# [SOLVED] dovecot/mysql authentication problem

## h0mer`-

Hi all,

i followed this guide - http://en.gentoo-wiki.com/wiki/Mail_server_using_Postfix_and_Dovecot

but i am  having difficulties understanding the authentification part with mysql.

this is what i am getting in my system log:

```
dovecot: auth(default): client in: AUTH  1       PLAIN   service=imap    secured lip=[SERVERIP]        rip=[CLIENTIP]       lport=993       rport=21299     resp=AHBvc3RtYXN0ZXJAY2JveC5jYwBiVTFkMGczcHdu

dovecot: auth(default): client out: OK   1       user=postmaster@testdomain.com

dovecot: auth-worker(default): sql(postmaster@testdomain.com,[CLIENTIP]): query: SELECT username as user, password FROM mailbox WHERE username = 'postmaster@testdomain.com' AND active = 1

dovecot: auth(default): master in: REQUEST       1       16296   1

dovecot: auth(default): prefetch(postmaster@testdomain.com,[CLIENTIP]): passdb didn't return userdb entries

dovecot: auth(default): userdb(postmaster@testdomain.com,[CLIENTIP]): user not found from userdb prefetch

dovecot: auth(default): master out: NOTFOUND     1

dovecot: imap-login: Internal login failure (auth failed, 1 attempts): user=<postmaster@testdomain.com>, method=PLAIN, rip=[CLIENTIP], lip=[SERVERIP], TLS
```

using the following query in mysql i get a valid user/password entry

```
SELECT username as user, password FROM mailbox WHERE username = 'postmaster@testdomain.com' AND active = 1
```

but what about those passdb and userdb errors from the system log?

this are the relevant parts of my config files

dovecot.conf

 *Quote:*   

> passdb sql {
> 
> args = /etc/dovecot/dovecot-sql.conf
> 
> }
> ...

 

dovecot-sql.conf

 *Quote:*   

> password_query = SELECT username as user, password FROM mailbox WHERE username = '%u' AND active = 1
> 
> user_query = SELECT CONCAT('/var/mail/', maildir) AS home, CONCAT('*:bytes=', quota) AS quota_rule FROM mailbox WHERE username = '%u' AND active = 1
> 
> 

 Last edited by h0mer`- on Tue Jan 27, 2009 11:42 am; edited 1 time in total

----------

## magic919

Drop the prefetch.  The logs are complaining that it's not returning data in the required format.

----------

## h0mer`-

awesome - works. thanks.

what kind of password/login encryption should i use?

----------

## magic919

You'll be restricted to ones your clients can support.  Take a look at what they can cope with.

----------

