Torsten[EG]
06.10.04, 12:34
Hallo,
ich habe ein großes Problem mit meinem Mailserver, den ich genau nach diesem HowTo (http://www.debianhowto.de/howtos/de/exim4-vexim-sarge/c_exim4-vexim-sarge.html) aufgesetzt habe... leider konnte mir trotz schneller Antworten auch keiner der beiden Autoren weiterhelfen.
Courier läuft, aber wenn ich einen Login-Versuch mit einem Client starten möchte, taucht das folgendermaßen in /var/log/mail.err auf:
Oct 6 09:54:03 kraemer courierpop3login: LOGIN FAILED, ip=[::ffff:84.128.216.82]
Oct 6 13:24:47 kraemer authdaemond.mysql: failed to connect to mysql server (server=localhost, userid=vexim)
Nun ja... das ist eine saudumme Sache. Der User vexim existiert natürlich (sogar testweise mit allen Rechten - Login über mysql-Shell funktioniert!), alle Einträge in /etc/courier/autmysqlrc (MYSQL_SERVER, MYSQL_USERNAME, MYSQL_PASSWORD, etc.) sind korrekt.
Warum will der authdaemon von courier das nicht anerkennen?
hi tomek,
bei mir ist die datei '/etc/courier/authmysqlrc', wie im howto angegenen, angepasst. habe die angaben mehrmals überprüft, und auch sichergestellt, dass die sinnvoll sind, bzw. der mysql-tabelle entsprechen.
'top' sagt, dass ein dienst namens 'authdaemon.mysql' in 5mal läuft.
felix
ja, jedenfalls sind sämtliche mysql-benutzer, die für die websites angelegt sind, nur mit dem recht ausgestattet, den mysql-server über localhost zu anzusprechen.
felix
hi travolds,
die option 'skip networking' in '/etc/mysql/my.cnf' ist, wir von dir empholen, auskommentiert gewesen.
nmap bestätigt das:
felix@notebook:~$ nmap meine-domain.de
Starting nmap 3.75 ( http://www.insecure.org/nmap/ ) at 2005-02-09 09:25 CET
Interesting ports on meine-domain.de (xxx.xxx.xxx.xxx):
(The 1654 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
[...]
3306/tcp open mysql
Nmap run completed -- 1 IP address (1 host up) scanned in 31.250 seconds
wenn ich den mysql-server via telnet ansprechen möchte, wie oben empholen, bekomme ich dieses ergebnis:
felix@meine-domain:/etc/mysql # telnet localhost 3306
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
NHost 'localhost.localdomain' is not allowed to connect to this MySQL serverConnection closed by foreign hos
der versuch schlägt also fehl. allerdings dachte ich immer, telnet sei eine methode rechner fernzuadministrieren (wie ssh), deshalb bleibt mir der sinn dieses versuchs verschlossen.
den server mittels
bash# mysql -u root -panzusprechen ist kein problem.
die datei '/var/log/mail.err' sieht so aus:
Feb 7 00:11:21 meine-domain courierpop3login: LOGIN FAILED, ip=[::ffff:xxx.xxx.xxx.xxx]
Feb 7 00:11:54 meine-domain last message repeated 2 times
Feb 7 00:12:21 meine-domain courierpop3login: LOGIN FAILED, ip=[::ffff:xxx.xxx.xxx.xxx]
Feb 7 00:13:21 meine-domain last message repeated 2 times
Feb 7 00:14:22 meine-domain courierpop3login: LOGIN FAILED, ip=[::ffff:xxx.xxx.xxx.xxx]
Feb 7 00:15:21 meine-domain courierpop3login: LOGIN FAILED, ip=[::ffff:xxx.xxx.xxx.xxx]
Feb 7 00:16:21 meine-domain courierpop3login: LOGIN FAILED, ip=[::ffff:xxx.xxx.xxx.xxx]
[...]
Feb 7 00:34:21 meine-domain courierpop3login: LOGIN FAILED, ip=[::ffff:xxx.xxx.xxx.xxx]
Feb 7 00:35:09 meine-domain authdaemond.mysql: failed to connect to mysql server (server=localhost, userid=faslch)
Feb 7 00:35:14 meine-domain courierpop3login: LOGIN FAILED, ip=[::ffff:xxx.xxx.xxx.xxx]
[...]
