[Postfixbuch-users] Postfixadmin
Patrick Ben Koetter
p at state-of-mind.de
Mi Nov 3 07:59:37 CET 2004
* Silvio Siefke <listen at silvio-siefke.de> [041102 23:40]:
> h1908:/usr/local/src/saslfinger-0.9.7# saslfinger -s
> saslfinger - postfix Cyrus sasl configuration Di Nov 2 23:30:20 CET 2004
> version: 0.9.7
> mode: server-side SMTP AUTH
>
> -- basics --
> Postfix: 2.1.4
> System: Debian GNU/Linux 3.1 \n \l
>
> -- smtpd is linked to --
> libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x4019c000)
SASL2
>
> -- listing of /usr/lib/sasl2 --
> insgesamt 1160
> drwxr-xr-x 2 root root 4096 2004-11-01 23:28 .
> drwxr-xr-x 38 root root 8192 2004-11-02 21:53 ..
> -rw-r--r-- 1 root root 13488 2004-10-16 23:02 libanonymous.a
> -rw-r--r-- 1 root root 851 2004-10-16 23:02 libanonymous.la
> -rw-r--r-- 1 root root 13824 2004-10-16 23:02 libanonymous.so
> -rw-r--r-- 1 root root 13824 2004-10-16 23:02 libanonymous.so.2
> -rw-r--r-- 1 root root 13824 2004-10-16 23:02 libanonymous.so.2.0.19
> -rw-r--r-- 1 root root 16298 2004-10-16 23:02 libcrammd5.a
> -rw-r--r-- 1 root root 837 2004-10-16 23:02 libcrammd5.la
> -rw-r--r-- 1 root root 16180 2004-10-16 23:02 libcrammd5.so
> -rw-r--r-- 1 root root 16180 2004-10-16 23:02 libcrammd5.so.2
> -rw-r--r-- 1 root root 16180 2004-10-16 23:02 libcrammd5.so.2.0.19
> -rw-r--r-- 1 root root 47516 2004-10-16 23:02 libdigestmd5.a
> -rw-r--r-- 1 root root 860 2004-10-16 23:02 libdigestmd5.la
> -rw-r--r-- 1 root root 43944 2004-10-16 23:02 libdigestmd5.so
> -rw-r--r-- 1 root root 43944 2004-10-16 23:02 libdigestmd5.so.2
> -rw-r--r-- 1 root root 43944 2004-10-16 23:02 libdigestmd5.so.2.0.19
> -rw-r--r-- 1 root root 26884 2004-10-17 06:22 libgssapiv2.a
> -rw-r--r-- 1 root root 886 2004-10-17 06:22 libgssapiv2.la
> -rw-r--r-- 1 root root 26264 2004-10-17 06:22 libgssapiv2.so
> -rw-r--r-- 1 root root 26264 2004-10-17 06:22 libgssapiv2.so.2
> -rw-r--r-- 1 root root 26264 2004-10-17 06:22 libgssapiv2.so.2.0.19
> -rw-r--r-- 1 root root 23644 2004-10-17 06:22 libkerberos4.a
> -rw-r--r-- 1 root root 858 2004-10-17 06:22 libkerberos4.la
> -rw-r--r-- 1 root root 23228 2004-10-17 06:22 libkerberos4.so
> -rw-r--r-- 1 root root 23228 2004-10-17 06:22 libkerberos4.so.2
> -rw-r--r-- 1 root root 23228 2004-10-17 06:22 libkerberos4.so.2.0.19
> -rw-r--r-- 1 root root 13726 2004-10-16 23:02 liblogin.a
> -rw-r--r-- 1 root root 831 2004-10-16 23:02 liblogin.la
> -rw-r--r-- 1 root root 14028 2004-10-16 23:02 liblogin.so
> -rw-r--r-- 1 root root 14028 2004-10-16 23:02 liblogin.so.2
> -rw-r--r-- 1 root root 14028 2004-10-16 23:02 liblogin.so.2.0.19
> -rw-r--r-- 1 root root 31248 2004-10-16 23:02 libntlm.a
> -rw-r--r-- 1 root root 825 2004-10-16 23:02 libntlm.la
> -rw-r--r-- 1 root root 30660 2004-10-16 23:02 libntlm.so
> -rw-r--r-- 1 root root 30660 2004-10-16 23:02 libntlm.so.2
> -rw-r--r-- 1 root root 30660 2004-10-16 23:02 libntlm.so.2.0.19
> -rw-r--r-- 1 root root 20142 2004-10-16 23:02 libotp.a
> -rw-r--r-- 1 root root 825 2004-10-16 23:02 libotp.la
> -rw-r--r-- 1 root root 43184 2004-10-16 23:02 libotp.so
> -rw-r--r-- 1 root root 43184 2004-10-16 23:02 libotp.so.2
> -rw-r--r-- 1 root root 43184 2004-10-16 23:02 libotp.so.2.0.19
> -rw-r--r-- 1 root root 13886 2004-10-16 23:02 libplain.a
> -rw-r--r-- 1 root root 831 2004-10-16 23:02 libplain.la
> -rw-r--r-- 1 root root 14096 2004-10-16 23:02 libplain.so
> -rw-r--r-- 1 root root 14096 2004-10-16 23:02 libplain.so.2
> -rw-r--r-- 1 root root 14096 2004-10-16 23:02 libplain.so.2.0.19
> -rw-r--r-- 1 root root 21798 2004-10-16 23:02 libsasldb.a
> -rw-r--r-- 1 root root 852 2004-10-16 23:02 libsasldb.la
