yes
        -o smtp_enforce_tls=no
# For injecting mail back into postfix from the filter
127.0.0.1:10026 inet  n -       n       -       16      smtpd
        -o content_filter=
        -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
        -o smtpd_helo_restrictions=
        -o smtpd_client_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o mynetworks_style=host
        -o smtpd_authorized_xforward_hosts=127.0.0.0/8


validate.cf:

Code:

hosts = 127.0.0.1
user = maildb
dbname = maildb
password = (password)
query = SELECT email from aliases where email='%s'


smtpd.conf:

Code:

pwcheck_method: auxprop
auxprop_plugin: mysql
mech_list: PLAIN LOGIN
sql_engine: sql
sql_hostnames: 127.0.0.1
sql_user: maildb
sql_passwd: (password)
sql_database: maildb
sql_select: SELECT plainpass FROM aliases WHERE email = '%u@%r'



ehlo localhost:

Code:

250-(domain)
250-PIPELINING
250-SIZE 102400000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN


I have tried a bunch of stuff already, to no avail, and have looked around for an hour. As I said, this has been working for a long time now. This happened right after my last update, and I don't know what changed.
_________________
Gentoo Studio: A Gentoo-based, professional digital audio workstation OS.
Back to top
View user's profile Send private message
freke
Guru
Guru


Joined: 23 Jan 2003
Posts: 402
Location: Somewhere in Denmark

PostPosted: Sat Jul 05, 2014 8:43 pm    Post subject: Reply with quote

Postfix updated? Still emerged with mysql use-flag?

Some seems to use:
auxprop_plugin: sql
sql_engine: mysql

in smtpd.conf

I've got no idea what's right/works though.
Back to top
View user's profile Send private message
audiodef
Watchman
Watchman


Joined: 06 Jul 2005
Posts: 6308
Location: /usr/lib64/lv2

PostPosted: Sun Jul 06, 2014 1:37 am    Post subject: Reply with quote

Yep, did all that, and more. This WAS a working system until today, and I changed NOTHING related to mail. Obviously, something got changed, but it wasn't by me, and I don't know what might have gotten updated that broke my mail server.
_________________
Gentoo Studio: A Gentoo-based, professional digital audio workstation OS.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum