[Postfixbuch-users] Postfix/SASL: no SASL authentication mechanisms

Patrick Ben Koetter p at state-of-mind.de
So Jul 23 15:14:34 CEST 2006


* Henryk Menzel <blue_pride at web.de>:
> Hi,
> 
> hab da ein kleines (naja eher großes) Problem mit der Authentifizierung beim
> eMail senden. Mail empfangen per Pop3 funktioniert. Hab schon mehrfach
> gegoogelt und probiert, aber nichts gefunden, was mein Problem behebt ...
> :((

Dann google mal nach "saslfinger", lade es herunter und generiere mit
"saslfinger -s" output, den man zum debuggen gebrauchen kann.

p at rick



> 
> ------------------------------------- main.cf -------------------------------------
> 
> smtpd_banner = $myhostname ESMTP
> biff = no
> 
> append_dot_mydomain = no
> 
> # Uncomment the next line to generate "delayed mail" warnings
> #delay_warning_time = 4h
> myhostname = mail.meinedomain.de
> mydomain = meinedomain.de
> mydestination = $myhostname, $mydomain, loalhost, localhost.$mydomain
> mynetworks = 127.0.0.0/8
> mail_owner = postfix
> 
> alias_maps = hash:/etc/aliases
> virtual_maps = hash:/etc/postfix/virtual
> sender_canonical_maps = hash:/etc/postfix/sender_canonical
> recipient_canonical_maps = hash:/etc/postfix/recipient_canonical
> 
> virtual_uid_maps = static:5000
> virtual_gid_maps = static:5000
> smtpd_sasl_auth_enable = yes
> #smtpd_sasl_security_options = noanonymous, noplaintext
> broken_sasl_auth_clients = yes
> #smtpd_tls_auth_only = no
> smtpd_sasl_local_domain =
> smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
> smtpd_use_tls = yes
> smtpd_tls_cert_file = /etc/postfix/smtpd.cert
> smtpd_tls_key_file = /etc/postfix/smtpd.key
> 
> #  umstellung auf maildir
> home_mailbox = Maildir/
> ---------------------------------------------------------------------------------------------------------------
> 
> ------------------------------------- master.cf -------------------------------------
> ==========================================================================
> # service type  private unpriv  chroot  wakeup  maxproc command + args
> #               (yes)   (yes)   (yes)   (never) (100)
> # ==========================================================================
> smtp      inet  n       -       -       -       -       smtpd
> #submission inet n      -       -       -       -       smtpd
> #       -o smtpd_etrn_restrictions=reject
> #628      inet  n       -       -       -       -       qmqpd
> pickup    fifo  n       -       -       60      1       pickup
> cleanup   unix  n       -       -       -       0       cleanup
> qmgr      fifo  n       -       -       300     1       qmgr
> #qmgr     fifo  n       -       -       300     1       oqmgr
> rewrite   unix  -       -       -       -       -       trivial-rewrite
> bounce    unix  -       -       -       -       0       bounce
> defer     unix  -       -       -       -       0       bounce
> trace     unix  -       -       -       -       0       bounce
> verify    unix  -       -       -       -       1       verify
> flush     unix  n       -       -       1000?   0       flush
> proxymap  unix  -       -       n       -       -       proxymap
> smtp      unix  -       -       -       -       -       smtp
> relay     unix  -       -       -       -       -       smtp
> #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
> showq     unix  n       -       -       -       -       showq
> error     unix  -       -       -       -       -       error
> local     unix  -       n       n       -       -       local
> virtual   unix  -       n       n       -       -       virtual
> lmtp      unix  -       -       n       -       -       lmtp
> anvil     unix  -       -       n       -       1       anvil
> #
> # Interfaces to non-Postfix software. Be sure to examine the manual
> # pages of the non-Postfix software to find out what options it wants.
> #
> # maildrop. See the Postfix MAILDROP_README file for details.
> #
> maildrop  unix  -       n       n       -       -       pipe
