[Postfixbuch-users] Probleme mit Sasl und Courer pop3/imap
Matthias Ebner
postfixbuch at mailinglists.syneha.de
Di Dez 30 22:36:26 CET 2003
Hallo,
natürlich muss am letzten Tag des Jahres noch alles schief gehen.
ich habe heute auf einem Testserver (Debian) Postfix und Courier aufgesetzt.
Leider ergeben sich zwei Probleme:
beim Versuch von einem LAN Client eine Nachricht auf dem Postfix
einzuliefern erscheint folgendes im log:
----------------------------------------------------------------------------
--------------------------------
Dec 30 22:48:10 debian postfix/smtpd[2280]: connect from emnpc2[192.168.1.6]
Dec 30 22:48:10 debian postfix/smtpd[2280]: warning: SASL authentication
problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
Dec 30 22:48:10 debian postfix/smtpd[2280]: warning: SASL authentication
failure: no secret in database
Dec 30 22:48:10 debian postfix/smtpd[2280]: warning: emnpc2[192.168.1.6]:
SASL NTLM authentication failed
Dec 30 22:48:19 debian postfix/smtpd[2280]: warning: SASL authentication
problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
Dec 30 22:48:19 debian postfix/smtpd[2280]: warning: SASL authentication
failure: no secret in database
Dec 30 22:48:19 debian postfix/smtpd[2280]: warning: emnpc2[192.168.1.6]:
SASL NTLM authentication failed
Dec 30 22:48:21 debian postfix/smtpd[2280]: warning: emnpc2[192.168.1.6]:
SASL NTLM authentication failed
Dec 30 22:48:22 debian postfix/smtpd[2280]: warning: SASL authentication
problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
Dec 30 22:48:22 debian postfix/smtpd[2280]: warning: SASL authentication
problem: unknown password verifier
Dec 30 22:48:22 debian postfix/smtpd[2280]: warning: emnpc2[192.168.1.6]:
SASL LOGIN authentication failed
Dec 30 22:48:23 debian postfix/smtpd[2280]: lost connection after AUTH from
emnpc2[192.168.1.6]
Dec 30 22:48:23 debian postfix/smtpd[2280]: disconnect from
emnpc2[192.168.1.6]
----------------------------------------------------------------------------
---------------------------------
Das komische daran: Der Postfix soll eigentlich über eine MySql Datenbank
arbeiten.
Es wurde alles nach der Anleitung von
http://www.workaround.org/articles/ispmail/ eingerichtet.
Problem Nummer 2:
Beim Versuch Mail über pop3 vom Courier abzurufen erscheint jedesmal
folgendes im log:
----------------------------------------------------------------------------
----------------------------------
Dec 30 22:54:22 debian courierpop3login: Connection, ip=[::ffff:192.168.1.6]
Dec 30 22:54:39 debian last message repeated 2 times
Dec 30 22:54:44 debian courierpop3login: LOGIN FAILED,
ip=[::ffff:192.168.1.6]
----------------------------------------------------------------------------
-----------------------------------
Ich vermute das Problem bei MySql.
Eie tail -f /var/log/mysql.log ergibt während eines
smtp-Einlieferungsversuchs folgendes:
----------------------------------------------------------------------------
-----------------------------------
86 Connect Access denied for user:
'postfix at localhost' (Using password: YES)
031230 22:48:22 87 Connect Access denied for user:
'postfix at localhost' (Using password: YES)
88 Connect Access denied for user:
'postfix at localhost' (Using password: YES)
031230 22:50:28 89 Connect Access denied for user:
'postfix at localhost' (Using password: YES)
90 Connect Access denied for user:
'postfix at localhost' (Using password: YES)
031230 22:54:09 91 Connect Access denied for user:
'postfix at localhost' (Using password: YES)
92 Connect Access denied for user:
'postfix at localhost' (Using password: YES)
031230 22:54:14 93 Connect Access denied for user:
'postfix at localhost' (Using password: YES)
94 Connect Access denied for user:
'postfix at localhost' (Using password: YES)
Der User sollte eigentlich admin sein. Ist so jedenfalls in sämtlichen *.cf
Dateien eingetragen.
