[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
OpenBSD 3.6, SASL2, Postfix, MySQL, Courier-IMAP, TLS
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: OpenBSD 3.6, SASL2, Postfix, MySQL, Courier-IMAP, TLS
- From: Bill Strosberg <bill_(_at_)_strosberg_(_dot_)_com>
- Date: Sat, 05 Feb 2005 16:28:18 -0500
First post, so be kind!
This is my first real thrash with OpenBSD for use in production
situations. I have built a box using all of the above (OpenBSD 3.6,
SASL2, Postfix, MySQL, Courier-IMAP, TLS) to act as a virtual mail
handler for a bunch of domains. I really want to get SASL working for
authenticated smtp access from remote locations.
First, OpenBSD installed painlessly, and I had zero trouble - less than
getting a Debian Woody (stable) box running. As I have played with
OpenBSD before, and had some Gentoo experience, using the ports tree to
build the components was quick and painless. Flavors rock.
I have everything working as expected ... except SASL2.
I am using the auxprop method of authentication, and using the sql
engine with MySQL. Built SASL2 from the ports tree, and set FLAVOR for
mysql. Package built and installed fine. Database works fine.
Imap-ssl and imap authenticate fine using virtual domains and Postfix.
I know the database backend is right because it already works in
I have this exact configuration running on another O/S (cough .. Linux),
so I know that SASL2 works fine in this configuration.
After extensive testing, googling and days of tweaking and fiddling, I
have concluded (and confirmed via other web-based accounts) that there
must be a problem with the SASL2 implementation in the ports tree. I
contacted the maintainer, and he kindly indicated that I could try
removing a patch someone else had committed. I did so, but no joy. I t
really seems like SASL is trying to authenticate using sql, but it fails
to communicate properly to MySQL, while configured properly to do so.
Digging through logs and increasing debugging levels all tells the same
My first and most important question is:
Does anyone have these things in this configuration (libsasl2, auxprop,
mysql) working? If I get someone to say yes, I'll keep on applying my
head to cement wall until one of the two things is soft and compliant
(probably my head).
I really want this to work, but I'm at a bit of an impasse here. I will
not allow unauthenticated smtp relaying, so sasl needs to work.
Bill Strosberg, CISSP
Visit your host, monkey.org