courier-authlib:输入错误的用户名进行搜索查询

tag-icon tag-icon email postfix smtp authentication courier
courier-authlib:输入错误的用户名进行搜索查询

我正在尝试使用 courier、postfix 上的 mysql 设置 smtp 身份验证。

我的数据库中的密码是加密的。

当我尝试连接时,出现身份验证失败

r2d2 ~ # telnet mail.server.com 25
Trying 45.33.27.121...
Connected to mail.server.com.
Escape character is '^]'.
220 r2d2.server.com ESMTP Postfix
HELO server.com
250 r2d2.server.com
AUTH LOGIN
334 VXNrcm5hbWU6
dXNlci5jb20=
334 UGFyc3dvcmQ6
Qg=!
535 5.7.8 Error: authentication failed: authentication failure

当我查看日志时,我看到一个错误的用户名试图进行身份验证

r2d2 postfix/smtpd[25275]: sql plugin Parse the username user.com

进入数据库的用户名应该是

[email protected]

这不是一个编码问题:

# perl -MMIME::Base64 -e 'print encode_base64("[email protected]");'
dXNlci5jb20=

由于某种原因,它放弃了虚拟域

配置文件/etc/courier/authlib/authmysqlrc:

MYSQL_SERVER            localhost
MYSQL_USERNAME          myuser
MYSQL_PASSWORD          mypass
MYSQL_PORT              3306
MYSQL_OPT               0
MYSQL_DATABASE          mail
MYSQL_USER_TABLE        mailbox
MYSQL_CRYPT_PWFIELD     password
MYSQL_UID_FIELD         5000
MYSQL_GID_FIELD         5000
MYSQL_LOGIN_FIELD       username
MYSQL_HOME_FIELD        '/var/vmail/'
MYSQL_NAME_FIELD        name
MYSQL_MAILDIR_FIELD     maildir
MYSQL_WHERE_CLAUSE active='1'

我测试了 SQL,该语句在手动应用于 mysql cli 时有效。mysql 查询日志显示使用的用户名不正确。日志中的错误是准确的。

%u 不知为何接收到了错误的数据。

smtp配置文件

pwcheck_method: authdaemond
mech_list: LOGIN PLAIN CRAM-MD5 DIGEST-MD5
sql_select: dummy
authdaemond_path: /var/lib/courier/authdaemon/socket
log_level: 2
sasl_pwcheck_method: saslauthd
sasl_auxprop_plugin: mysql
password_format: plain
sql_engine: mysql
sql_hostnames: localhost
sql_database: db
sql_user: use
sql_passwd: pass
sql_select: SELECT password FROM mailbox WHERE username='%u' AND active='1'

对于 mysql 中的查询,如何让 courier 不从用户名中删除入站虚拟域?

来自IRC的更新:

<SkunkyFone> tunage: i can't find it.  i know, long long ago, there were separate options for "username" and "domain" in either postfix or courier authlib, and there was an option to make it smoosh things together or drop the domain entirely, and getting them out of sync would do Bad Things.. but i can't find where in my config that is right now.
[07:30:38] <tunage> SkunkyFone: I have seen the exact setting you are talking about, probably about the same time you last looked at it...   o.0

答案1

我认为你可能需要修改你的 SQL 选择语句

sql_select: SELECT password FROM mailbox WHERE username='%u@%r' AND active ='1'

因为应该同时选择用户和域。

相关内容