[Postfixbuch-users] rimap auth Problem

Silvio Siefke kosovo73 at web.de
Mo Mai 1 14:38:25 CEST 2006


Hallo,

ich habe Probleme mit der RIMAP Authentifizikerung.

saslfinger -s
saslfinger - postfix Cyrus sasl configuration Mo Mai  1 11:10:32 CEST 2006
version: 1.0
mode: server-side SMTP AUTH

-- basics --
Postfix: 2.2.10
System: Debian GNU/Linux 3.1 \n \l

-- smtpd is linked to --
     libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x4014d000)

-- active SMTP AUTH and TLS parameters for smtpd --
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous


-- listing of /usr/lib/sasl2 --
insgesamt 848
drwxr-xr-x   2 root root  4096 2006-05-01 10:50 .
drwxr-xr-x  38 root root 12288 2006-05-01 08:09 ..
-rw-r--r--   1 root root 13492 2006-04-24 19:27 libanonymous.a
-rw-r--r--   1 root root   851 2006-04-24 19:26 libanonymous.la
-rw-r--r--   1 root root 13824 2006-04-24 19:27 libanonymous.so
-rw-r--r--   1 root root 13824 2006-04-24 19:27 libanonymous.so.2
-rw-r--r--   1 root root 13824 2006-04-24 19:27 libanonymous.so.2.0.19
-rw-r--r--   1 root root 16298 2006-04-24 19:27 libcrammd5.a
-rw-r--r--   1 root root   837 2006-04-24 19:26 libcrammd5.la
-rw-r--r--   1 root root 16180 2006-04-24 19:27 libcrammd5.so
-rw-r--r--   1 root root 16180 2006-04-24 19:27 libcrammd5.so.2
-rw-r--r--   1 root root 16180 2006-04-24 19:27 libcrammd5.so.2.0.19
-rw-r--r--   1 root root 47520 2006-04-24 19:27 libdigestmd5.a
-rw-r--r--   1 root root   860 2006-04-24 19:26 libdigestmd5.la
-rw-r--r--   1 root root 43944 2006-04-24 19:27 libdigestmd5.so
-rw-r--r--   1 root root 43944 2006-04-24 19:27 libdigestmd5.so.2
-rw-r--r--   1 root root 43944 2006-04-24 19:27 libdigestmd5.so.2.0.19
-rw-r--r--   1 root root 13726 2006-04-24 19:27 liblogin.a
-rw-r--r--   1 root root   831 2006-04-24 19:26 liblogin.la
-rw-r--r--   1 root root 14028 2006-04-24 19:27 liblogin.so
-rw-r--r--   1 root root 14028 2006-04-24 19:27 liblogin.so.2
-rw-r--r--   1 root root 14028 2006-04-24 19:27 liblogin.so.2.0.19
-rw-r--r--   1 root root 31248 2006-04-24 19:27 libntlm.a
-rw-r--r--   1 root root   825 2006-04-24 19:26 libntlm.la
-rw-r--r--   1 root root 30692 2006-04-24 19:27 libntlm.so
-rw-r--r--   1 root root 30692 2006-04-24 19:27 libntlm.so.2
-rw-r--r--   1 root root 30692 2006-04-24 19:27 libntlm.so.2.0.19
-rw-r--r--   1 root root 20142 2006-04-24 19:27 libotp.a
-rw-r--r--   1 root root   825 2006-04-24 19:26 libotp.la
-rw-r--r--   1 root root 43184 2006-04-24 19:27 libotp.so
-rw-r--r--   1 root root 43184 2006-04-24 19:27 libotp.so.2
-rw-r--r--   1 root root 43184 2006-04-24 19:27 libotp.so.2.0.19
-rw-r--r--   1 root root 13886 2006-04-24 19:27 libplain.a
-rw-r--r--   1 root root   831 2006-04-24 19:26 libplain.la
-rw-r--r--   1 root root 14096 2006-04-24 19:27 libplain.so
-rw-r--r--   1 root root 14096 2006-04-24 19:27 libplain.so.2
-rw-r--r--   1 root root 14096 2006-04-24 19:27 libplain.so.2.0.19
-rw-r--r--   1 root root 21810 2006-04-24 19:27 libsasldb.a
-rw-r--r--   1 root root   852 2006-04-24 19:26 libsasldb.la
-rw-r--r--   1 root root 18692 2006-04-24 19:27 libsasldb.so
-rw-r--r--   1 root root 18692 2006-04-24 19:27 libsasldb.so.2
-rw-r--r--   1 root root 18692 2006-04-24 19:27 libsasldb.so.2.0.19




