I had hoped that by leaving this - the problem would go away. Short term
solution was to go back a version (Exim version 4.92.2 #2 built
08-Oct-2019 03:40:12) - which I did.
I am technically on exim-4.93.0.4 and mysql-connector-c-8.0.19:0/21
On my Mail Submission machine (Port 587, with STARTTLS and user
authentication) there is the following code in my exim.conf file.
PLAIN:
driver = plaintext
public_name = PLAIN
server_advertise_condition = ${if eq{$tls_cipher}{}{no}{yes}}
server_prompts = :
server_condition = "${if and { \
{!eq{$auth2}{}} \
{!eq{$auth3}{}} \
{crypteq{$auth3}{${lookup mysql{SELECT despass
FROM admin WHERE punyuser='${quote_mysql:$auth2}' and status>2 and
usertype='m' and smtpauth='y' }{$value}fail}} }} {yes}{no}}"
server_set_id = $auth2
I am getting the following in my log file:-
2020-05-21 15:48:03 PLAIN authenticator failed for (DESKTOP1OI0BHK)
[41.1.2.3]:54719 I=[192.96.24.71]:587: 435 Unable to authenticate at
present ([email protected]): lookup of "SELECT despass FROM admin
WHERE punyuser='[email protected]' and status>2 and usertype='m' and
smtpauth='y' " gave *DEFER: MYSQL connection failed: Bad handshake
inside "and{...}" condition*
This does the normal sort of lookup for the DES encrypted password, the
status is whether the user is enabled (status>2), whether this is user
is a mail-user (usertype='m') and whether they have access to my SMTP
Server (smtpauth='y' ). This has been working for years.
**
Any suggestions as to what to do?
Anyone running Gentoo with users in MySQL - do you have problems?
My "compiling" options looks like...
[ebuild R ] dev-db/mysql-connector-c-8.0.19:0/21::gentoo USE="-ldap
-libressl -static-libs" ABI_X86="(64) -32 (-x32)" 0 KiB
[ebuild R ~] mail-mta/exim-4.93.0.4::gentoo USE="dane dkim dmarc
dnsdb doc exiscan-acl ipv6 maildir mysql pam prdr sasl spf srs ssl tcpd
tpda -X -arc -dcc -dlfunc -dovecot-sasl -dsn -gnutls -idn -ldap
-libressl -lmtp -mbx -nis -perl -pkcs11 -postgres -proxy -radius -redis
(-selinux) -sqlite -syslog" 0 KiB
I'm assuming I have not missed anything such as the MySQL connection
info being changed. Mine looks something like:-
hide mysql_servers = db-server.organisation.com/db-name/db-user/db-password
On 2020/02/16 17:44, Mark Elkins via Exim-users wrote:
Hi,
I run a few machines with exim - for both Submission (SMTP relay) and
for receiving emails for quite a few email addresses in numerous domains.
My users are stored in a database for ease of configuration.
I run Gentoo and usually try and keep up to date with all packages.
Last night - one machine updated:-
dev-db/mysql-connector-c-8.0.19::gentoo
mail-mta/exim-4.93.0.4::gentoo
I then got an error "Internal error - virtual-forward"
This routine does a Database lookup to see if this customers e-mail
should be forwarded elsewhere...
That looks like...
virtual_forward:
# The returned 'email' value can be multiple comma separated addresses
driver = redirect
data = ${lookup mysql{select email from admin where
punyuser="${quote_mysql:$local_part@$domain}" and status>2}}
user = smmsp
file_transport = address_file
pipe_transport = address_pipe
I commented it out and the error moved.... to "mysql_user".
This routine looks up a user and does a final delivery into the users
mailbox - along with mysql_delivery...
mysql_user:
driver = accept
condition = \
${if eq {} \
{${lookup mysql {select punyuser from admin \
where punyuser='${quote_mysql:$local_part@$domain}' and status>2}}} \
{no}{yes}}
retry_use_local_part
transport = mysql_delivery
mysql_delivery:
driver = appendfile
directory = /var/spool/mail/$domain/$local_part/
maildir_format = true
directory_mode = 0755
create_directory = true
user = smmsp
group = smmsp
mode = 0660
message_size_limit = ${lookup mysql {select imsize from admin \
where punyuser='${local_part}@${domain}'}}M
quota = ${lookup mysql {select mquota from admin \
where punyuser='${local_part}@${domain}'}}M
quota_is_inclusive=false
quota_warn_threshold = 80%
message_suffix = ${lookup mysql {insert into maillog set
mfrom='${quote_mysql:$sender_address}',\
mto='${quote_mysql:$local_part}@${domain}', domain='${domain}',
mvia='${quote_mysql:$sender_host_address}',\
msize=${message_size}, mdelivered=current_timestamp,
mailid='$message_id', mspam='$spam_score_int',\
mreturn='${quote_mysql:$return_path}' }{}{}}
quota_warn_message = "\
To: $local_part@$domain\n\
Subject: Mailbox is 80% full\n\n\
This message is automatically created by the mail delivery
system.\n\n\
(text deleted)
of your mail box (within limits).\n\n\
Support\n"
Anyway - I tried re-compiling older versions of Exim (down to
mail-mta/exim-4.92.2) with the same result - MySQL simply did not work
- though it worked perfectly at the Command line using the mysql command)
Then I noticed that "mysql-connector-c" had also changed. I assume
it's interaction with "mysql-connector-c" that has broken something.
Copied an older version of "exim" from another machine - and
deliveries started working again. That's fine for now but not long term.
Is this a known problem - found by others? Any particular path to follow?
--
Mark James ELKINS - Posix Systems - (South) Africa
[email protected] Tel: +27.826010496 <tel:+27826010496>
For fast, reliable, low cost Internet in ZA: https://ftth.posix.co.za
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