>   flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
> uucp      unix  -       n       n       -       -       pipe
>   flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
> ifmail    unix  -       n       n       -       -       pipe
>   flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
> bsmtp     unix  -       n       n       -       -       pipe
>   flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -d -t$nexthop -f$sender $recipient
> scalemail-backend unix  -       n       n       -       2       pipe
>   flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
> 
> # only used by postfix-tls
> #tlsmgr   fifo  -       -       n       300     1       tlsmgr
> #smtps    inet  n       -       n       -       -       smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
> #587      inet  n       -       n       -       -       smtpd -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
> ---------------------------------------------------------------------------------------------------------------
> 
> ------------------------------------- saslfinger -------------------------------------
> saslfinger - postfix Cyrus sasl configuration Sun Jul 23 13:52:54 CEST 2006
> version: 1.0
> mode: server-side SMTP AUTH
> 
> -- basics --
> Postfix: 2.1.5
> System: Debian GNU/Linux 3.1 \n \l
> 
> -- smtpd is linked to --
> 	libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x0000002a95e40000)
> 
> -- active SMTP AUTH and TLS parameters for smtpd --
> broken_sasl_auth_clients = yes
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_local_domain = 
> smtpd_tls_cert_file = /etc/postfix/smtpd.cert
> smtpd_tls_key_file = /etc/postfix/smtpd.key
> smtpd_use_tls = yes
> 
> 
> -- listing of /usr/lib/sasl2 --
> total 1120
> drwxr-xr-x   2 root root  4096 2006-07-16 11:48 .
> drwxr-xr-x  29 root root  8192 2006-07-16 11:48 ..
> -rw-r--r--   1 root root 18892 2006-04-24 19:40 libanonymous.a
> -rw-r--r--   1 root root   851 2006-04-24 19:40 libanonymous.la
> -rw-r--r--   1 root root 16496 2006-04-24 19:40 libanonymous.so
> -rw-r--r--   1 root root 16496 2006-04-24 19:40 libanonymous.so.2
> -rw-r--r--   1 root root 16496 2006-04-24 19:40 libanonymous.so.2.0.19
> -rw-r--r--   1 root root 22402 2006-04-24 19:40 libcrammd5.a
> -rw-r--r--   1 root root   837 2006-04-24 19:40 libcrammd5.la
> -rw-r--r--   1 root root 20344 2006-04-24 19:40 libcrammd5.so
> -rw-r--r--   1 root root 20344 2006-04-24 19:40 libcrammd5.so.2
> -rw-r--r--   1 root root 20344 2006-04-24 19:40 libcrammd5.so.2.0.19
> -rw-r--r--   1 root root 63424 2006-04-24 19:40 libdigestmd5.a
> -rw-r--r--   1 root root   860 2006-04-24 19:40 libdigestmd5.la
> -rw-r--r--   1 root root 47552 2006-04-24 19:40 libdigestmd5.so
> -rw-r--r--   1 root root 47552 2006-04-24 19:40 libdigestmd5.so.2
> -rw-r--r--   1 root root 47552 2006-04-24 19:40 libdigestmd5.so.2.0.19
> -rw-r--r--   1 root root 19166 2006-04-24 19:40 liblogin.a
> -rw-r--r--   1 root root   831 2006-04-24 19:40 liblogin.la
> -rw-r--r--   1 root root 17064 2006-04-24 19:40 liblogin.so
> -rw-r--r--   1 root root 17064 2006-04-24 19:40 liblogin.so.2
> -rw-r--r--   1 root root 17064 2006-04-24 19:40 liblogin.so.2.0.19
> -rw-r--r--   1 root root 40524 2006-04-24 19:40 libntlm.a
> -rw-r--r--   1 root root   825 2006-04-24 19:40 libntlm.la
> -rw-r--r--   1 root root 34112 2006-04-24 19:40 libntlm.so
> -rw-r--r--   1 root root 34112 2006-04-24 19:40 libntlm.so.2
> -rw-r--r--   1 root root 34112 2006-04-24 19:40 libntlm.so.2.0.19
> -rw-r--r--   1 root root 27198 2006-04-24 19:40 libotp.a
> -rw-r--r--   1 root root   825 2006-04-24 19:40 libotp.la
> -rw-r--r--   1 root root 48144 2006-04-24 19:40 libotp.so
> -rw-r--r--   1 root root 48144 2006-04-24 19:40 libotp.so.2
> -rw-r--r--   1 root root 48144 2006-04-24 19:40 libotp.so.2.0.19
> -rw-r--r--   1 root root 19270 2006-04-24 19:40 libplain.a
> -rw-r--r--   1 root root   831 2006-04-24 19:40 libplain.la
> -rw-r--r--   1 root root 17048 2006-04-24 19:40 libplain.so
> -rw-r--r--   1 root root 17048 2006-04-24 19:40 libplain.so.2