Ich bin mit meinem Latein am Ende.
Würd mich über Tips, wo man noch ansetzen kann freuen.
mfg
Matthias
-----------------------
main.cf
----------------------
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
program_directory = /usr/lib/postfix
mail_owner = postfix
setgid_group = postdrop
biff = no
readme_directory = no
sample_directory = /etc/postfix/samples
queue_minfree = 20480000
disable_dns_lookups = yes
smtpd_banner = mx.syneha.de ESMTP $mail_name (Debian/GNU)
myhostname = debian.intern.domain
mydomain = intern.domain
myorigin = $myhostname
mydestination = $myhostname $mydomain localhost.$mydomain $transport_maps
relay_domains = $mydestination
mynetworks = 127.0.0.0/8, 192.168.1.0/24
inet_interfaces = all
home_mailbox = Maildir/
alias_maps = mysql:/etc/postfix/mysql-aliases.cf
alias_database = $alias_maps
virtual_maps = mysql:/etc/postfix/mysql-virtual.cf
transport_maps = mysql:/etc/postfix/mysql-transport.cf
relocated_maps = mysql:/etc/postfix/mysql-relocated.cf
canonical_maps = hash:/etc/postfix/canonical
sender_canonical_maps = hash:/etc/postfix/sender_canonical
recipient_canonical_maps = hash:/etc/postfix/recipient_canonical
local_recipient_maps = $relocated_maps $alias_maps
$virtual_mailbox_maps unix:passwd.byname
virtual_mailbox_linit = 10000000
virtual_mailbox_base = /home/vmail
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf
virtual_uid_maps = static:1010
virtual_gid_maps = static:1010
smtpd_helo_required = yes
strict_rfc821_envelopes = yes
disable_vrfy_command = yes
unknown_address_reject_code = 554
unknown_hostname_reject_code = 554
unknown_client_reject_code = 554
unknown_local_recipient_reject_code = 554
unverified_sender_reject_code = 550
#Smtp_auth fuer eingehende Verbindungen
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $mydomain
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
#Smtp_auth fuer ausgehende Verbindungen
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/smtp_auth
smtp_sasl_security_options = noanonymous
relayhost = postman.arcor.de
smtpd_helo_restrictions =
smtpd_client_restrictions = check_client_access
mysql:/etc/postfix/mysql-client.cf
smtpd_sender_restrictions = check_sender_access
mysql:/etc/postfix/mysql-sender.cf
smtpd_recipient_restrictions = reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
check_recipient_access
mysql:/etc/postfix/mysql-recipient.cf,,
check_sender_access
mysql:/etc/postfix/mysql-sender.cf,
check_client_access
mysql:/etc/postfix/mysql-client.cf,
# Updated access File from Rsync Script
check_client_access hash:/etc/postfix/access,
reject_unauth_pipelining,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_rbl_client list.dsbl.org,
reject_rbl_client relays.ordb.org,
reject_rbl_client
proxies.relays.monkeys.com,
reject_rbl_client
proxies.blackholes.easynet.nl,
reject_rbl_client
zombie.dnsbl.sorbs.net,
reject_rbl_client cbl.abuseat.org,
check_sender_access
hash:/etc/postfix/rhsbl_sender_domain_exceptions,
reject_rhsbl_sender
dsn.rfc-ignorant.org,
check_sender_access
hash:/etc/postfix/frequently_forged_senders,
permit
smtpd_restriction_classes = pruefe_ob_absender_existiert
pruefe_ob_absender_existiert = reject_unverified_sender
permit
smtpd_etrn_restrictions = permit_mynetworks,
check_client_access
mysql:/etc/postfix/mysql-client.cf,
$relay_domains
reject
header_checks = regexp:/etc/postfix/header_checks.regexp
body_checks = regexp:/etc/postfix/body_checks.regexp
message_size_limit = 20480000
delay_warning_time = 1h
maximal_queue_lifetime = 3d
hash_queue_depth = 1
strict_8bitmime = no
strict_8bitmime_body = no
strict_mime_encoding_domain = yes
strict_7bit_header = no
Mehr Informationen über die Mailingliste Postfixbuch-users