# sasl2 + mysql plug problem

## meshit

Hi,

I recently upgraded my system and then mysql.

I used to usesince one year and a half the virtual mail multidomains done with the gentoo-howto (postfix + cyrus_sasl + mysql).

Since one day I can't get sasl working with mysql to do an smtp_auth.

I did a revdep-rebuild and had a lot of package to recompile due to some missing link on mysql installation lib (/usr/lib/libmysql* weren't created). revdep was dying on tetex recompilation as it wasn't findig /usr/lib/libmysqlclient.

The only fix i did was to reemerge mysql and then link manually the lib from /usr/lib/mysql/libmysql* to /usr/lib/libmysql*.

Then I rerun revdep-rebuild and it completed with success.

However, I could not get any stmp auth anymore. I rebuilld then cyrus-sasl, pam_mysql, and posftix, and courier-imap and check twice (and more) the conf files. But everything is okay.

I can authenticte again imap, imap-ssl, pop3, pop3s or whatever against my mysql db.

But I can't send any mail as smtp is complaining from /var/log/mail.log:

```

Jan  4 15:36:21 dji postfix/smtpd[25099]: > localhost[127.0.0.1]: 250-dji.mental-tv.org

Jan  4 15:36:21 dji postfix/smtpd[25099]: > localhost[127.0.0.1]: 250-PIPELINING

Jan  4 15:36:21 dji postfix/smtpd[25099]: > localhost[127.0.0.1]: 250-SIZE 10240000

Jan  4 15:36:21 dji postfix/smtpd[25099]: > localhost[127.0.0.1]: 250-VRFY

Jan  4 15:36:21 dji postfix/smtpd[25099]: > localhost[127.0.0.1]: 250-ETRN

Jan  4 15:36:21 dji postfix/smtpd[25099]: > localhost[127.0.0.1]: 250-AUTH LOGIN PLAIN

Jan  4 15:36:21 dji postfix/smtpd[25099]: > localhost[127.0.0.1]: 250-AUTH=LOGIN PLAIN

Jan  4 15:36:21 dji postfix/smtpd[25099]: match_list_match: localhost: no match

Jan  4 15:36:21 dji postfix/smtpd[25099]: match_list_match: 127.0.0.1: no match

Jan  4 15:36:21 dji postfix/smtpd[25099]: > localhost[127.0.0.1]: 250 8BITMIME

Jan  4 15:36:21 dji postfix/smtpd[25099]: watchdog_pat: 0x80ddd40

Jan  4 15:37:59 dji postfix/smtpd[25099]: < localhost[127.0.0.1]: AUTH LOGIN amVyZW15QG1lbnRhbC10di5vcmc=

Jan  4 15:37:59 dji postfix/smtpd[25099]: smtpd_sasl_authenticate: sasl_method LOGIN, init_response amVyZW15QG1lbnRhbC10di5vcmc=

Jan  4 15:37:59 dji postfix/smtpd[25099]: smtpd_sasl_authenticate: decoded initial response jeremy@mental-tv.org

Jan  4 15:37:59 dji postfix/smtpd[25099]: smtpd_sasl_authenticate: uncoded challenge: Password:

Jan  4 15:37:59 dji postfix/smtpd[25099]: > localhost[127.0.0.1]: 334 UGFzc3dvcmQ6

Jan  4 15:37:59 dji postfix/smtpd[25099]: < localhost[127.0.0.1]: XXXXXXXXXXXXXXX

Jan  4 15:37:59 dji postfix/smtpd[25099]: smtpd_sasl_authenticate: decoded response: XXXXXXXXX

Jan  4 15:37:59 dji postfix/smtpd[25099]: warning: localhost[127.0.0.1]: SASL LOGIN authentication failed

Jan  4 15:37:59 dji postfix/smtpd[25099]: > localhost[127.0.0.1]: 535 Error: authentication failed

Jan  4 15:37:59 dji postfix/smtpd[25099]: watchdog_pat: 0x80ddd40