-- content of /etc/postfix/sasl/smtpd.conf --
pwcheck_method: saslauthd
mech_list: plain login

-- active services in /etc/postfix/master.cf --
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
smtp      inet  n       -       n       -       -       smtpd
smtp-amavis unix -      -       n       -       2       smtp
   -o smtp_data_done_timeout=1200
   -o disable_dns_lookups=yes
127.0.0.1:10025 inet n  -       n       -       -       smtpd
   -o content_filter=
   -o local_recipient_maps=
   -o smtpd_helo_restrictions=
   -o smtpd_client_restrictions=
   -o smtpd_sender_restrictions=
   -o smtpd_recipient_restrictions=permit_mynetworks,reject
   -o mynetworks=127.0.0.0/8
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       -       300     1       qmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       -       -       -       smtp
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
maildrop  unix  -       n       n       -       -       pipe
   flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
uucp      unix  -       n       n       -       -       pipe
   flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail 
($recipient)
ifmail    unix  -       n       n       -       -       pipe
   flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
   flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -d -t$nexthop -f$sender 
$recipient
scalemail-backend unix    -    n    n    -    2    pipe
   flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store 
${nexthop} ${user} ${extension}

scache      unix    -    -    n    -    1    scache
discard      unix    -    -    n    -    -    discard
tlsmgr    unix  -       -       n       1000?   1       tlsmgr

-- mechanisms on localhost --
250-AUTH NTLM LOGIN PLAIN DIGEST-MD5 CRAM-MD5
250-AUTH=NTLM LOGIN PLAIN DIGEST-MD5 CRAM-MD5

-- end of saslfinger output --


saslauthd -c
saslfinger - postfix Cyrus sasl configuration Mo Mai  1 11:10:54 CEST 2006
version: 1.0
mode: client-side SMTP AUTH

-- basics --
Postfix: 2.2.10
System: Debian GNU/Linux 3.1 \n \l

-- smtp is linked to --
     libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x4014d000)

-- active SMTP AUTH and TLS parameters for smtp --
No active SMTP AUTH and TLS parameters for smtp in main.cf!
SMTP AUTH can't work!

postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:127.0.0.1:10024
daemon_directory = /usr/libexec/postfix
home_mailbox = maildir/
html_directory = no
mail_owner = postfix
mailbox_size_limit = 0
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
mydestination = mail.hserver.info
myhostname = mail.hserver.info
mynetworks = 127.0.0.0/8
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
recipient_delimiter = +
relay_domains = mysql:/etc/postfix/mysql/mysql_relay_domains_maps.cf
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpd_recipient_restrictions = permit_mynetworks, 
permit_sasl_authenticated,  reject_non_fqdn_hostname, 
reject_non_fqdn_sender,  reject_non_fqdn_recipient, 
reject_unauth_destination,  reject_unauth_pipelining, 
reject_invalid_hostname,  reject_rbl_client opm.blitzed.org, 
reject_rbl_client list.dsbl.org,  reject_rbl_client bl.spamcop.net, 
reject_rbl_client sbl-xbl.spamhaus.org
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
unknown_local_recipient_reject_code = 450
virtual_alias_maps = mysql:/etc/postfix/mysql/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:1001
virtual_mailbox_base = /usr/local/virtual
virtual_mailbox_domains = 
mysql:/etc/postfix/mysql/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 51200000
virtual_mailbox_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 1001
virtual_transport = virtual
virtual_uid_maps = static:1001

