[Postfixbuch-users] Porblem mit dem Senden von Nachrichten (Postfix, Debian, Thunderbird)

Metin Özkan metin.oezkan at web.de
Di Mai 2 20:25:20 CEST 2006


Hallo Liste!

Ich bin ja schon einige Schritte weiter. Immerhin kann ich nun schon die 
Pop3 - Fächer abrufen.
Nur mit dieser besch... Smtp-Auth Geschichte komm' ich einfach nihct klar.
Ich hangele mich schon seit mehreren Stunden von einem Thread zum anderen,
und kopiere hier was rein, nehme da was raus...


Meine main.cf sieht jetzt so aus:

# /etc/postfix/main.cf

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

command_directory = /usr/sbin
mail_owner = postfix
default_privs = nobody

mydomain = domain.de
myhostname = mail.domain.de
myorigin = $mydomain
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
inet_interfaces = all
mydestination = $mydomain, $myhostname, localhost.$mydomain
mynetworks_style = subnet

home_mailbox = Maildir/
mail_spool_directory = /var/mail
mtpd_banner = $myhostname ESMTP $mail_name
mailbox_size_limit = 0
recipient_delimiter = +

smtp_sasl_auth_enable = yes
smtp_use_tls = yes
smtp_tls_key_file = /etc/postfix/newreq.pem
smtp_tls_cert_file = /etc/postfix/newcert.pem
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_sasl_password_maps = hash:/etc/postfix/smtp_auth

smtpd_sasl_auth_enable = yes
smtpd_sasl2_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_local_domain = $mydomain
smtpd_recipient_restrictions = permit_sasl_authenticated, 
permit_mynetworks, reject_unauth_destination

smtpd_use_tls = yes
smtpd_tls_auth_only = yes

smtpd_tls_key_file = /etc/postfix/newreq.pem
smtpd_tls_cert_file = /etc/postfix/newcert.pem
smtpd_tls_CAfile = /etc/postfix/cacert.pem

smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cached_timeout = 3600s
tls_random_source = dev:/dev/urandom


Wenn ich mit Thunderbird versuche eine Mail abzusenden, kommt die 
Passworteingabe, in die ich
brav mein Passwort eingebe. Aber immer und immer wieder.




Im mail.log steht folgendes:

May 2 17:51:49 h123456 postfix/smtpd[5448]: starting TLS engine
May 2 17:51:49 h123456 postfix/smtpd[5448]: connect from 
unknown[xxx.xxx.xxx.xxx]
May 2 17:51:49 h123456 postfix/smtpd[5448]: setting up TLS connection 
from unknown[xxx.xxx.xxx.xxx]
May 2 17:51:49 h123456 postfix/smtpd[5448]: SSL_accept:before/accept 
initialization
May 2 17:51:49 h123456 postfix/smtpd[5448]: read from 08089DB8 
[080934A8] (11 bytes => -1 (0xFFFFFFFF))
May 2 17:51:49 h123456 postfix/smtpd[5448]: SSL_accept:error in SSLv2/v3 
read client hello A
May 2 17:51:49 h123456 postfix/smtpd[5448]: read from 08089DB8 
[080934A8] (11 bytes => 11 (0xB))
May 2 17:51:49 h123456 postfix/smtpd[5448]: 0000 16 03 01 00 73 01 00 
00|6f 03 01 ....s... o..
May 2 17:51:49 h123456 postfix/smtpd[5448]: read from 08089DB8 
[080934B3] (109 bytes => -1 (0xFFFFFFFF))
May 2 17:51:49 h123456 postfix/smtpd[5448]: SSL_accept:error in SSLv3 
read client hello B
May 2 17:51:49 h123456 postfix/smtpd[5448]: SSL_accept:error in SSLv3 
read client hello B
May 2 17:51:49 h123456 postfix/smtpd[5448]: read from 08089DB8 
[080934B3] (109 bytes => 109 (0x6D)) # - sonstwas - #
May 2 17:51:49 h123456 postfix/smtpd[5448]: 0060 fe 00 09 00 64 00 62 
00|03 00 06 01 ....d.b. ....
May 2 17:51:49 h123456 postfix/smtpd[5448]: 006d - <SPACES/NULS>?
May 2 17:51:49 h123456 postfix/smtpd[5448]: SSL_accept:SSLv3 read client 
hello B
May 2 17:51:49 h123456 postfix/smtpd[5448]: SSL_accept:SSLv3 write 
server hello A
May 2 17:51:49 h123456 postfix/smtpd[5448]: SSL_accept:SSLv3 write 
certificate A
May 2 17:51:49 h123456 postfix/smtpd[5448]: SSL_accept:SSLv3 write key 
exchange A
May 2 17:51:49 h123456 postfix/smtpd[5448]: SSL_accept:SSLv3 write 
server done A
May 2 17:51:49 h123456 postfix/smtpd[5448]: write to 08089DB8 [080A15F8] 
(1431 bytes => 1431 (0x597))
May 2 17:51:49 h123456 postfix/smtpd[5448]: 0000 16 03 01 00 4a 02 00 
00|46 03 01 44 57 80 15 f3 ....J... F..DW...
May 2 17:51:49 h123456 postfix/smtpd[5448]: 0010 ed 31 f7 c1 a3 66 4f 
75|95 87 ae 6c 8e 2c e7 ef .1...fOu ...l.,..
May 2 17:51:49 h123456 postfix/smtpd[5448]: 0020 df f7 e2 17 47 a6 6a 
22|07 58 74 20 cc 19 f7 6f ....G.j" .Xt ...o
May 2 17:51:49 h123456 postfix/smtpd[5448]: 0030 92 e4 00 05 30 e5 a5 
c8|01 f4 a6 c3 9a f3 ff de ....0... ........ # - zertifikat - #
May 2 17:51:49 h123456 postfix/smtpd[5448]: 0580 7a 68 3a 4a 00 52 c3 
67|87 e6 3f 95 a4 d6 16 03 zh:J.R.g ..?.....
May 2 17:51:49 h123456 postfix/smtpd[5448]: 0590 01 00 04 0e ....
May 2 17:51:49 h123456 postfix/smtpd[5448]: 0597 - <SPACES/NULS>?