```

and sasl is complaining from /var/log/auth.log:

```

Jan  4 15:38:37 dji postfix/smtpd[25204]: SQL engine 'mysql' not supported

Jan  4 15:38:38 dji postfix/smtpd[25204]: auxpropfunc error no mechanism available

Jan  4 15:38:38 dji postfix/smtpd[25204]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

```

In looking a little deeper I notice the following warning during cyrus-sasl compilation:

```

checking SQL... enabled

checking for mysql_select_db in -lmysqlclient... no

configure: WARNING: MySQL library mysqlclient does not work

```

I'm using the following global USE flags, in make.conf:

```

grep USE /etc/make.conf

USE="pda doc gd-external mysql pam-mysql imap libwww maildir sasl ssl sse -ldap 3dnow cups gtk2 gnome alsa apache2 mozilla"

```

and the following /etc/portage.package.use

```

dji root # cat /etc/portage/package.use

dev-libs/cyrus-sasl -ldap -berkdb -gdbm authdaemond pam_mysql mysql

```

I'm using the following package versions and flags:

```

dji root # emerge -pv postfix mysql pam_mysql cyrus-sasl

These are the packages that I would merge, in order:

Calculating dependencies ...done!

[ebuild   R   ] mail-mta/postfix-2.1.5-r1  +ipv6 -ldap -mailwrapper -mbox +mysql +pam -postgres +sasl +ssl -vda 0 kB

[ebuild   R   ] dev-db/mysql-4.0.23  +berkdb -debug -innodb +perl +readline (-selinux) +ssl -static +tcpd 0 kB

[ebuild   R   ] sys-libs/pam_mysql-0.5  0 kB

[ebuild   R   ] dev-libs/cyrus-sasl-2.1.20  +authdaemond -berkdb -debug -gdbm +java -kerberos -ldap +mysql +pam -postgres +ssl -static 0 kB

```

any help is welcome...Last edited by meshit on Tue Jan 04, 2005 8:10 pm; edited 1 time in total

----------

## Ferdy

Looks like a sasl problem... if you post some configs maybe we'll see something

PD: Change your password since 'UG92MzAxK2RqaQ==' is easily converted into ASCII text...

Cheers,

Ferdy

----------

## meshit

here is my system flags:

```

dji root # emerge info

Portage 2.0.51-r3 (default-linux/x86/2004.0, gcc-3.3.4, glibc-2.3.4.20040808-r1, 2.4.26-gentoo-r9 i686)

=================================================================

System uname: 2.4.26-gentoo-r9 i686 AMD Athlon(tm) XP 2400+

Gentoo Base System version 1.4.16

Autoconf: sys-devel/autoconf-2.59-r5

Automake: sys-devel/automake-1.8.5-r1

Binutils: sys-devel/binutils-2.15.90.0.1.1-r3

Headers:  sys-kernel/linux-headers-2.4.19-r1,sys-kernel/linux-headers-2.4.21-r1

Libtools: sys-devel/libtool-1.5.2-r7

ACCEPT_KEYWORDS="x86"

AUTOCLEAN="yes"

CFLAGS="-march=athlon-xp -O3 -pipe"

CHOST="i686-pc-linux-gnu"

COMPILER=""

CONFIG_PROTECT="/etc /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config /usr/kde/3.1/share/config /usr/kde/3.3/env /usr/kde/3.3/share/config /usr/kde/3.3/shutdown /usr/kde/3/share/config /usr/lib/mozilla/defaults/pref /usr/share/config /var/bind /var/qmail/control"

CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d"

CXXFLAGS="-march=athlon-xp -O3 -pipe"

DISTDIR="/usr/portage/distfiles"

FEATURES="autoaddcvs autoconfig buildpkg ccache distcc distlocks fixpackages sandbox sfperms usersandbox"

GENTOO_MIRRORS="ftp://mir.zyrianes.net/gentoo/ http://mir.zyrianes.net/gentoo/ http://www.gigaload.org/gentoo.org/"

MAKEOPTS="-j2"

PKGDIR="/usr/portage/packages"

PORTAGE_TMPDIR="/var/tmp"

PORTDIR="/usr/portage"

PORTDIR_OVERLAY="/usr/local/portage"

SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"

USE="x86 3dnow X aalib acl alsa apache2 apm arts avi berkdb bitmap-fonts bonobo cdr crypt cscope cups directfb doc encode esd fam flac foomaticdb fortran gd-external gdbm ggi gif gnome gpm gstreamer gtk gtk2 gtkhtml guile imagemagick imap imlib ipv6 java jpeg kde libwww mad maildir mikmod motif mozilla mpeg mysql ncurses nls oggvorbis opengl oss pam pam-mysql pda pdflib perl png python qt quicktime readline samba sasl scanner sdl slang snmp speex spell sse ssl svga tcltk tcpd tiff truetype xml xml2 xmms xv zlib"