/var/log/mail.log (-v)
May  1 10:33:03 mail postfix/smtpd[15058]: connect from 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]
May  1 10:33:03 mail postfix/smtpd[15058]: match_list_match: 
dslb-084-061-057-192.pools.arcor-ip.net: no match
May  1 10:33:03 mail postfix/smtpd[15058]: match_list_match: 84.61.57.192: 
no match
May  1 10:33:03 mail postfix/smtpd[15058]: match_list_match: 
dslb-084-061-057-192.pools.arcor-ip.net: no match
May  1 10:33:03 mail postfix/smtpd[15058]: match_list_match: 84.61.57.192: 
no match
May  1 10:33:03 mail postfix/smtpd[15058]: match_hostname: 
dslb-084-061-057-192.pools.arcor-ip.net ~? 127.0.0.0/8
May  1 10:33:03 mail postfix/smtpd[15058]: match_hostaddr: 84.61.57.192 ~? 
127.0.0.0/8
May  1 10:33:03 mail postfix/smtpd[15058]: match_list_match: 
dslb-084-061-057-192.pools.arcor-ip.net: no match
May  1 10:33:03 mail postfix/smtpd[15058]: match_list_match: 84.61.57.192: 
no match
May  1 10:33:03 mail postfix/smtpd[15058]: attr_clnt_connect: connected to 
private/anvil
May  1 10:33:03 mail postfix/smtpd[15058]: send attr request = connect
May  1 10:33:03 mail postfix/smtpd[15058]: send attr ident = smtp:84.61.57.192
May  1 10:33:03 mail postfix/smtpd[15058]: private/anvil: wanted attribute: 
status
May  1 10:33:03 mail postfix/smtpd[15058]: input attribute name: status
May  1 10:33:03 mail postfix/smtpd[15058]: input attribute value: 0
May  1 10:33:03 mail postfix/smtpd[15058]: private/anvil: wanted attribute: 
count
May  1 10:33:03 mail postfix/smtpd[15058]: input attribute name: count
May  1 10:33:03 mail postfix/smtpd[15058]: input attribute value: 1
May  1 10:33:03 mail postfix/smtpd[15058]: private/anvil: wanted attribute: 
rate
May  1 10:33:03 mail postfix/smtpd[15058]: input attribute name: rate
May  1 10:33:03 mail postfix/smtpd[15058]: input attribute value: 1
May  1 10:33:03 mail postfix/smtpd[15058]: private/anvil: wanted attribute: 
(list terminator)
May  1 10:33:03 mail postfix/smtpd[15058]: input attribute name: (end)
May  1 10:33:03 mail postfix/smtpd[15058]: > 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: 220 
mail.hserver.info ESMTP Postfix
May  1 10:33:03 mail postfix/smtpd[15058]: < 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: EHLO [192.168.0.35]
May  1 10:33:03 mail postfix/smtpd[15058]: > 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: 250-mail.hserver.info
May  1 10:33:03 mail postfix/smtpd[15058]: > 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: 250-PIPELINING
May  1 10:33:03 mail postfix/smtpd[15058]: > 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: 250-SIZE 10240000
May  1 10:33:03 mail postfix/smtpd[15058]: > 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: 250-VRFY
May  1 10:33:03 mail postfix/smtpd[15058]: > 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: 250-ETRN
May  1 10:33:03 mail postfix/smtpd[15058]: > 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: 250-AUTH NTLM LOGIN 
PLAIN DIGEST-MD5 CRAM-MD5
May  1 10:33:03 mail postfix/smtpd[15058]: match_list_match: 
dslb-084-061-057-192.pools.arcor-ip.net: no match
May  1 10:33:03 mail postfix/smtpd[15058]: match_list_match: 84.61.57.192: 
no match
May  1 10:33:03 mail postfix/smtpd[15058]: > 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: 250-AUTH=NTLM LOGIN 
PLAIN DIGEST-MD5 CRAM-MD5
May  1 10:33:03 mail postfix/smtpd[15058]: > 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: 250 8BITMIME
May  1 10:33:09 mail postfix/smtpd[15058]: < 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: AUTH CRAM-MD5
May  1 10:33:09 mail postfix/smtpd[15058]: smtpd_sasl_authenticate: 
sasl_method CRAM-MD5
May  1 10:33:09 mail postfix/smtpd[15058]: smtpd_sasl_authenticate: uncoded 
challenge: <484243135.5621769 at mail.hserver.info>
May  1 10:33:09 mail postfix/smtpd[15058]: > 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: 334 
PDQ4NDI0MzEzNS41NjIxNzY5QG1haWwuaHNlcnZlci5pbmZvPg==
May  1 10:33:09 mail postfix/smtpd[15058]: < 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: 
aW5mb0BzaWx2aW9zaWVma2UuZGUgYjc5NWY3ZDY2NmIzZWYxYTQwMDRjN2RjYThiODBjZjE=
May  1 10:33:09 mail postfix/smtpd[15058]: smtpd_sasl_authenticate: decoded 
response: info at silviosiefke.de b795f7d666b3ef1a4004c7dca8b80cf1