> -rw-r--r--   1 root root 17048 2006-04-24 19:40 libplain.so.2.0.19
> -rw-r--r--   1 root root 28620 2006-07-16 13:41 libsasldb.a
> -rw-r--r--   1 root root   852 2006-07-16 13:41 libsasldb.la
> -rw-r--r--   1 root root 21632 2006-07-16 13:41 libsasldb.so
> -rw-r--r--   1 root root 21632 2006-07-16 13:41 libsasldb.so.2
> -rw-r--r--   1 root root 21632 2006-07-16 13:41 libsasldb.so.2.0.19
> -rw-r--r--   1 root root 30608 2006-04-24 19:40 libsql.a
> -rw-r--r--   1 root root   874 2006-04-24 19:40 libsql.la
> -rw-r--r--   1 root root 25112 2006-04-24 19:40 libsql.so
> -rw-r--r--   1 root root 25112 2006-04-24 19:40 libsql.so.2
> -rw-r--r--   1 root root 25112 2006-04-24 19:40 libsql.so.2.0.19
> 
> 
> 
> 
> -- content of /etc/postfix/sasl/smtpd.conf --
> pwcheck_method: saslauthd
> mech_list: plain login
> allow_plaintext: true
> # saslauthd_path: /var/run/saslauthd/mux
> # autotransition:true
> 
> 
> -- active services in /etc/postfix/master.cf --
> # service type  private unpriv  chroot  wakeup  maxproc command + args
> #               (yes)   (yes)   (yes)   (never) (100)
> smtp      inet  n       -       -       -       -       smtpd
> pickup    fifo  n       -       -       60      1       pickup
> cleanup   unix  n       -       -       -       0       cleanup
> qmgr      fifo  n       -       -       300     1       qmgr
> rewrite   unix  -       -       -       -       -       trivial-rewrite
> bounce    unix  -       -       -       -       0       bounce
> defer     unix  -       -       -       -       0       bounce
> trace     unix  -       -       -       -       0       bounce
> verify    unix  -       -       -       -       1       verify
> flush     unix  n       -       -       1000?   0       flush
> proxymap  unix  -       -       n       -       -       proxymap
> smtp      unix  -       -       -       -       -       smtp
> relay     unix  -       -       -       -       -       smtp
> showq     unix  n       -       -       -       -       showq
> error     unix  -       -       -       -       -       error
> local     unix  -       n       n       -       -       local
> virtual   unix  -       n       n       -       -       virtual
> lmtp      unix  -       -       n       -       -       lmtp
> anvil     unix  -       -       n       -       1       anvil
> maildrop  unix  -       n       n       -       -       pipe
>   flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
> uucp      unix  -       n       n       -       -       pipe
>   flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
> ifmail    unix  -       n       n       -       -       pipe
>   flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
> bsmtp     unix  -       n       n       -       -       pipe
>   flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -d -t$nexthop -f$sender $recipient
> scalemail-backend unix	-	n	n	-	2	pipe
>   flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
> 
> -- mechanisms on localhost --
> 250-AUTH LOGIN PLAIN
> 250-AUTH=LOGIN PLAIN
> 
> -- end of saslfinger output --
> ---------------------------------------------------------------------------------------------------------------
> 
> ------------------------------------- /var/mail.log -------------------------------------
> Jul 23 14:09:25 localhost courierpop3login: Connection, ip=[::ffff:84.184.209.115]
> Jul 23 14:09:25 localhost courierpop3login: Connection, ip=[::ffff:84.184.209.115]
> Jul 23 14:09:25 localhost courierpop3login: LOGIN, user=web7p1, ip=[::ffff:84.184.209.115]
> Jul 23 14:09:26 localhost courierpop3login: LOGOUT, user=web7p1, ip=[::ffff:84.184.209.115], top=0, retr=4858, time=1
> Jul 23 14:10:29 localhost postfix/smtpd[21985]: connect from p54B8D173.dip.t-dialin.net[84.184.209.115]
> Jul 23 14:10:29 localhost postfix/smtpd[21985]: lost connection after CONNECT from p54B8D173.dip.t-dialin.net[84.184.209.115]
> Jul 23 14:10:29 localhost postfix/smtpd[21985]: disconnect from p54B8D173.dip.t-dialin.net[84.184.209.115]