```

sasl configuration:

```

jeremy@dji jeremy $ cat /etc/sasl2/smtpd.conf

# $Header: /home/cvsroot/gentoo-x86/net-mail/postfix/files/smtpd.conf,v 1.2 2002/05/04 03:55:29 woodchip Exp $

pwcheck_method: auxprop

auxprop_plugin: sql

sql_engine: mysql

sql_hostnames: localhost

sql_user: mysqluser

sql_passwd: xxxxx

sql_database: mailsql

sql_select: select clear from users where email = '%u@%r'

mech_list: plain login

pwcheck_method: saslauthd

mech_list: LOGIN PLAIN

dji root # cat /etc/conf.d/saslauthd

# $Header: /var/cvsroot/gentoo-x86/dev-libs/cyrus-sasl/files/saslauthd-2.1.20.conf,v 1.1 2004/10/31 06:13:48 langthang Exp $

# Config file for /etc/init.d/saslauthd

# Initial (empty) options.

SASLAUTHD_OPTS=""

# Specify the authentications mechanism.

# *NOTE* For list see: saslauthd -v

# From 2.1.19, add "-r" to options for old behavior

# ie. reassemble user and realm to user@realm form.

#SASLAUTHD_OPTS="${SASLAUTH_MECH} -a pam -r"

SASLAUTHD_OPTS="${SASLAUTH_MECH} -a pam"

# Specify the hostname for remote IMAP server.

# *NOTE* Only needed if rimap auth mech is used.

#SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -O localhost"

# Specify the number of worker processes to create.

#SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -n 5"

# Enable credential cache, cache size, and timeout.

# *NOTE* Size is measured in kilobytes

#        Timeout is measured in seconds

#SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -c -s 128 -t 30"

