# Postfix: authentication failure

## audiodef

Setting up my mail server. I'm at this point. I'm at the section titled "To verify sasl support telnet can be used to check for the AUTH statement." I don't get anything but authentication failures when I try to auth login.  

/etc/sasl2/smtpd.conf:

```

sasl_pwcheck_method: auxprop

sasl_auxprop_plugin: mysql

password_format: crypt

mech_list: LOGIN PLAIN

sql_engine: mysql

sql_hostnames: localhost

sql_database: (dbname)

sql_user: (user)

sql_passwd: (pw)

sql_select: SELECT password FROM mailbox WHERE local_part='%u' AND active='1'

```

/etc/postfix/main.cf:

```

compatibility_level = 2

soft_bounce = yes

queue_directory = /var/spool/postfix

command_directory = /usr/sbin

daemon_directory = /usr/libexec/postfix

data_directory = /var/lib/postfix

mail_owner = postfix

myhostname = (fqdn)

mydomain = (domain.tld)

unknown_local_recipient_reject_code = 450

mynetworks_style = host

recipient_delimiter = +

debug_peer_level = 2

debugger_command =

         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin

         ddd $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail

newaliases_path = /usr/bin/newaliases

mailq_path = /usr/bin/mailq

setgid_group = postdrop

html_directory = no

manpage_directory = /usr/share/man

sample_directory = /etc/postfix

readme_directory = no

inet_protocols = ipv4

meta_directory = /etc/postfix

shlib_directory = /usr/lib64/postfix/${mail_version}

home_mailbox = .maildir/

############## USER ADDED CONFIG

# Link the mailbox uid and gid to postfix.

virtual_uid_maps = static:5000

virtual_gid_maps = static:5000

# Set the base address for all virtual mailboxes

virtual_mailbox_base = /var/vmail

## (Ensure that there are no other alias_maps definitions)

alias_maps = mysql:/etc/postfix/mysql-aliases.cf

relocated_maps = mysql:/etc/postfix/mysql-relocated.cf

local_transport = local

local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname

virtual_transport = virtual

## (The domains listed by the mydestination should not be listed in

##  the virtual_mailbox_domains parameter)

virtual_mailbox_domains = virt-domain.com, $other-virtual-domain.com

virtual_minimum_uid = 1000

## (Substitute $vmail-gid with the GID of the vmail group)

virtual_gid_maps = static:$vmail-gid

virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf

virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf

## (Substitute $vmail-uid with the UID of the vmail user)

virtual_uid_maps = static:$vmail-uid

# Postifx to SASL authentication

broken_sasl_auth_clients = no

smtpd_sasl_auth_enable = yes

smtpd_sasl_security_options = noanonymous

smtpd_sasl_local_domain =

smtpd_sasl_authenticated_header = no

smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination

```

This is what happens no matter what I do. I've tried base64 encoding the plain text password and the password hash that appears in the database as put there by postfixadmin. 

```

auth login

334 VXNlcm5hbWU6

b25saW5l

334 UGFzc3dvcmQ6

MXFhejJ3c3ghUUFa

435 4.7.8 Error: authentication failed: authentication failure

```

What am I missing?

----------

## gerdesj

It's hard to know exactly where to start but no-one has chimed in yet.  Start with your logs.

Is that really a full copy and paste of an auth session because the example and all smtpds I know of would put AUTH LOGIN in uppercase.  Could you copy and paste a full telnet session.  

Is your username "online" and is your password really "1qaz2wsx!QAZ" (I think I've got that right and getting an English word for the username can't be a coincidence!)  Double check with the perl command given and then check that the generated string is correct by changing encode_base64 to decode_base64 and putting the string in the quotes. base64 is not encryption, only encoding! 

Cheers

Jon

----------