> Jul 23 14:10:29 localhost postfix/smtpd[21985]: connect from p54B8D173.dip.t-dialin.net[84.184.209.115]
> Jul 23 14:10:29 localhost postfix/smtpd[21985]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
> Jul 23 14:10:29 localhost postfix/smtpd[21985]: warning: p54B8D173.dip.t-dialin.net[84.184.209.115]: SASL LOGIN authentication failed
> Jul 23 14:10:29 localhost postfix/smtpd[21985]: lost connection after AUTH from p54B8D173.dip.t-dialin.net[84.184.209.115]
> Jul 23 14:10:29 localhost postfix/smtpd[21985]: disconnect from p54B8D173.dip.t-dialin.net[84.184.209.115]
> Jul 23 14:10:31 localhost postfix/smtpd[21985]: connect from p54B8D173.dip.t-dialin.net[84.184.209.115]
> Jul 23 14:10:31 localhost postfix/smtpd[21985]: lost connection after CONNECT from p54B8D173.dip.t-dialin.net[84.184.209.115]
> Jul 23 14:10:31 localhost postfix/smtpd[21985]: disconnect from p54B8D173.dip.t-dialin.net[84.184.209.115]
> Jul 23 14:10:31 localhost postfix/smtpd[21985]: connect from p54B8D173.dip.t-dialin.net[84.184.209.115]
> Jul 23 14:10:31 localhost postfix/smtpd[21985]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
> Jul 23 14:10:31 localhost postfix/smtpd[21985]: warning: p54B8D173.dip.t-dialin.net[84.184.209.115]: SASL LOGIN authentication failed
> Jul 23 14:10:31 localhost postfix/smtpd[21985]: lost connection after AUTH from p54B8D173.dip.t-dialin.net[84.184.209.115]
> Jul 23 14:10:31 localhost postfix/smtpd[21985]: disconnect from p54B8D173.dip.t-dialin.net[84.184.209.115]
> Jul 23 14:10:32 localhost postfix/smtpd[21985]: connect from p54B8D173.dip.t-dialin.net[84.184.209.115]
> Jul 23 14:10:32 localhost postfix/smtpd[21985]: lost connection after CONNECT from p54B8D173.dip.t-dialin.net[84.184.209.115]
> Jul 23 14:10:32 localhost postfix/smtpd[21985]: disconnect from p54B8D173.dip.t-dialin.net[84.184.209.115]
> Jul 23 14:10:32 localhost postfix/smtpd[21985]: connect from p54B8D173.dip.t-dialin.net[84.184.209.115]
> Jul 23 14:10:32 localhost postfix/smtpd[21985]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
> Jul 23 14:10:32 localhost postfix/smtpd[21985]: warning: p54B8D173.dip.t-dialin.net[84.184.209.115]: SASL LOGIN authentication failed
> Jul 23 14:10:32 localhost postfix/smtpd[21985]: lost connection after AUTH from p54B8D173.dip.t-dialin.net[84.184.209.115]
> Jul 23 14:10:32 localhost postfix/smtpd[21985]: disconnect from p54B8D173.dip.t-dialin.net[84.184.209.115]
> ---------------------------------------------------------------------------------------------------------------
> 
> ------------------------------------- /etc/pam.d/smtp -------------------------------------
> auth    required   /lib/security/pam_unix_auth.so
> account required  /lib/security/pam_unix_acct.so
> password required /lib/security/pam_unix_passwd.so
> session required /lib/security/pam_unix_session.so
> ---------------------------------------------------------------------------------------------------------------
> 
> ------------------------------------- /etc/postfix/sasl/smtpd.conf -------------------------------------
> pwcheck_method: saslauthd
> mech_list: plain login
> allow_plaintext: true
> ---------------------------------------------------------------------------------------------------------------
> 
> Der saslauthd läuft ...
> 
> Vielleicht kann mir ja jemand von Euch helfen !
> 
> Henryk
> 
> PS: OS = Debian 3.1 Sarge, kein Confixx o.ä.
> _____________________________________________________________________
> Der WEB.DE SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen!
> http://smartsurfer.web.de/?mc=100071&distributionid=000000000071
> 
> -- 
> _______________________________________________
> Postfixbuch-users mailingliste
> Heinlein Professional Linux Support GmbH
> 
> Postfixbuch-users at listi.jpberlin.de
> http://listi.jpberlin.de/mailman/listinfo/postfixbuch-users

-- 
Das Postfix-Buch
<http://www.postfix-buch.com>
saslfinger (debugging SMTP AUTH):
<http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>



Mehr Informationen über die Mailingliste Postfixbuch-users