```

postfix conf:

```

bounce_notice_recipient = postmaster

access_map_reject_code = 554

address_verify_default_transport = $default_transport

address_verify_local_transport = $local_transport

address_verify_map =

address_verify_negative_cache = yes

address_verify_negative_expire_time = 3d

address_verify_negative_refresh_time = 3h

address_verify_poll_count = 3

address_verify_poll_delay = 3s

address_verify_positive_expire_time = 31d

address_verify_positive_refresh_time = 7d

address_verify_relay_transport = $relay_transport

address_verify_relayhost = $relayhost

address_verify_sender = postmaster

address_verify_service_name = verify

address_verify_transport_maps = $transport_maps

address_verify_virtual_transport = $virtual_transport

alias_database = hash:/etc/mail/aliases

alias_maps = hash:/etc/mail/aliases

allow_mail_to_commands = alias, forward

allow_mail_to_files = alias, forward

allow_min_user = no

allow_percent_hack = yes

allow_untrusted_routing = no

alternate_config_directories =

always_bcc =

append_at_myorigin = yes

append_dot_mydomain = yes

application_event_drain_time = 100s

backwards_bounce_logfile_compatibility = yes

berkeley_db_create_buffer_size = 16777216

berkeley_db_read_buffer_size = 131072

best_mx_transport =

biff = yes

body_checks =

body_checks_size_limit = 51200

bounce_notice_recipient = postmaster

bounce_queue_lifetime = 5d

bounce_service_name = bounce

bounce_size_limit = 50000

broken_sasl_auth_clients = yes

canonical_maps =

cleanup_service_name = cleanup

command_directory = /usr/sbin

command_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ

command_time_limit = 1000s

config_directory = /etc/postfix

content_filter = smtp-amavis:[localhost]:10024

daemon_directory = /usr/lib/postfix

daemon_timeout = 18000s

debug_peer_level = 2

debug_peer_list =

default_database_type = hash

default_delivery_slot_cost = 5

default_delivery_slot_discount = 50

default_delivery_slot_loan = 3

default_destination_concurrency_limit = 2

default_destination_recipient_limit = 50

default_extra_recipient_limit = 1000

default_minimum_delivery_slots = 3

default_privs = nobody

default_process_limit = 100

default_rbl_reply = $rbl_code Service unavailable; $rbl_class [$rbl_what] blocked using $rbl_domain${rbl_reason?; $rbl_reason}

default_recipient_limit = 10000

default_transport = smtp

default_verp_delimiters = +=

defer_code = 450

defer_service_name = defer

defer_transports =

delay_notice_recipient = postmaster

delay_warning_time = 0h

deliver_lock_attempts = 20

deliver_lock_delay = 1s

disable_dns_lookups = no

disable_mime_input_processing = no

disable_mime_output_conversion = no

disable_verp_bounces = no

disable_vrfy_command = no

dont_remove = 0

double_bounce_sender = double-bounce

duplicate_filter_limit = 1000

empty_address_recipient = MAILER-DAEMON

enable_errors_to = no

enable_original_recipient = yes

error_notice_recipient = postmaster

error_service_name = error

expand_owner_alias = no

export_environment = TZ MAIL_CONFIG

fallback_relay =

fallback_transport =

fast_flush_domains = $relay_domains

fast_flush_purge_time = 7d

fast_flush_refresh_time = 12h

fault_injection_code = 0

flush_service_name = flush

fork_attempts = 5

fork_delay = 1s

forward_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ

forward_path = $home/.forward${recipient_delimiter}${extension}, $home/.forward

hash_queue_depth = 1

hash_queue_names = incoming, active, deferred, bounce, defer, flush, hold, trace

header_address_token_limit = 10240

header_checks =

header_size_limit = 102400

helpful_warnings = yes

home_mailbox = .maildir/

hopcount_limit = 50

html_directory = no

ignore_mx_lookup_error = no

import_environment = MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG TZ XAUTHORITY DISPLAY

in_flow_delay = 1s

inet_interfaces = all

initial_destination_concurrency = 5

invalid_hostname_reject_code = 501

ipc_idle = 100s

ipc_timeout = 3600s

ipc_ttl = 1000s

line_length_limit = 2048

lmtp_bind_address =

lmtp_bind_address6 =

lmtp_cache_connection = yes

lmtp_connect_timeout = 0s

lmtp_data_done_timeout = 600s

lmtp_data_init_timeout = 120s

lmtp_data_xfer_timeout = 180s

lmtp_destination_concurrency_limit = $default_destination_concurrency_limit

lmtp_destination_recipient_limit = $default_destination_recipient_limit

lmtp_lhlo_timeout = 300s

lmtp_mail_timeout = 300s

lmtp_quit_timeout = 300s

lmtp_rcpt_timeout = 300s