May 2 17:51:49 h123456 postfix/smtpd[5448]: SSL_accept:SSLv3 flush data
May 2 17:51:49 h123456 postfix/smtpd[5448]: read from 08089DB8 
[080934A8] (5 bytes => -1 (0xFFFFFFFF))
May 2 17:51:49 h123456 postfix/smtpd[5448]: SSL_accept:error in SSLv3 
read client certificate A
May 2 17:51:49 h123456 postfix/smtpd[5448]: read from 08089DB8 
[080934A8] (5 bytes => 5 (0x5))
May 2 17:51:49 h123456 postfix/smtpd[5448]: 0000 16 03 01 00 86 .....
May 2 17:51:49 h123456 postfix/smtpd[5448]: read from 08089DB8 
[080934AD] (134 bytes => -1 (0xFFFFFFFF))
May 2 17:51:49 h123456 postfix/smtpd[5448]: SSL_accept:error in SSLv3 
read client certificate A
May 2 17:51:49 h123456 postfix/smtpd[5448]: read from 08089DB8 
[080934AD] (134 bytes => 134 (0x86))
May 2 17:51:49 h123456 postfix/smtpd[5448]: 0000 10 00 00 82 00 80 5b 
5f|8a c2 6b ca c2 2c 64 b1 ......[_ ..k..,d. # - sonstwas - #
May 2 17:51:49 h123456 postfix/smtpd[5448]: 0070 56 02 50 9f a1 7d 38 
c8|c1 a6 f6 05 88 53 9c 41 V.P..}8. .....S.A
May 2 17:51:49 h123456 postfix/smtpd[5448]: 0080 c8 50 6b 15 21 f5 .Pk.!.
May 2 17:51:49 h123456 postfix/smtpd[5448]: SSL_accept:SSLv3 read client 
key exchange A
May 2 17:51:49 h123456 postfix/smtpd[5448]: read from 08089DB8 
[080934A8] (5 bytes => -1 (0xFFFFFFFF))
May 2 17:51:49 h123456 postfix/smtpd[5448]: SSL_accept:error in SSLv3 
read certificate verify A
May 2 17:51:49 h123456 postfix/smtpd[5448]: read from 08089DB8 
[080934A8] (5 bytes => 5 (0x5))
May 2 17:51:49 h123456 postfix/smtpd[5448]: 0000 14 03 01 00 01 .....
May 2 17:51:49 h123456 postfix/smtpd[5448]: read from 08089DB8 
[080934AD] (1 bytes => -1 (0xFFFFFFFF))
May 2 17:51:49 h123456 postfix/smtpd[5448]: SSL_accept:error in SSLv3 
read certificate verify A
May 2 17:51:49 h123456 postfix/smtpd[5448]: read from 08089DB8 
[080934AD] (1 bytes => 1 (0x1))
May 2 17:51:49 h123456 postfix/smtpd[5448]: 0000 01 .
May 2 17:51:49 h123456 postfix/smtpd[5448]: read from 08089DB8 
[080934A8] (5 bytes => -1 (0xFFFFFFFF))
May 2 17:51:49 h123456 postfix/smtpd[5448]: SSL_accept:error in SSLv3 
read certificate verify A
May 2 17:51:49 h123456 postfix/smtpd[5448]: read from 08089DB8 
[080934A8] (5 bytes => 5 (0x5))
May 2 17:51:49 h123456 postfix/smtpd[5448]: 0000 16 03 01 00 30 ....0
May 2 17:51:49 h123456 postfix/smtpd[5448]: read from 08089DB8 
[080934AD] (48 bytes => -1 (0xFFFFFFFF))
May 2 17:51:49 h123456 postfix/smtpd[5448]: SSL_accept:error in SSLv3 
read certificate verify A
May 2 17:51:49 h123456 postfix/smtpd[5448]: read from 08089DB8 
[080934AD] (48 bytes => 48 (0x30))