> -rw-r--r-- 1 root root 18692 2004-10-16 23:02 libsasldb.so
> -rw-r--r-- 1 root root 18692 2004-10-16 23:02 libsasldb.so.2
> -rw-r--r-- 1 root root 18692 2004-10-16 23:02 libsasldb.so.2.0.19
> -rw-r--r-- 1 root root 22168 2004-10-16 23:02 libsql.a
> -rw-r--r-- 1 root root 874 2004-10-16 23:02 libsql.la
> -rw-r--r-- 1 root root 22132 2004-10-16 23:02 libsql.so
> -rw-r--r-- 1 root root 22132 2004-10-16 23:02 libsql.so.2
> -rw-r--r-- 1 root root 22132 2004-10-16 23:02 libsql.so.2.0.19
Cyrus-SASL.2.x libs
> -- mechanisms on localhost --
> /usr/bin/saslfinger: line 100: nc: command not found
> 250-AUTH LOGIN PLAIN
> 250-AUTH=LOGIN PLAIN
Postfix liest und befolgt /etc/postfix/sasl/smtpd.conf
> -- content of /etc/postfix/sasl/smtpd.conf --
> pwcheck_method: saslauthd
> mech_list: PLAIN LOGIN
Mechs sind richtig limitiert für saslauthd.
> -- active services in /etc/postfix/master.cf --
> # service type private unpriv chroot wakeup maxproc command + args
> # (yes) (yes) (yes) (never) (100)
>
> smtp inet n - n - - smtpd
chroot ist auch nicht an. gut.
> 127.0.0.1:10025 inet n - n - - smtpd -o
> content_filter=
> pickup fifo n - - 60 1 pickup
> cleanup unix n - - - 0 cleanup
> qmgr fifo n - - 300 1 qmgr
> rewrite unix - - - - - trivial-rewrite
> bounce unix - - - - 0 bounce
> defer unix - - - - 0 bounce
> trace unix - - - - 0 bounce
> verify unix - - - - 1 verify
> flush unix n - - 1000? 0 flush
> proxymap unix - - n - - proxymap
> smtp unix - - - - - smtp
> smtp-amavis unix - - n - 2 smtp
> -o smtp_data_done_timeout=1800
> -o disable_dns_lookups=yes
> relay unix - - - - - smtp
> showq unix n - - - - showq
> error unix - - - - - error
> local unix - n n - - local
> virtual unix - n n - - virtual
> lmtp unix - - n - - lmtp
> anvil unix - - n - 1 anvil
>
> maildrop unix - n n - - pipe
> flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
> uucp unix - n n - - pipe
> flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
> ($recipient)
> ifmail unix - n n - - pipe
> flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
> bsmtp unix - n n - - pipe
> flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -d -t$nexthop -f$sender
> $recipient
> scalemail-backend unix - n n - 2 pipe
> flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
> ${nexthop} ${user} ${extension}
>
> -- end of saslfinger output --
>
> h1908:~# saslauthd -v
> saslauthd 2.1.19
> authentication mechanisms: sasldb getpwent kerberos4 kerberos5 pam rimap
> shadow ldap
saslauthd kann rimap
>
> h1908:~# ps ax | grep sasl
> 3898 ? Ss 0:00 /usr/sbin/saslauthd -a rimap -O localhost
> 3899 ? S 0:00 /usr/sbin/saslauthd -a rimap -O localhost
> 3900 ? S 0:00 /usr/sbin/saslauthd -a rimap -O localhost
> 3901 ? S 0:00 /usr/sbin/saslauthd -a rimap -O localhost
> 3902 ? S 0:00 /usr/sbin/saslauthd -a rimap -O localhost
saslauthd läuft und nutzt rimap.
> Keine Fehler in den Dateien, ich habe es dreimal gecheckt.
> Liegt das vielleicht daran, das die paßwörter crypt in der Datenbank liegen.
Nö, denn saslauthd verhält sich wie ein IMAP client, der sich einfach
beim IMAP server einloggt. Wie der Server an das
Authentifizierungsergebnis kommt, ist saslauthd egal.
1. Wo legt saslauthd den socket ab? Darf Postfix da rein? Wenn nicht,
dann Postfix in die SASL Gruppe aufnehmen.
2. Welche usernamen nutzt du? Wenn username at domain dann saslauthd mit
"-r" starten
p at rick
--
SMTP AUTH
Howto: <http://postfix.state-of-mind.de/patrick.koetter/smtpauth/>
Debug: <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
Mehr Informationen über die Mailingliste Postfixbuch-users