[Postfixbuch-users] SMTP-AUTH über MySql unter SuSE 9.1 pro

Patrick Ben Koetter p at state-of-mind.de
Fr Okt 15 16:37:07 CEST 2004


* Thomas Arndt <thomas.arndt at netcologne.de> [041015 13:32]:
> # /etc/sysconfig/saslauthd
> ## Path:           System/Security/SASL
> ## Type:           list(getpwent,kerberos5,pam,rimap,shadow,ldap)
> ## Default:        pam
> ## ServiceRestart: saslauthd
> #
> # Authentication mechanism to use by saslauthd.
> # See man 8 saslauthd for available mechanisms.
> #
> SASLAUTHD_AUTHMECH=pam

Bei Deiner gegenwärtigen config ist saslauthd nicht nötig...

> # /usr/lib/sasl2/smtpd.conf
> pwcheck_method: auxprop
> auxprop_plugin: sql
> mech_list: plain login cram-md5 digest-md5
> log_level: 3
> sql_engine: 	mysql
> sql_hostnames:	localhost
> sql_database:	provider
> sql_user:	provider
> sql_passwd:	yuppie
> sql_select:	SELECT password FROM users WHERE email='%u@%r'
> #sql_usessl:	no

Im Prinzip ist das oben richtig. Mal weitersehen...

> # Auszug /var/log/mail
> Oct 15 11:37:01 mail postfix/master[2510]: reload configuration
> Oct 15 11:37:19 mail postfix/smtpd[3652]: connect from unknown[192.168.1.4]
> Oct 15 11:37:19 mail postfix/smtpd[3652]: warning: SASL authentication
> failure: Password verification failed

OK. klappt also nicht...

> Oct 15 11:37:19 mail postfix/smtpd[3652]: warning: unknown[192.168.1.4]:
> SASL PLAIN authentication failed
> Oct 15 11:37:19 mail postfix/smtpd[3652]: lost connection after AUTH from
> unknown[192.168.1.4]
> Oct 15 11:37:19 mail postfix/smtpd[3652]: disconnect from
> unknown[192.168.1.4]
> Oct 15 13:57:44 mail postfix/smtpd[3870]: connect from unknown[192.168.1.4]
> Oct 15 13:57:44 mail postfix/smtpd[3870]: warning: SASL authentication
> failure: Password verification failed
> Oct 15 13:57:44 mail postfix/smtpd[3870]: warning: unknown[192.168.1.4]:
> SASL PLAIN authentication failed
> Oct 15 13:57:44 mail postfix/smtpd[3870]: lost connection after AUTH from
> unknown[192.168.1.4]
> Oct 15 13:57:44 mail postfix/smtpd[3870]: disconnect from
> unknown[192.168.1.4]
> 
> # /etc/postfix/main.cf

bei main.cf bitte immer "postconf -n" für debug output verwenden.

> alias_maps = hash:/etc/aliases
> broken_sasl_auth_clients = yes

OK.

> canonical_maps = hash:/etc/postfix/canonical
> command_directory = /usr/sbin
> config_directory = /etc/postfix
> content_filter = smtp-amavis:[127.0.0.1]:10024
> daemon_directory = /usr/lib/postfix
> debug_peer_level = 2
> defer_transports =
> disable_dns_lookups = yes
> home_mailbox = Maildir/
> html_directory = no
> inet_interfaces = all
> mail_owner = postfix
> mail_spool_directory = /var/mail
> mailbox_transport =
> mailq_path = /usr/bin/mailq
> manpage_directory = /usr/share/man
> masquerade_classes = envelope_sender, header_sender, header_recipient,
> envelope_recipient
> masquerade_domains = local.net
> masquerade_exceptions = root
> mydestination = localhost, $mydomain, localhost.$mydomain
> mydomain = local.net
> myhostname = mail.local.net
> mynetworks = 192.168.1.0/24, 127.0.0.0/8
> newaliases_path = /usr/bin/newaliases
> queue_directory = /var/spool/postfix
> readme_directory = /usr/share/doc/packages/postfix/README_FILES
> relay_domains = $mydestination
> relayhost =
> relocated_maps = hash:/etc/postfix/relocated
> sample_directory = /usr/share/doc/packages/postfix/samples
> sender_canonical_maps = hash:/etc/postfix/sender_canonical
> sendmail_path = /usr/sbin/sendmail
> setgid_group = maildrop
> smtp_tls_cert_file = /etc/postfix/cert.pem
> smtp_tls_key_file = /etc/postfix/key.pem
> smtp_use_tls = yes
> smtpd_banner = $myhostname ESMTP $mail_name
> smtpd_client_restrictions =
> smtpd_helo_required = no
> smtpd_helo_restrictions =
> smtpd_recipient_restrictions =
> permit_mynetworks,permit_sasl_authenticated,check_relay_domains

OK.

> smtpd_sasl_auth_enable = yes

OK.

> smtpd_sasl_local_domain =

OK.

> smtpd_sasl_security_options = noanonymous

OK.

> smtpd_sender_restrictions = hash:/etc/postfix/access
> smtpd_tls_auth_only = no
> smtpd_tls_cert_file = /etc/postfix/cert.pem
> smtpd_tls_key_file = /etc/postfix/key.pem
> smtpd_tls_received_header = no
> smtpd_use_tls = yes
> strict_rfc821_envelopes = no
> transport_maps = hash:/etc/postfix/transport
> unknown_local_recipient_reject_code = 450
> virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_forwardings.cf,
> mysql:/etc/postfix/mysql-virtual_email2email.cf
> virtual_gid_maps = static:5000
> virtual_mailbox_base = /home/vmail
> virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_domains.cf
> virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailboxes.cf
> virtual_minimum_uid = 5000
> virtual_uid_maps = static:5000

Kannst Du Dir mal saslfinger (siehe signatur) schnappen und den laufen
lassen?

p at rick


-- 
SMTP AUTH
Howto: <http://postfix.state-of-mind.de/patrick.koetter/smtpauth/>
Debug: <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>




Mehr Informationen über die Mailingliste Postfixbuch-users