[Postfixbuch-users] SASL2 für lokale User

Alexander Gran alex at zodiac.dnsalias.org
Di Nov 15 16:10:32 CET 2005 

Am Dienstag, 15. November 2005 12:58 schrieb Patrick Ben Koetter:
> Die sasldb nimmt Benutzerdaten (Usernamen, Passwort, Domain) auf. Diese
> Daten werden bei einer Authentifizierung zum Vergleich mit den, vom Client
> gesendeten Daten herangezogen. Stimmen die Daten überein, darf der Client
> mit einer unbekannten IP (nicht in $mynetworks) trotzdem senden.

Jo. Das waäre SMTP Auth, wenn ich da richtig sehe.

> Dies steht aber in keinem Zusammenhang damit, ob auf dem Server ein Account
> xyz existiert und ob Postfix diesen Empfänger kennt und weiß in welche
> Mailbox Mails für xyz zuzustellen sind.

Hmm, ok.

> Schick nochmal ein "postconf -n", damit wir das eigentliche Problem lösen
> können.

Hier von dem Server wo es nicht tut:
www:~ # postconf -n
alias_maps = hash:/etc/aliases
biff = no
broken_sasl_auth_clients = yes
canonical_maps = hash:/etc/postfix/canonical
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
debug_peer_level = 5
debug_peer_list = 80.137.226.152
defer_transports =
disable_dns_lookups = no
html_directory = /usr/share/doc/packages/postfix/html
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mail_spool_directory = /var/mail
mailbox_command =
mailbox_size_limit = 52428800
mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
masquerade_classes = envelope_sender, header_sender, header_recipient
masquerade_exceptions = root
message_size_limit = 52428800
mydestination = $myhostname, localhost.$mydomain, $mydomain
mydomain = moduleworks.com
myhostname = www.moduleworks.com
mynetworks_style = host
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/packages/postfix/README_FILES
relay_domains =
relocated_maps = hash:/etc/postfix/relocated
sample_directory = /usr/share/doc/packages/postfix/samples
sender_canonical_maps = hash:/etc/postfix/sender_canonical
sendmail_path = /usr/sbin/sendmail
setgid_group = maildrop
smtp_use_tls = no
smtpd_helo_required = no
smtpd_helo_restrictions =
smtpd_recipient_restrictions = 
permit_sasl_authenticated,permit_mynetworks,check_relay_domains
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_cert_file = /etc/postfix/newcert.pem
smtpd_tls_key_file = /etc/postfix/newreq.pem
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
strict_rfc821_envelopes = no
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 450


Damit tuts (alter server):
www:~ # postconf -n
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
canonical_maps = hash:/etc/postfix/canonical
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = vscan
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
defer_transports =
disable_dns_lookups = no
inet_interfaces = all
mail_owner = postfix
mail_spool_directory = /var/mail
mailbox_command =
mailbox_size_limit = 52428800
mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
masquerade_classes = envelope_sender, header_sender, header_recipient
masquerade_exceptions = root
maximal_queue_lifetime = 2h
message_size_limit = 52428800
mydestination = $myhostname, localhost.$mydomain $mydomain
mydomain = moduleworks.com
myhostname = www.moduleworks.com
mynetworks_style = host
newaliases_path = /usr/sbin/sendmail
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/packages/postfix/README_FILES
relay_domains =
relocated_maps = hash:/etc/postfix/relocated
sample_directory = /usr/share/doc/packages/postfix/samples
sender_canonical_maps = hash:/etc/postfix/sender_canonical
sendmail_path = /usr/sbin/sendmail
setgid_group = maildrop
smtpd_helo_required = no
smtpd_helo_restrictions =
smtpd_recipient_restrictions = 
permit_sasl_authenticated,permit_mynetworks,check_relay_domains
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = permit_sasl_authenticated
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_cert_file = /etc/postfix/newcert.pem
smtpd_tls_key_file = /etc/postfix/newreq.pem
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
strict_rfc821_envelopes = no
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
virtual_maps = hash:/etc/postfix/virtual

Grüße
Alex
-- 
Encrypted Mails welcome.
PGP-Key at http://zodiac.dnsalias.org/misc/pgpkey.asc | Key-ID: 0x6D7DD291
-------------- nächster Teil --------------
Ein Dateianhang mit Binärdaten wurde abgetrennt...
Dateiname   : nicht verfügbar
Dateityp    : application/pgp-signature
Dateigröße  : 189 bytes
Beschreibung: nicht verfügbar
URL         : <https://listi.jpberlin.de/pipermail/postfixbuch-users/attachments/20051115/86c0a780/attachment.sig>

Mehr Informationen über die Mailingliste Postfixbuch-users