Re: [exim] exim & mysql-connector-c

Top Pagina
Delete this message
Reply to this message
Auteur: Mark Elkins
Datum:  
Aan: exim-users@exim.org
Oude Onderwerpen: [exim] exim & mysql-connector-c
Onderwerp: Re: [exim] exim & mysql-connector-c
I had hoped that by leaving this - the problem would go away. Short term
solution was to go back a version (Exim version 4.92.2 #2 built
08-Oct-2019 03:40:12) - which I did.

I am technically on exim-4.93.0.4 and mysql-connector-c-8.0.19:0/21

On my Mail Submission machine (Port 587, with STARTTLS and user
authentication)  there is the following code in my exim.conf file.

PLAIN:
  driver                     = plaintext
  public_name = PLAIN
  server_advertise_condition = ${if eq{$tls_cipher}{}{no}{yes}}

  server_prompts             = :

  server_condition = "${if and { \
                      {!eq{$auth2}{}} \
                      {!eq{$auth3}{}} \
                      {crypteq{$auth3}{${lookup mysql{SELECT despass
FROM admin WHERE punyuser='${quote_mysql:$auth2}' and status>2 and
usertype='m' and smtpauth='y' }{$value}fail}} }} {yes}{no}}"
  server_set_id              = $auth2

I am getting the following in my log file:-

2020-05-21 15:48:03 PLAIN authenticator failed for (DESKTOP1OI0BHK)
[41.1.2.3]:54719 I=[192.96.24.71]:587: 435 Unable to authenticate at
present (set_id=user@???): lookup of "SELECT despass FROM admin
WHERE punyuser='user@???' and status>2 and usertype='m' and
smtpauth='y' " gave *DEFER: MYSQL connection failed: Bad handshake
inside "and{...}" condition*

This does the normal sort of lookup for the DES encrypted password, the
status is whether the user is enabled (status>2), whether this is user
is a mail-user (usertype='m') and whether they have access to my SMTP
Server (smtpauth='y' ). This has been working for years.
**

Any suggestions as to what to do?
Anyone running Gentoo with users in MySQL - do you have problems?

My "compiling" options looks like...
[ebuild   R    ] dev-db/mysql-connector-c-8.0.19:0/21::gentoo USE="-ldap
-libressl -static-libs" ABI_X86="(64) -32 (-x32)" 0 KiB
[ebuild   R   ~] mail-mta/exim-4.93.0.4::gentoo  USE="dane dkim dmarc
dnsdb doc exiscan-acl ipv6 maildir mysql pam prdr sasl spf srs ssl tcpd
tpda -X -arc -dcc -dlfunc -dovecot-sasl -dsn -gnutls -idn -ldap
-libressl -lmtp -mbx -nis -perl -pkcs11 -postgres -proxy -radius -redis
(-selinux) -sqlite -syslog" 0 KiB

I'm assuming I have not missed anything such as the MySQL connection
info being changed. Mine looks something like:-

hide mysql_servers = db-server.organisation.com/db-name/db-user/db-password




On 2020/02/16 17:44, Mark Elkins via Exim-users wrote:
> Hi,
>
> I run a few machines with exim - for both Submission (SMTP relay) and
> for receiving emails for quite a few email addresses in numerous domains.
> My users are stored in a database for ease of configuration.
> I run Gentoo and usually try and keep up to date with all packages.
>
> Last night - one machine updated:-
>
> dev-db/mysql-connector-c-8.0.19::gentoo
> mail-mta/exim-4.93.0.4::gentoo
>
> I then got an error "Internal error - virtual-forward"
> This routine does a Database lookup to see if this customers e-mail
> should be forwarded elsewhere...
> That looks like...
> virtual_forward:
> # The returned 'email' value can be multiple comma separated addresses
>   driver = redirect
>   data = ${lookup mysql{select email from admin where
> punyuser="${quote_mysql:$local_part@$domain}" and status>2}}
>   user = smmsp
>   file_transport = address_file
>   pipe_transport = address_pipe
>
> I commented it out and the error moved.... to "mysql_user".
> This routine looks up a user and does a final delivery into the users
> mailbox - along with mysql_delivery...
>
> mysql_user:
>   driver = accept
>   condition = \
>    ${if eq {} \
>    {${lookup mysql {select punyuser from admin \
>     where punyuser='${quote_mysql:$local_part@$domain}' and status>2}}} \
>    {no}{yes}}
>   retry_use_local_part
>   transport = mysql_delivery
>
> mysql_delivery:
>   driver = appendfile
>   directory = /var/spool/mail/$domain/$local_part/
>   maildir_format = true
>   directory_mode = 0755
>   create_directory = true
>   user = smmsp
>   group = smmsp
>   mode = 0660
>   message_size_limit = ${lookup mysql {select imsize from admin \
>     where punyuser='${local_part}@${domain}'}}M
>   quota = ${lookup mysql {select mquota from admin \
>     where punyuser='${local_part}@${domain}'}}M
>   quota_is_inclusive=false
>   quota_warn_threshold = 80%
>
>   message_suffix = ${lookup mysql {insert into maillog set
> mfrom='${quote_mysql:$sender_address}',\
>     mto='${quote_mysql:$local_part}@${domain}', domain='${domain}',
> mvia='${quote_mysql:$sender_host_address}',\
>     msize=${message_size}, mdelivered=current_timestamp,
> mailid='$message_id', mspam='$spam_score_int',\
>     mreturn='${quote_mysql:$return_path}' }{}{}}
>
>   quota_warn_message = "\
>     To: $local_part@$domain\n\
>     Subject: Mailbox is 80% full\n\n\
>     This message is automatically created by the mail delivery
> system.\n\n\
>     (text deleted)
>     of your mail box (within limits).\n\n\
>     Support\n"
>
> Anyway - I tried re-compiling older versions of Exim (down to
> mail-mta/exim-4.92.2) with the same result - MySQL simply did not work
> - though it worked perfectly at the Command line using the mysql command)
>
> Then I noticed that "mysql-connector-c" had also changed. I assume
> it's interaction with "mysql-connector-c" that has broken something.
>
> Copied an older version of "exim" from another machine - and
> deliveries started working again. That's fine for now but not long term.
>
> Is this a known problem - found by others? Any particular path to follow?
>

--

Mark James ELKINS  -  Posix Systems - (South) Africa
mje@???       Tel: +27.826010496 <tel:+27826010496>
For fast, reliable, low cost Internet in ZA: https://ftth.posix.co.za