lmtp_rset_timeout = 120s

lmtp_sasl_auth_enable = no

lmtp_sasl_password_maps =

lmtp_sasl_security_options = noplaintext, noanonymous

lmtp_send_xforward_command = no

lmtp_skip_quit_response = no

lmtp_tcp_port = 24

lmtp_xforward_timeout = 300s

local_command_shell =

local_destination_concurrency_limit = 2

local_destination_recipient_limit = 1

local_recipient_maps = unix:passwd.byname $virtual_mailbox_maps $alias_maps

local_transport = local

luser_relay =

mail_name = Postfix

mail_owner = postfix

mail_release_date = 20040915

mail_spool_directory = /var/mail

mail_version = 2.1.5

mailbox_command =

mailbox_command_maps =

mailbox_delivery_lock = fcntl, dotlock

mailbox_size_limit = 51200000

mailbox_transport =

mailq_path = /usr/bin/mailq

manpage_directory = /usr/share/man

maps_rbl_domains =

maps_rbl_reject_code = 554

masquerade_classes = envelope_sender, header_sender, header_recipient

masquerade_domains =

masquerade_exceptions =

max_idle = 100s

max_use = 100

maximal_backoff_time = 4000s

maximal_queue_lifetime = 5d

message_size_limit = 10240000

mime_boundary_length_limit = 2048

mime_header_checks = $header_checks

mime_nesting_limit = 100

minimal_backoff_time = 1000s

multi_recipient_bounce_reject_code = 550

mydestination = $myhostname, localhost.$mydomain,localhost

mydomain = mental-tv.org

myhostname = dji.mental-tv.org

mynetworks = 10.0.0.0/24, 192.168.0.0/16,  127.0.0.0/8

mynetworks_style = subnet

myorigin = $myhostname

nested_header_checks = $header_checks

newaliases_path = /usr/bin/newaliases

non_fqdn_reject_code = 504

notify_classes = resource, software

owner_request_special = yes

parent_domain_matches_subdomains = debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqpd_authorized_clients,relay_domains,smtpd_access_maps

permit_mx_backup_networks =

pickup_service_name = pickup

prepend_delivered_header = command, file, forward

process_id_directory = pid

propagate_unmatched_extensions = canonical, virtual

proxy_interfaces = 10.0.0.254

proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks

qmgr_clog_warn_time = 300s

qmgr_fudge_factor = 100

qmgr_message_active_limit = 20000

qmgr_message_recipient_limit = 20000

qmgr_message_recipient_minimum = 10

qmqpd_authorized_clients =

qmqpd_error_delay = 1s

qmqpd_timeout = 300s

queue_directory = /var/spool/postfix

queue_file_attribute_count_limit = 100

queue_minfree = 0

queue_run_delay = 1000s

queue_service_name = qmgr

rbl_reply_maps =

readme_directory = /usr/share/doc/postfix-2.1.5-r1/readme

receive_override_options =

recipient_bcc_maps =

recipient_canonical_maps =

recipient_delimiter =

reject_code = 554

relay_clientcerts =

relay_destination_concurrency_limit = $default_destination_concurrency_limit

relay_destination_recipient_limit = $default_destination_recipient_limit

relay_domains = hash:/etc/postfix/relay.domains

relay_domains_reject_code = 554

relay_recipient_maps =

relay_transport = relay

relayhost =

relocated_maps = mysql:/etc/postfix/mysql-relocated.cf

require_home_directory = no

resolve_dequoted_address = yes

resolve_null_domain = no

rewrite_service_name = rewrite

sample_directory = /etc/postfix

sender_based_routing = no

sender_bcc_maps =

sender_canonical_maps =

sendmail_path = /usr/sbin/sendmail

service_throttle_time = 60s

setgid_group = postdrop

show_user_unknown_table_name = yes

showq_service_name = showq

smtp_always_send_ehlo = yes

smtp_bind_address =

smtp_bind_address6 =

smtp_connect_timeout = 30s

smtp_data_done_timeout = 600s

smtp_data_init_timeout = 120s

smtp_data_xfer_timeout = 180s

smtp_defer_if_no_mx_address_found = no

smtp_destination_concurrency_limit = $default_destination_concurrency_limit

smtp_destination_recipient_limit = $default_destination_recipient_limit

smtp_enforce_tls = no

smtp_helo_name = $myhostname

smtp_helo_timeout = 300s

smtp_host_lookup = dns

smtp_line_length_limit = 990

smtp_mail_timeout = 300s

smtp_mx_address_limit = 0

smtp_mx_session_limit = 2

smtp_never_send_ehlo = no

smtp_pix_workaround_delay_time = 10s

smtp_pix_workaround_threshold_time = 500s

smtp_quit_timeout = 300s

smtp_quote_rfc821_envelope = yes

smtp_randomize_addresses = yes

smtp_rcpt_timeout = 300s

smtp_rset_timeout = 120s

smtp_sasl_auth_enable = no

smtp_sasl_password_maps =

smtp_sasl_security_options = noplaintext, noanonymous

smtp_sasl_tls_security_options = $var_smtp_sasl_opts

smtp_sasl_tls_verified_security_options = $var_smtp_sasl_tls_opts