Feb 7 00:38:20 meine-domain imaplogin: DISCONNECTED, ip=[::ffff:xxx.xxx.xxx.xxx], time=0
Feb 7 00:38:20 meine-domain courierpop3login: LOGIN FAILED, ip=[::ffff:xxx.xxx.xxx.xxx]
Feb 7 00:39:15 meine-domain authdaemond.mysql: failed to connect to mysql server (server=localhost, userid=faslch)
Feb 7 00:39:20 meine-domain courierpop3login: LOGIN FAILED, ip=[::ffff:xxx.xxx.xxx.xxx]
Feb 7 00:40:15 meine-domain authdaemond.mysql: failed to connect to mysql server (server=localhost, userid=faslch)
Feb 7 00:40:20 meine-domain courierpop3login: LOGIN FAILED, ip=[::ffff:xxx.xxx.xxx.xxx]
Feb 7 00:40:44 meine-domain authdaemond.mysql: failed to connect to mysql server (server=localhost, userid=faslch)
Feb 7 00:40:49 meine-domain courierpop3login: LOGIN FAILED, ip=[::ffff:xxx.xxx.xxx.xxx]
[...]
Feb 7 00:43:20 meine-domain last message repeated 2 times
Feb 7 00:44:20 meine-domain last message repeated 2 times
Feb 7 00:45:20 meine-domain last message repeated 2 times
Feb 7 00:46:20 meine-domain courierpop3login: LOGIN FAILED, ip=[::ffff:xxx.xxx.xxx.xxx]
Feb 7 00:47:20 meine-domain courierpop3login: LOGIN FAILED, ip=[::ffff:xxx.xxx.xxx.xxx]
Feb 7 00:48:20 meine-domain courierpop3login: LOGIN FAILED, ip=[::ffff:xxx.xxx.xxx.xxx]
Feb 7 00:49:20 meine-domain courierpop3login: LOGIN FAILED, ip=[::ffff:xxx.xxx.xxx.xxx]
[...]
das problem mit dem 'authdaemon.mysql' bestand, zeitlich gesehen, nur in der mitte des logfiles. das problem hab ich aber gelöst. ich hatte 'authmodulelist="authmysql"' in '/etc/courier/authdaemonrc' vergessen.
trotzdem war der login nacher nicht möglich. mein mail-client hat genau das gemeldet, was auch in 'mail.err' steht. 'login failed'.
verstehe nur nicht warum, habe extra nocheinmal in der tabelle 'users' in der datenbank 'vexim' nachgeguckt, ob der user, mit dem ich mich versucht habe anzumelden, auch existiert.
zu guter letzt, der vollständigkeit halber noch '/etc/courier/authmysqlrc':
##VERSION: $Id: authmysqlrc,v 1.17 2004/04/20 01:38:17 mrsam Exp $
#
# Copyright 2000-2004 Double Precision, Inc. See COPYING for
# distribution information.
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# authmysqlrc created from authmysqlrc.dist by sysconftool
