I had hoped that by leaving this - the problem would go away. Short term
solution was to go back a version (Exim version 4.92.2 #2 built
08-Oct-2019 03:40:12) - which I did.
I am technically on exim-4.93.0.4 and mysql-connector-c-8.0.19:0/21
On my Mail Submission machine (Port 587, with STARTTLS and user
authentication) there is the following code in my exim.conf file.
PLAIN:
driver = plaintext
public_name = PLAIN
server_advertise_condition = ${if eq{$tls_cipher}{}{no}{yes}}
server_prompts = :
server_condition = "${if and { \
{!eq{$auth2}{}} \
{!eq{$auth3}{}} \
{crypteq{$auth3}{${lookup mysql{SELECT despass
FROM admin WHERE punyuser='${quote_mysql:$auth2}' and status>2 and
usertype='m' and smtpauth='y' }{$value}fail}} }} {yes}{no}}"
server_set_id = $auth2
I am getting the following in my log file:-
2020-05-21 15:48:03 PLAIN authenticator failed for (DESKTOP1OI0BHK)
[41.1.2.3]:54719 I=[192.96.24.71]:587: 435 Unable to authenticate at
present (set_id=user@???): lookup of "SELECT despass FROM admin
WHERE punyuser='user@???' and status>2 and usertype='m' and
smtpauth='y' " gave *DEFER: MYSQL connection failed: Bad handshake
inside "and{...}" condition*
This does the normal sort of lookup for the DES encrypted password, the
status is whether the user is enabled (status>2), whether this is user
is a mail-user (usertype='m') and whether they have access to my SMTP
Server (smtpauth='y' ). This has been working for years.
**
Any suggestions as to what to do?
Anyone running Gentoo with users in MySQL - do you have problems?
My "compiling" options looks like...
[ebuild R ] dev-db/mysql-connector-c-8.0.19:0/21::gentoo USE="-ldap
-libressl -static-libs" ABI_X86="(64) -32 (-x32)" 0 KiB
[ebuild R ~] mail-mta/exim-4.93.0.4::gentoo USE="dane dkim dmarc
dnsdb doc exiscan-acl ipv6 maildir mysql pam prdr sasl spf srs ssl tcpd
tpda -X -arc -dcc -dlfunc -dovecot-sasl -dsn -gnutls -idn -ldap
-libressl -lmtp -mbx -nis -perl -pkcs11 -postgres -proxy -radius -redis
(-selinux) -sqlite -syslog" 0 KiB
I'm assuming I have not missed anything such as the MySQL connection
info being changed. Mine looks something like:-
hide mysql_servers = db-server.organisation.com/db-name/db-user/db-password
On 2020/02/16 17:44, Mark Elkins via Exim-users wrote:
> Hi,
>
> I run a few machines with exim - for both Submission (SMTP relay) and
> for receiving emails for quite a few email addresses in numerous domains.
> My users are stored in a database for ease of configuration.
> I run Gentoo and usually try and keep up to date with all packages.
>
> Last night - one machine updated:-
>
> dev-db/mysql-connector-c-8.0.19::gentoo
> mail-mta/exim-4.93.0.4::gentoo
>
> I then got an error "Internal error - virtual-forward"
> This routine does a Database lookup to see if this customers e-mail
> should be forwarded elsewhere...
> That looks like...
> virtual_forward:
> # The returned 'email' value can be multiple comma separated addresses
> driver = redirect
> data = ${lookup mysql{select email from admin where
> punyuser="${quote_mysql:$local_part@$domain}" and status>2}}
> user = smmsp
> file_transport = address_file
> pipe_transport = address_pipe
>
> I commented it out and the error moved.... to "mysql_user".
> This routine looks up a user and does a final delivery into the users
> mailbox - along with mysql_delivery...
>
> mysql_user:
> driver = accept
> condition = \
> ${if eq {} \
> {${lookup mysql {select punyuser from admin \
> where punyuser='${quote_mysql:$local_part@$domain}' and status>2}}} \
> {no}{yes}}
> retry_use_local_part
> transport = mysql_delivery
>
> mysql_delivery:
> driver = appendfile
> directory = /var/spool/mail/$domain/$local_part/
> maildir_format = true
> directory_mode = 0755
> create_directory = true
> user = smmsp
> group = smmsp
> mode = 0660
> message_size_limit = ${lookup mysql {select imsize from admin \
> where punyuser='${local_part}@${domain}'}}M
> quota = ${lookup mysql {select mquota from admin \
> where punyuser='${local_part}@${domain}'}}M
> quota_is_inclusive=false
> quota_warn_threshold = 80%
>
> message_suffix = ${lookup mysql {insert into maillog set
> mfrom='${quote_mysql:$sender_address}',\
> mto='${quote_mysql:$local_part}@${domain}', domain='${domain}',
> mvia='${quote_mysql:$sender_host_address}',\
> msize=${message_size}, mdelivered=current_timestamp,
> mailid='$message_id', mspam='$spam_score_int',\
> mreturn='${quote_mysql:$return_path}' }{}{}}
>
> quota_warn_message = "\
> To: $local_part@$domain\n\
> Subject: Mailbox is 80% full\n\n\
> This message is automatically created by the mail delivery
> system.\n\n\
> (text deleted)
> of your mail box (within limits).\n\n\
> Support\n"
>
> Anyway - I tried re-compiling older versions of Exim (down to
> mail-mta/exim-4.92.2) with the same result - MySQL simply did not work
> - though it worked perfectly at the Command line using the mysql command)
>
> Then I noticed that "mysql-connector-c" had also changed. I assume
> it's interaction with "mysql-connector-c" that has broken something.
>
> Copied an older version of "exim" from another machine - and
> deliveries started working again. That's fine for now but not long term.
>
> Is this a known problem - found by others? Any particular path to follow?
>
--
Mark James ELKINS - Posix Systems - (South) Africa
mje@??? Tel: +27.826010496 <tel:+27826010496>
For fast, reliable, low cost Internet in ZA:
https://ftth.posix.co.za