May 2 17:51:49 h123456 postfix/smtpd[5448]: 0000 42 a4 71 27 e8 3b a4 
f4|71 6b 89 ac 88 ac cb 2f B.q'.;.. qk...../
May 2 17:51:49 h123456 postfix/smtpd[5448]: 0010 25 21 55 14 89 b5 41 
e0|fe 51 33 4d b0 d8 cc bd %!U...A. .Q3M....
May 2 17:51:49 h123456 postfix/smtpd[5448]: 0020 88 bb 42 81 45 77 d9 
1b|21 de 49 a4 35 0f 51 7c ..B.Ew.. !.I.5.Q|
May 2 17:51:49 h123456 postfix/smtpd[5448]: SSL_accept:SSLv3 read 
finished A
May 2 17:51:49 h123456 postfix/smtpd[5448]: SSL_accept:SSLv3 write 
change cipher spec A
May 2 17:51:49 h123456 postfix/smtpd[5448]: SSL_accept:SSLv3 write 
finished A
May 2 17:51:49 h123456 postfix/smtpd[5448]: write to 08089DB8 [080A15F8] 
(59 bytes => 59 (0x3B))
May 2 17:51:49 h123456 postfix/smtpd[5448]: 0000 14 03 01 00 01 01 16 
03|01 00 30 24 e3 d9 3a 12 ........ ..0$..:.
May 2 17:51:49 h123456 postfix/smtpd[5448]: 0010 e8 1a 16 11 61 58 43 
4b|e5 21 42 53 56 72 6a 69 ....aXCK .!BSVrji
May 2 17:51:49 h123456 postfix/smtpd[5448]: 0020 f0 bc c4 3f 21 1c fe 
3a|a6 69 21 f5 68 38 53 c2 ...?!..: .i!.h8S.
May 2 17:51:49 h123456 postfix/smtpd[5448]: 0030 cc 8d 37 42 15 2b 8a 
7a|59 f3 47 ..7B.+.z Y.G
May 2 17:51:49 h123456 postfix/smtpd[5448]: SSL_accept:SSLv3 flush data
May 2 17:51:49 h123456 postfix/smtpd[5448]: TLS connection established 
from unknown[xxx.xxx.xxx.xxx]: TLSv1 with cipher DHE-RSA-AES256-SHA 
(256/256 bits)
May 2 17:51:53 h123456 postfix/smtpd[5448]: warning: SASL authentication 
failure: no secret in database
May 2 17:51:53 h123456 postfix/smtpd[5448]: warning: 
unknown[xxx.xxx.xxx.xxx]: SASL CRAM-MD5 authentication failed
May 2 17:51:53 h123456 postfix/smtpd[5448]: warning: SASL authentication 
failure: no secret in database
May 2 17:51:53 h123456 postfix/smtpd[5448]: warning: 
unknown[xxx.xxx.xxx.xxx]: SASL NTLM authentication failed
May 2 17:51:53 h123456 postfix/smtpd[5448]: warning: SASL authentication 
problem: unknown password verifier
May 2 17:51:53 h123456 postfix/smtpd[5448]: warning: SASL authentication 
failure: Password verification failed
May 2 17:51:53 h123456 postfix/smtpd[5448]: warning: 
unknown[xxx.xxx.xxx.xxx]: SASL PLAIN authentication failed
May 2 17:51:54 h123456 postfix/smtpd[5448]: warning: SASL authentication 
problem: unknown password verifier
May 2 17:51:54 h123456 postfix/smtpd[5448]: warning: 
unknown[xxx.xxx.xxx.xxx]: SASL LOGIN authentication failed
May 2 17:51:56 h123456 postfix/smtpd[5448]: lost connection after AUTH 
from unknown[xxx.xxx.xxx.xxx]
May 2 17:51:56 h123456 postfix/smtpd[5448]: disconnect from 
unknown[xxx.xxx.xxx.xxx]