#
# DO NOT INSTALL THIS FILE with world read permissions. This file
# might contain the MySQL admin password!
#
# Each line in this file must follow the following format:
#
# field[spaces|tabs]value
#
# That is, the name of the field, followed by spaces or tabs, followed by
# field value. Trailing spaces are prohibited.
##NAME: LOCATION:0
#
# The server name, userid, and password used to log in.
MYSQL_SERVER localhost
MYSQL_USERNAME vexim
MYSQL_PASSWORD xxxxxx
##NAME: MYSQL_SOCKET:0
#
# MYSQL_SOCKET can be used with MySQL version 3.22 or later, it specifies the
# filesystem pipe used for the connection
#
MYSQL_SOCKET /var/run/mysqld/mysqld.sock
##NAME: MYSQL_PORT:0
#
# MYSQL_PORT can be used with MySQL version 3.22 or later to specify a port to
# connect to.
MYSQL_PORT 3306
##NAME: MYSQL_OPT:0
#
# Leave MYSQL_OPT as 0, unless you know what you're doing.
MYSQL_OPT 0
##NAME: MYSQL_DATABASE:0
#
# The name of the MySQL database we will open:
MYSQL_DATABASE vexim
##NAME: MYSQL_USER_TABLE:0
#
# The name of the table containing your user data. See README.authmysqlrc
# for the required fields in this table.
MYSQL_USER_TABLE users
##NAME: MYSQL_CRYPT_PWFIELD:0
#
# Either MYSQL_CRYPT_PWFIELD or MYSQL_CLEAR_PWFIELD must be defined. Both
# are OK too. crypted passwords go into MYSQL_CRYPT_PWFIELD, cleartext
# passwords go into MYSQL_CLEAR_PWFIELD. Cleartext passwords allow
# CRAM-MD5 authentication to be implemented.
MYSQL_CRYPT_PWFIELD crypt
##NAME: MYSQL_CLEAR_PWFIELD:0
#
#
MYSQL_CLEAR_PWFIELD clear
##NAME: MYSQL_DEFAULT_DOMAIN:0
#
# If DEFAULT_DOMAIN is defined, and someone tries to log in as 'user',
# we will look up 'user@DEFAULT_DOMAIN' instead.
#
#
# DEFAULT_DOMAIN example.com
##NAME: MYSQL_UID_FIELD:0
#
# Other fields in the mysql table:
#
# MYSQL_UID_FIELD - contains the numerical userid of the account
#
MYSQL_UID_FIELD uid
##NAME: MYSQL_GID_FIELD:0
#
# Numerical groupid of the account
MYSQL_GID_FIELD gid
##NAME: MYSQL_LOGIN_FIELD:0
#
# The login id, default is id. Basically the query is:
#
# SELECT MYSQL_UID_FIELD, MYSQL_GID_FIELD, ... WHERE id='loginid'
#
MYSQL_LOGIN_FIELD username
##NAME: MYSQL_HOME_FIELD:0
#
MYSQL_HOME_FIELD pop
##NAME: MYSQL_NAME_FIELD:0
#
# The user's name (optional)
MYSQL_NAME_FIELD realname
##NAME: MYSQL_MAILDIR_FIELD:0
#
# This is an optional field, and can be used to specify an arbitrary
# location of the maildir for the account, which normally defaults to
# $HOME/Maildir (where $HOME is read from MYSQL_HOME_FIELD).
#
# You still need to provide a MYSQL_HOME_FIELD, even if you uncomment this
# out.
#
MYSQL_MAILDIR_FIELD maildir
##NAME: MYSQL_DEFAULTDELIVERY:0
#
# Courier mail server only: optional field specifies custom mail delivery
# instructions for this account (if defined) -- essentially overrides
# DEFAULTDELIVERY from ${sysconfdir}/courierd
#
# MYSQL_DEFAULTDELIVERY defaultdelivery
##NAME: MYSQL_QUOTA_FIELD:0
#
# Define MYSQL_QUOTA_FIELD to be the name of the field that can optionally
# specify a maildir quota. See README.maildirquota for more information
#
# MYSQL_QUOTA_FIELD quota
##NAME: MYSQL_AUXOPTIONS:0
#
# Auxiliary options. The MYSQL_AUXOPTIONS field should be a char field that
# contains a single string consisting of comma-separated "ATTRIBUTE=NAME"
# pairs. These names are additional attributes that define various per-account
# "options", as given in INSTALL's description of the "Account OPTIONS"
# setting.
#
# MYSQL_AUXOPTIONS_FIELD auxoptions
#
# You might want to try something like this, if you'd like to use a bunch
# of individual fields, instead of a single text blob:
#
# MYSQL_AUXOPTIONS_FIELD CONCAT("disableimap=",disableimap,",disablepop3=",disablepop3,",disablewebmail=",disablewebmail,",sharedgroup=",sharedgroup)
