[Postfixbuch-users] sasl mit Postfix 2.2
postfix at moonsmile.ch
postfix at moonsmile.ch
Di Apr 19 09:53:13 CEST 2005
Guten Morgen
Gestern habe ich Postfix 2.2 aus debian unstable installiert. Funktioniert
soweit einwandfrei, ausser die Identifikation der Clients mit sasl funktioniert
nicht mehr.
Die Daten zur Identifikation liegen in einer MySQL DB. An der Konfiguration von
Postfix und MySQL habe ich nichts geändert.
Ich hoffe mir kann jemand weiterhelfen.
/var/log/mail.log:
Apr 19 09:48:39 moon postfix/smtpd[6949]: warning: SASL authentication failure:
no secret in database
Apr 19 09:48:39 moon postfix/smtpd[6949]: warning:
moon.moonsmile.ch[192.168.0.1]: SASL CRAM-MD5 authentication failed
Apr 19 09:48:39 moon postfix/smtpd[6949]: warning: SASL authentication failure:
no secret in database
Apr 19 09:48:39 moon postfix/smtpd[6949]: warning:
moon.moonsmile.ch[192.168.0.1]: SASL NTLM authentication failed
Apr 19 09:48:39 moon postfix/smtpd[6949]: warning: SASL authentication failure:
Password verification failed
Apr 19 09:48:39 moon postfix/smtpd[6949]: warning:
moon.moonsmile.ch[192.168.0.1]: SASL PLAIN authentication failed
Apr 19 09:48:43 moon postfix/smtpd[6949]: warning:
moon.moonsmile.ch[192.168.0.1]: SASL LOGIN authentication failed
Apr 19 09:48:48 moon postfix/smtpd[6949]: lost connection after AUTH from
moon.moonsmile.ch[192.168.0.1]
Apr 19 09:48:48 moon postfix/smtpd[6949]: disconnect from
moon.moonsmile.ch[192.168.0.1]
Kann es sein das mit dem sql-plugin von sasl etwas nicht stimmt?
saslfinger -s:
saslfinger - postfix Cyrus sasl configuration Tue Apr 19 09:21:12 CEST 2005
version: 0.9.9.1
mode: server-side SMTP AUTH
-- basics --
Postfix: 2.2.2
System: Debian GNU/Linux testing/unstable \n \l
-- smtpd is linked to --
libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x401b5000)
-- active SMTP AUTH and TLS parameters for smtpd --
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/postfix/ssl/capub.crt
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_use_tls = yes
-- listing of /usr/lib/sasl2 --
total 956
drwxr-xr-x 2 root root 4096 2004-12-19 08:41 .
drwxr-xr-x 57 root root 20480 2005-04-18 09:50 ..
-rw-r--r-- 1 root root 13488 2004-10-16 23:02 libanonymous.a
-rw-r--r-- 1 root root 851 2004-10-16 23:02 libanonymous.la
-rwxrwxrwx 1 root root 13824 2004-10-16 23:02 libanonymous.so
-rwxrwxrwx 1 root root 13824 2004-10-16 23:02 libanonymous.so.2
-rwxrwxrwx 1 root root 13824 2004-10-16 23:02 libanonymous.so.2.0.19
-rw-r--r-- 1 root root 16298 2004-10-16 23:02 libcrammd5.a
-rw-r--r-- 1 root root 837 2004-10-16 23:02 libcrammd5.la
-rwxrwxrwx 1 root root 16180 2004-10-16 23:02 libcrammd5.so
-rwxrwxrwx 1 root root 16180 2004-10-16 23:02 libcrammd5.so.2
-rwxrwxrwx 1 root root 16180 2004-10-16 23:02 libcrammd5.so.2.0.19
-rw-r--r-- 1 root root 47516 2004-10-16 23:02 libdigestmd5.a
-rw-r--r-- 1 root root 860 2004-10-16 23:02 libdigestmd5.la
-rwxrwxrwx 1 root root 43944 2004-10-16 23:02 libdigestmd5.so
-rwxrwxrwx 1 root root 43944 2004-10-16 23:02 libdigestmd5.so.2
-rwxrwxrwx 1 root root 43944 2004-10-16 23:02 libdigestmd5.so.2.0.19
-rw-r--r-- 1 root root 13726 2004-10-16 23:02 liblogin.a
-rw-r--r-- 1 root root 831 2004-10-16 23:02 liblogin.la
-rwxrwxrwx 1 root root 14028 2004-10-16 23:02 liblogin.so
-rwxrwxrwx 1 root root 14028 2004-10-16 23:02 liblogin.so.2
-rwxrwxrwx 1 root root 14028 2004-10-16 23:02 liblogin.so.2.0.19
-rw-r--r-- 1 root root 31248 2004-10-16 23:02 libntlm.a
-rw-r--r-- 1 root root 825 2004-10-16 23:02 libntlm.la
-rwxrwxrwx 1 root root 30660 2004-10-16 23:02 libntlm.so
-rwxrwxrwx 1 root root 30660 2004-10-16 23:02 libntlm.so.2
-rwxrwxrwx 1 root root 30660 2004-10-16 23:02 libntlm.so.2.0.19
-rw-r--r-- 1 root root 20142 2004-10-16 23:02 libotp.a
-rw-r--r-- 1 root root 825 2004-10-16 23:02 libotp.la
-rwxrwxrwx 1 root root 43184 2004-10-16 23:02 libotp.so
-rwxrwxrwx 1 root root 43184 2004-10-16 23:02 libotp.so.2
-rwxrwxrwx 1 root root 43184 2004-10-16 23:02 libotp.so.2.0.19
-rw-r--r-- 1 root root 13886 2004-10-16 23:02 libplain.a
-rw-r--r-- 1 root root 831 2004-10-16 23:02 libplain.la
-rwxrwxrwx 1 root root 14096 2004-10-16 23:02 libplain.so
-rwxrwxrwx 1 root root 14096 2004-10-16 23:02 libplain.so.2
-rwxrwxrwx 1 root root 14096 2004-10-16 23:02 libplain.so.2.0.19