smtp_send_xforward_command = no

smtp_skip_5xx_greeting = yes

smtp_skip_quit_response = yes

smtp_starttls_timeout = 300s

smtp_tls_CAfile =

smtp_tls_CApath =

smtp_tls_cert_file =

smtp_tls_cipherlist =

smtp_tls_dcert_file =

smtp_tls_dkey_file = $smtp_tls_dcert_file

smtp_tls_enforce_peername = yes

smtp_tls_key_file = $smtp_tls_cert_file

smtp_tls_loglevel = 0

smtp_tls_note_starttls_offer = no

smtp_tls_per_site =

smtp_tls_scert_verifydepth = 5

smtp_tls_session_cache_database =

smtp_tls_session_cache_timeout = 3600s

smtp_use_tls = no

smtp_xforward_timeout = 300s

smtpd_authorized_verp_clients = $authorized_verp_clients

smtpd_authorized_xclient_hosts =

smtpd_authorized_xforward_hosts =

smtpd_banner = $myhostname ESMTP $mail_name

smtpd_client_connection_count_limit = 50

smtpd_client_connection_limit_exceptions = $mynetworks

smtpd_client_connection_rate_limit = 0

smtpd_client_restrictions = permit_sasl_authenticated permit_mynetworks

smtpd_data_restrictions =

smtpd_delay_reject = yes

smtpd_enforce_tls = no

smtpd_error_sleep_time = 1s

smtpd_etrn_restrictions =

smtpd_expansion_filter = \t\40!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~

smtpd_hard_error_limit = 20

smtpd_helo_required = yes

smtpd_helo_restrictions =

smtpd_history_flush_threshold = 100

smtpd_junk_command_limit = 100

smtpd_noop_commands =

smtpd_null_access_lookup_key = <>

smtpd_policy_service_max_idle = 300s

smtpd_policy_service_max_ttl = 1000s

smtpd_policy_service_timeout = 100s

smtpd_proxy_ehlo = $myhostname

smtpd_proxy_filter =

smtpd_proxy_timeout = 100s

smtpd_recipient_limit = 1000

smtpd_recipient_overshoot_limit = 1000

smtpd_recipient_restrictions = permit_sasl_authenticated,       permit_mynetworks,       reject_unauth_destination

smtpd_reject_unlisted_recipient = yes

smtpd_reject_unlisted_sender = no

smtpd_restriction_classes =

smtpd_sasl_application_name = smtpd

smtpd_sasl_auth_enable = yes

smtpd_sasl_exceptions_networks =

smtpd_sasl_local_domain =

smtpd_sasl_security_options = noanonymous

smtpd_sasl_tls_security_options = $smtpd_sasl_security_options

smtpd_sender_login_maps =

smtpd_sender_restrictions =

smtpd_soft_error_limit = 10

smtpd_starttls_timeout = 300s

smtpd_timeout = 300s

smtpd_tls_CAfile = /etc/postfix/cacert.pem

smtpd_tls_CApath =

smtpd_tls_ask_ccert = no

smtpd_tls_auth_only = no

smtpd_tls_ccert_verifydepth = 5

smtpd_tls_cert_file = /etc/postfix/newcert.pem

smtpd_tls_cipherlist =

smtpd_tls_dcert_file =

smtpd_tls_dh1024_param_file =

smtpd_tls_dh512_param_file =

smtpd_tls_dkey_file = $smtpd_tls_dcert_file

smtpd_tls_key_file = /etc/postfix/newreq.pem

smtpd_tls_loglevel = 3

smtpd_tls_received_header = yes

smtpd_tls_req_ccert = no

smtpd_tls_session_cache_database =

smtpd_tls_session_cache_timeout = 3600s

smtpd_tls_wrappermode = no

smtpd_use_tls = yes

soft_bounce = no

stale_lock_time = 500s

strict_7bit_headers = no

strict_8bitmime = no

strict_8bitmime_body = no

strict_mime_encoding_domain = no

strict_rfc821_envelopes = no

sun_mailtool_compatibility = no

swap_bangpath = yes

syslog_facility = mail

syslog_name = postfix

tls_daemon_random_bytes = 32

tls_daemon_random_source =

trace_service_name = trace

transport_maps =

transport_retry_time = 60s

trigger_timeout = 10s

undisclosed_recipients_header = To: undisclosed-recipients:;

unknown_address_reject_code = 450

unknown_client_reject_code = 450

unknown_hostname_reject_code = 450

unknown_local_recipient_reject_code = 550

unknown_relay_recipient_reject_code = 550

unknown_virtual_alias_reject_code = 550

unknown_virtual_mailbox_reject_code = 550

unverified_recipient_reject_code = 450

unverified_sender_reject_code = 450

verp_delimiter_filter = -=+

virtual_alias_domains = idestockage.com

virtual_alias_expansion_limit = 1000

virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf

virtual_alias_recursion_limit = 1000

virtual_destination_concurrency_limit = $default_destination_concurrency_limit

virtual_destination_recipient_limit = $default_destination_recipient_limit

virtual_gid_maps = mysql:/etc/postfix/mysql-virtual-gid.cf

virtual_mailbox_base = /

virtual_mailbox_domains = hash:/etc/postfix/vmaildomains

virtual_mailbox_limit = 51200000

virtual_mailbox_lock = fcntl

virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf

virtual_minimum_uid = 100

virtual_transport = virtual

virtual_uid_maps = mysql:/etc/postfix/mysql-virtual-uid.cf

