[Postfixbuch-users] tls / ssl
Torsten Stauder
stauder at ts-cs.com
Do Sep 23 22:24:28 CEST 2004
Andreas Winkelmann wrote:
> Am Donnerstag, 23. September 2004 20:22 schrieb Torsten Stauder:
>
>
>>Hmmm - man glaubt mir wohl nicht :-) Schau mal in die erste Mail - da sind
>>zwischen dem Kram aus der main.cf und der master.cf 2 Leerzeilen. Ok - ich
>>habs nicht extra kenntlich gemacht. Anyway - ich poste es dennoch nochmal
>>(des guten Willen wegens) :-)
>>
>>postconf -n
>
>
>>smtpd_recipient_restrictions = permit_mynetworks,
>>permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable
>>= yes
>>smtpd_sasl_local_domain = lsrv3
>>smtpd_sasl_security_options = noanonymous
>>smtpd_sender_restrictions = reject_unknown_sender_domain,
>>hash:/etc/postfix/access smtpd_tls_cert_file = /etc/postfix/cert.pem
>>smtpd_tls_key_file = /etc/postfix/key.pem
>>smtpd_tls_wrappermode = no
>>smtpd_use_tls = yes
>>unknown_local_recipient_reject_code = 550
>>
>>===
>>grep -v ^# /etc/postfix/master.cf
>>
>>smtp inet n - n - - smtpd
>>smtps inet n - n - - smtpd -v -o
>> smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
>>submission inet n - n - - smtpd -o
>> smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
>
>
> Sieht doch ok aus. Was funktioniert denn jetzt nicht mehr? Was steht denn
> genau im Log?
>
> Hast Du Postfix neu gestartet?
>
Es geht jetzt nur ausschließlich noch SSL - kein TLS mehr (auf Port 465). Ist das System-bedingt, weil man sich zwischen einem der beiden
entscheiden muß oder mache ich was falsch?
Da Logfile sieht so aus:
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: match_string: mynetworks ~? debug_peer_list
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: match_string: mynetworks ~? fast_flush_domains
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: match_string: mynetworks ~? mynetworks
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: match_string: relay_domains ~? debug_peer_list
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: match_string: relay_domains ~? fast_flush_domains
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: match_string: relay_domains ~? mynetworks
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: match_string: relay_domains ~? permit_mx_backup_networks
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: match_string: relay_domains ~? qmqpd_authorized_clients
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: match_string: relay_domains ~? relay_domains
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: match_string: permit_mx_backup_networks ~? debug_peer_list
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: match_string: permit_mx_backup_networks ~? fast_flush_domains
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: match_string: permit_mx_backup_networks ~? mynetworks
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: match_string: permit_mx_backup_networks ~? permit_mx_backup_networks
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: connect to subsystem private/proxymap
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: send attr request = open
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: send attr table = unix:passwd.byname
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: send attr flags = 64
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: private/proxymap socket: wanted attribute: status
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: input attribute name: status
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: input attribute value: 0
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: private/proxymap socket: wanted attribute: flags
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: input attribute name: flags
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: input attribute value: 80
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: private/proxymap socket: wanted attribute: (list terminator)
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: input attribute name: (end)
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: dict_proxy_open: connect to map=unix:passwd.byname status=0 server_flags=0120
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: dict_open: proxy:unix:passwd.byname
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: dict_open: hash:/etc/aliases
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: dict_open: hash:/etc/postfix/confixx_virtualUsers
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: dict_open: hash:/etc/postfix/confixx_localDomains
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: match_string: smtpd_access_maps ~? debug_peer_list
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: match_string: smtpd_access_maps ~? fast_flush_domains
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: match_string: smtpd_access_maps ~? mynetworks
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: match_string: smtpd_access_maps ~? permit_mx_backup_networks
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: match_string: smtpd_access_maps ~? qmqpd_authorized_clients
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: match_string: smtpd_access_maps ~? relay_domains
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: match_string: smtpd_access_maps ~? smtpd_access_maps
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: dict_open: hash:/etc/postfix/access
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: smtpd_sasl_initialize: SASL config file is smtpd.conf
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: match_string: fast_flush_domains ~? debug_peer_list
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: match_string: fast_flush_domains ~? fast_flush_domains
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: watchdog_create: 0x80ab5f8 18000
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: watchdog_stop: 0x80ab5f8
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: watchdog_start: 0x80ab5f8
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: connection established
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: master_notify: status 0
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: name_mask: resource
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: name_mask: software
Sep 23 22:10:23 lsrv3 postfix/smtpd[21186]: name_mask: noanonymous
Mehr nicht - danach geht es einfach nicht mehr weiter.
Mehr Informationen über die Mailingliste Postfixbuch-users