# saslfinger -c
saslfinger - postfix Cyrus sasl configuration Di Mai  2 17:55:39 CEST 2006
version: 1.0
mode: client-side SMTP AUTH

-- basics --
Postfix: 2.1.5
System: Debian GNU/Linux 3.1 \n \l

-- smtp is linked to --
        libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x4019e000)

-- active SMTP AUTH and TLS parameters for smtp --
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/smtp_auth
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_tls_cert_file = /etc/postfix/newcert.pem
smtp_tls_key_file = /etc/postfix/newreq.pem
smtp_use_tls = yes


-- listing of /usr/lib/sasl2 --
insgesamt 840
drwxr-xr-x   2 root root  4096 2006-05-02 14:08 .
drwxr-xr-x  25 root root  4096 2006-05-02 17:41 ..
-rw-r--r--   1 root root 13492 2006-04-24 19:27 libanonymous.a
-rw-r--r--   1 root root   851 2006-04-24 19:26 libanonymous.la
-rw-r--r--   1 root root 13824 2006-04-24 19:27 libanonymous.so
-rw-r--r--   1 root root 13824 2006-04-24 19:27 libanonymous.so.2
-rw-r--r--   1 root root 13824 2006-04-24 19:27 libanonymous.so.2.0.19
-rw-r--r--   1 root root 16298 2006-04-24 19:27 libcrammd5.a
-rw-r--r--   1 root root   837 2006-04-24 19:26 libcrammd5.la
-rw-r--r--   1 root root 16180 2006-04-24 19:27 libcrammd5.so
-rw-r--r--   1 root root 16180 2006-04-24 19:27 libcrammd5.so.2
-rw-r--r--   1 root root 16180 2006-04-24 19:27 libcrammd5.so.2.0.19
-rw-r--r--   1 root root 47520 2006-04-24 19:27 libdigestmd5.a
-rw-r--r--   1 root root   860 2006-04-24 19:26 libdigestmd5.la
-rw-r--r--   1 root root 43944 2006-04-24 19:27 libdigestmd5.so
-rw-r--r--   1 root root 43944 2006-04-24 19:27 libdigestmd5.so.2
-rw-r--r--   1 root root 43944 2006-04-24 19:27 libdigestmd5.so.2.0.19
-rw-r--r--   1 root root 13726 2006-04-24 19:27 liblogin.a
-rw-r--r--   1 root root   831 2006-04-24 19:26 liblogin.la
-rw-r--r--   1 root root 14028 2006-04-24 19:27 liblogin.so
-rw-r--r--   1 root root 14028 2006-04-24 19:27 liblogin.so.2
-rw-r--r--   1 root root 14028 2006-04-24 19:27 liblogin.so.2.0.19
-rw-r--r--   1 root root 31248 2006-04-24 19:27 libntlm.a
-rw-r--r--   1 root root   825 2006-04-24 19:26 libntlm.la
-rw-r--r--   1 root root 30692 2006-04-24 19:27 libntlm.so
-rw-r--r--   1 root root 30692 2006-04-24 19:27 libntlm.so.2
-rw-r--r--   1 root root 30692 2006-04-24 19:27 libntlm.so.2.0.19
-rw-r--r--   1 root root 20142 2006-04-24 19:27 libotp.a
-rw-r--r--   1 root root   825 2006-04-24 19:26 libotp.la
-rw-r--r--   1 root root 43184 2006-04-24 19:27 libotp.so
-rw-r--r--   1 root root 43184 2006-04-24 19:27 libotp.so.2
-rw-r--r--   1 root root 43184 2006-04-24 19:27 libotp.so.2.0.19
-rw-r--r--   1 root root 13886 2006-04-24 19:27 libplain.a
-rw-r--r--   1 root root   831 2006-04-24 19:26 libplain.la
-rw-r--r--   1 root root 14096 2006-04-24 19:27 libplain.so
-rw-r--r--   1 root root 14096 2006-04-24 19:27 libplain.so.2
-rw-r--r--   1 root root 14096 2006-04-24 19:27 libplain.so.2.0.19
-rw-r--r--   1 root root 21810 2006-04-24 19:27 libsasldb.a
-rw-r--r--   1 root root   852 2006-04-24 19:26 libsasldb.la
-rw-r--r--   1 root root 18692 2006-04-24 19:27 libsasldb.so
-rw-r--r--   1 root root 18692 2006-04-24 19:27 libsasldb.so.2
-rw-r--r--   1 root root 18692 2006-04-24 19:27 libsasldb.so.2.0.19

Ich hab auch mal saslfinger installiert. Ausgabe:

-- permissions for /etc/postfix/smtp_auth --
-rw-r--r--  1 root root 33 2006-05-02 16:32 /etc/postfix/smtp_auth

-- permissions for /etc/postfix/smtp_auth.db --
-rw-r--r--  1 root root 12288 2006-05-02 17:33 /etc/postfix/smtp_auth.db

/etc/postfix/smtp_auth.db is up to date.

-- active services in /etc/postfix/master.cf --
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
smtp      inet  n       -       -       -       -       smtpd
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       -       300     1       qmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp       inet  n         -       n       -      -       smtpd
relay     unix  -       -       -       -       -       smtp
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail 
($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -d -t$nexthop -f$sender 
$recipient
scalemail-backend unix  -       n       n       -       2       pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store 
${nexthop} ${user} ${extension}

-- mechanisms on mail.domain.de --


Eine /etc/postfix/sasl/smptd.conf hat ganz gefehlt. Die hab ich dann mal 
angelegt und "pwcheck_method: PAM" hinein geschrieben.

HIIILLLFFFFEEEEE!!!

Vielen Dank für die Mühe

Metin




Mehr Informationen über die Mailingliste Postfixbuch-users