```

Done for my passwd  :Smile: 

hope this helps.

I'm a little bit desperate after searching for more than 24 hours....

----------

## Ferdy

Looks like a problem in the ebuild or in your specific system... since as you said, it doesn't active mysql in compilation-time.

If you look deeper in the build (configure) proccess you'll be able to fix it.

Cheers,

Ferdy

----------

## mach.82

Hi, Has anyone fixed this?

```
Jan  4 15:38:37 dji postfix/smtpd[25204]: SQL engine 'mysql' not supported

Jan  4 15:38:38 dji postfix/smtpd[25204]: auxpropfunc error no mechanism available

Jan  4 15:38:38 dji postfix/smtpd[25204]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql 
```

 :Crying or Very sad: 

----------

## Wilhelm

I had this problem when doing 'emerge -e world` to update my system from a P3 to a P4.

It took me a jiffy to look up the solution in this forum.

The mysql thing is built into Cyrus-SASL-2.20-r2 and not in 2.20

Mysql authentication is a patch which has now made it to the ebuild but it is still masked.

I previously manually added the patch to the ebuild but that is no longer needed.

Try installing like

ACCEPT_KEYWORDS="~x86" emerge cyrus-sasl

This works for me anyway.

```

# $Header: /home/cvsroot/gentoo-x86/net-mail/postfix/files/smtp.sasl,v 1.1 2003

sasl_pwcheck_method: auxprop

auxprop_plugin: sql

mech_list: PLAIN LOGIN

srp_mda: md5

password_format: crypt_trad

#log_level: 3

sql_engine: mysql

sql_hostname: 10.0.0.1:mysql

#sql_socket: /var/run/mysqld/mysqld.sock

sql_database: vmail

sql_user: vmail

sql_passwd: only_noobs_leave_their_password_here

sql_select: SELECT Password FROM mailboxes WHERE Email='%u@%r'

sql_verbose: yes

sql_ssl: yes

```

All my passwords are encrypted using ENCRYPT() of mysql if i remember correctly  :Wink: 

----------