May  1 10:33:09 mail postfix/smtpd[15058]: warning: SASL authentication 
failure: no secret in database
May  1 10:33:09 mail postfix/smtpd[15058]: warning: 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: SASL CRAM-MD5 
authentication failed
May  1 10:33:09 mail postfix/smtpd[15058]: > 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: 535 Error: 
authentication failed
May  1 10:33:09 mail postfix/smtpd[15058]: < 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: AUTH NTLM 
TlRMTVNTUAABAAAAB4IIAAAAAAAAAAAAAAAAAAAAAAA=
May  1 10:33:09 mail postfix/smtpd[15058]: smtpd_sasl_authenticate: 
sasl_method NTLM, init_response TlRMTVNTUAABAAAAB4IIAAAAAAAAAAAAAAAAAAAAAAA=
May  1 10:33:09 mail postfix/smtpd[15058]: smtpd_sasl_authenticate: decoded 
initial response NTLMSSP
May  1 10:33:09 mail postfix/smtpd[15058]: smtpd_sasl_authenticate: uncoded 
challenge: NTLMSSP
May  1 10:33:09 mail postfix/smtpd[15058]: > 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: 334 
TlRMTVNTUAACAAAAIgAiADAAAAAFggIAh+kxgaezWqwAAAAAAAAAAAAAAAAAAAAATQBBAEkATAAuAEgAUwBFAFIAVgBFAFIALgBJAE4ARgBPAA==
May  1 10:33:09 mail postfix/smtpd[15058]: < 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: 
TlRMTVNTUAADAAAAGAAYAHYAAAAYABgAjgAAAAAAAABAAAAAKAAoAEAAAAAOAA4AaAAAAAAAAAAAAAAABYIAAGkAbgBmAG8AQABzAGkAbAB2AGkAbwBzAGkAZQBmAGsAZQAuAGQAZQBzAHMAaQBlAGYAawBlAFJVHYqworjg7I6irXYFYHsgAaWzgENal1JVHYqworjg7I6irXYFYHsgAaWzgENalw==
May  1 10:33:09 mail postfix/smtpd[15058]: smtpd_sasl_authenticate: decoded 
response: NTLMSSP
May  1 10:33:09 mail postfix/smtpd[15058]: warning: SASL authentication 
failure: no secret in database
May  1 10:33:09 mail postfix/smtpd[15058]: warning: 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: SASL NTLM 
authentication failed
May  1 10:33:09 mail postfix/smtpd[15058]: > 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: 535 Error: 
authentication failed
May  1 10:33:10 mail postfix/smtpd[15058]: < 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: AUTH PLAIN 
AGluZm9Ac2lsdmlvc2llZmtlLmRlAGs5aGEzNDg=
May  1 10:33:10 mail postfix/smtpd[15058]: smtpd_sasl_authenticate: 
sasl_method PLAIN, init_response AGluZm9Ac2lsdmlvc2llZmtlLmRlAGs5aGEzNDg=
May  1 10:33:10 mail postfix/smtpd[15058]: smtpd_sasl_authenticate: decoded 
initial response
May  1 10:33:10 mail postfix/smtpd[15058]: warning: SASL authentication 
failure: Password verification failed
May  1 10:33:10 mail postfix/smtpd[15058]: warning: 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: SASL PLAIN 
authentication failed
May  1 10:33:10 mail postfix/smtpd[15058]: > 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: 535 Error: 
authentication failed
May  1 10:33:10 mail postfix/smtpd[15058]: < 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: AUTH LOGIN
May  1 10:33:10 mail postfix/smtpd[15058]: smtpd_sasl_authenticate: 
sasl_method LOGIN
May  1 10:33:10 mail postfix/smtpd[15058]: smtpd_sasl_authenticate: uncoded 
challenge: Username:
May  1 10:33:10 mail postfix/smtpd[15058]: > 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: 334 VXNlcm5hbWU6
May  1 10:33:10 mail postfix/smtpd[15058]: < 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: 
aW5mb0BzaWx2aW9zaWVma2UuZGU=
May  1 10:33:10 mail postfix/smtpd[15058]: smtpd_sasl_authenticate: decoded 
response: info at silviosiefke.de
May  1 10:33:10 mail postfix/smtpd[15058]: smtpd_sasl_authenticate: uncoded 
challenge: Password:
May  1 10:33:10 mail postfix/smtpd[15058]: > 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: 334 UGFzc3dvcmQ6
May  1 10:33:10 mail postfix/smtpd[15058]: < 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: azloYTM0OA==
May  1 10:33:10 mail postfix/smtpd[15058]: smtpd_sasl_authenticate: decoded 
response: ++++++
May  1 10:33:10 mail postfix/smtpd[15058]: warning: 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: SASL LOGIN 
authentication failed
May  1 10:33:10 mail postfix/smtpd[15058]: > 
dslb-084-061-057-192.pools.arcor-ip.net[84.61.57.192]: 535 Error: 
authentication failed



Postfix 2.2.10, Debian Sarge
PS: saslauthd habe ich auch mit der -r Option gestarten wegen
der@ Logins. Bringt aber nichts.

Schöne Grüße
Silvio



Mehr Informationen über die Mailingliste Postfixbuch-users