-rw-r--r-- 1 root root 21798 2004-10-16 23:02 libsasldb.a
-rw-r--r-- 1 root root 852 2004-10-16 23:02 libsasldb.la
-rwxrwxrwx 1 root root 18692 2004-10-16 23:02 libsasldb.so
-rwxrwxrwx 1 root root 18692 2004-10-16 23:02 libsasldb.so.2
-rwxrwxrwx 1 root root 18692 2004-10-16 23:02 libsasldb.so.2.0.19
-rw-r--r-- 1 root root 22168 2004-10-16 23:02 libsql.a
-rw-r--r-- 1 root root 874 2004-10-16 23:02 libsql.la
-rw-r--r-- 1 root root 22132 2004-10-16 23:02 libsql.so
-rw-r--r-- 1 root root 22132 2004-10-16 23:02 libsql.so.2
-rw-r--r-- 1 root root 22132 2004-10-16 23:02 libsql.so.2.0.19
-- content of /etc/postfix/sasl/smtpd.conf --
log_level: 3
pwcheck_mathod: auxprop
mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
auxprop_plugin: sql
sql_engine: mysql
sql_hostnames: moon
sql_database: mailbase
sql_user: --- replaced ---
sql_passwd: --- replaced ---
sql_select: SELECT pw FROM mailbase WHERE mail = '%u@%r'
sql_usessl: no
-- active services in /etc/postfix/master.cf --
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
smtp inet n - - - 30 smtpd
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - - 300 1 qmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - - - 30 smtp
relay unix - - - - - smtp
showq unix n - - - - showq
error unix - - - - - error
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
vscan unix - - n - 10 smtp
maildrop unix - n n - - pipe
flags=R user=vmail argv=/usr/bin/maildrop -d ${recipient}
cyrus unix - n n - - pipe
flags=R user=cyrus argv=/usr/sbin/cyrdeliver -e -m ${extension} ${user}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -d -t$nexthop -f$sender
$recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop}
${user} ${extension}
localhost:10025 inet n n n - 10 smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restricitons=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
tlsmgr unix - - - 1000? 1 tlsmgr
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
discard unix - - - - - discard
-- mechanisms on localhost --
250-AUTH NTLM LOGIN PLAIN DIGEST-MD5 CRAM-MD5
-- end of saslfinger output --
postconf -n:
alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
biff = no
config_directory = /etc/postfix
content_filter = vscan:localhost:10024
header_checks = pcre:/etc/postfix/header_checks.pcre
home_mailbox = Maildir/
local_recipient_maps = $alias_maps $virtual_uid_maps
mailbox_size_limit = 0
message_size_limit = 20480000
mydestination = $myhostname localhost.$myhostname $mydomain
localhost lists.moonsmile.ch
mydomain = moonsmile.ch
myhostname = mail.moonsmile.ch
mynetworks = 127.0.0.0/8,192.168.0.0/24
myorigin = /etc/mailname
recipient_canonical_maps = hash:/etc/postfix/recipient_canonical,
hash:/etc/postfix/lummerland/recipient_canonical
recipient_delimiter = +
sender_canonical_maps = hash:/etc/postfix/sender_canonical,
hash:/etc/postfix/lummerland/sender_canonical
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/saslpasswd
smtp_sasl_security_options = noanonymous
smtp_tls_CAfile = /etc/postfix/ssl/capub.crt
smtp_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtp_tls_key_file = /etc/postfix/ssl/smtpd.key
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP
smtpd_recipient_restrictions = permit_mynetworks, reject_non_fqdn_recipient,
reject_non_fqdn_sender, reject_non_fqdn_hostname, reject_invalid_hostname,
reject_unknown_sender_domain, reject_unknown_recipient_domain,
check_helo_access hash:/etc/postfix/helo_access, check_sender_access
hash:/etc/postfix/access, permit_sasl_authenticated, permit_mynetworks,
check_policy_service inet:127.0.0.1:60000, permit_mx_backup,
reject_unauth_destination, permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/postfix/ssl/capub.crt
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_use_tls = yes
soft_bounce = no
transport_maps = hash:/etc/postfix/transport,
hash:/etc/postfix/transport_mailbase
virtual_gid_maps = static:5001
virtual_mailbox_base = /srv
virtual_mailbox_domains = klumpfuss-info.ch, lummerland.ch
virtual_mailbox_maps = hash:/etc/postfix/mailbox
virtual_minimum_uid = 5000
virtual_uid_maps = static:5001
Gruss und Danke
Thomas
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
Mehr Informationen über die Mailingliste Postfixbuch-users