#
# This will let you define fields called "disableimap", etc, with the end result
# being something that the OPTIONS parser understands.
##NAME: MYSQL_WHERE_CLAUSE:0
#
# This is optional, MYSQL_WHERE_CLAUSE can be basically set to an arbitrary
# fixed string that is appended to the WHERE clause of our query
#
# MYSQL_WHERE_CLAUSE server='mailhost.example.com'
##NAME: MYSQL_SELECT_CLAUSE:0
#
# (EXPERIMENTAL)
# This is optional, MYSQL_SELECT_CLAUSE can be set when you have a database,
# which is structuraly different from proposed. The fixed string will
# be used to do a SELECT operation on database, which should return fields
# in order specified bellow:
#
# username, cryptpw, clearpw, uid, gid, home, maildir, quota, fullname, options
#
# The username field should include the domain (see example below).
#
# Enabling this option causes ignorance of any other field-related
# options, excluding default domain.
#
# There are two variables, which you can use. Substitution will be made
# for them, so you can put entered username (local part) and domain name
# in the right place of your query. These variables are:
# $(local_part), $(domain), $(service)
#
# If a $(domain) is empty (not given by the remote user) the default domain
# name is used in its place.
#
# $(service) will expand out to the service being authenticated: imap, imaps,
# pop3 or pop3s. Courier mail server only: service will also expand out to
# "courier", when searching for local mail account's location. In this case,
# if the "maildir" field is not empty it will be used in place of
# DEFAULTDELIVERY. Courier mail server will also use esmtp when doing
# authenticated ESMTP.
#
# This example is a little bit modified adaptation of vmail-sql
# database scheme:
#
# MYSQL_SELECT_CLAUSE SELECT CONCAT(popbox.local_part, '@', popbox.domain_name), \
# CONCAT('{MD5}', popbox.password_hash), \
# popbox.clearpw, \
# domain.uid, \
# domain.gid, \
# CONCAT(domain.path, '/', popbox.mbox_name), \
# '', \
# domain.quota, \
# '', \
# CONCAT("disableimap=",disableimap,",disablepop3=", \
# disablepop3,",disablewebmail=",disablewebmail, \
# ",sharedgroup=",sharedgroup) \
# FROM popbox, domain \
# WHERE popbox.local_part = '$(local_part)' \
# AND popbox.domain_name = '$(domain)' \
# AND popbox.domain_name = domain.domain_name
##NAME: MYSQL_ENUMERATE_CLAUSE:0
#
# {EXPERIMENTAL}
# Optional custom SQL query used to enumerate accounts for authenumerate,
# in order to compile a list of accounts for shared folders. The query
# should return the following fields: name, uid, gid, homedir, maildir
#
# Example:
# MYSQL_ENUMERATE_CLAUSE SELECT CONCAT(popbox.local_part, '@', popbox.domain_name), \
# domain.uid, \
# domain.gid, \
# CONCAT(domain.path, '/', popbox.mbox_name), \
# '' \
# FROM popbox, domain \
# WHERE popbox.local_part = '$(local_part)' \
# AND popbox.domain_name = '$(domain)' \
# AND popbox.domain_name = domain.domain_name
##NAME: MYSQL_CHPASS_CLAUSE:0
#
# (EXPERIMENTAL)
# This is optional, MYSQL_CHPASS_CLAUSE can be set when you have a database,
# which is structuraly different from proposed. The fixed string will
# be used to do an UPDATE operation on database. In other words, it is
# used, when changing password.
#
# There are four variables, which you can use. Substitution will be made
# for them, so you can put entered username (local part) and domain name
# in the right place of your query. There variables are:
# $(local_part) , $(domain) , $(newpass) , $(newpass_crypt)
#
# If a $(domain) is empty (not given by the remote user) the default domain
# name is used in its place.
# $(newpass) contains plain password
# $(newpass_crypt) contains its crypted form
#
# MYSQL_CHPASS_CLAUSE UPDATE popbox \
# SET clearpw='$(newpass)', \
# password_hash='$(newpass_crypt)' \
# WHERE local_part='$(local_part)' \
# AND domain_name='$(domain)'
#
hoffe, dass mit diesen infos, das problem irgendwie zu lösen ist.
felix
Powered by vBulletin® Version 4.2.5 Copyright ©2024 Adduco Digital e.K. und vBulletin Solutions, Inc. Alle Rechte vorbehalten.