[Postfixbuch-users] SASL "Problemchen"

Patrick Ben Koetter p at state-of-mind.de
Di Dez 11 10:16:01 CET 2007 

* Matthias Haegele <mhaegele at linuxrocks.dyndns.org>:
> Hallo Ihr!
> 
> Folgendes will nicht bei mir, sobald ich die nodictionary option anfüge 
> krachts.:
> 
> > smtpd_sasl_security_options = noanonymous, nodictionary
> 
> > Dec 11 10:05:59 hermes postfix/smtpd[3303]: warning: xsasl_cyrus_server_get_mechanism_list: no applicable SASL mechanisms

Ja, da bleibt von dem was Du anbietest nichts übrig, was Postfix verwenden
könnte. nodictionary ist IIRC nur EXTERNAL und GSSAPI. Beide sind auch noch
mutual_auth als policy.

Du nutzt doch Debian, oder? Dann wirf mal den "saslpluginviewer" und der sagt
Dir dann, welcher Mechanismus in welche policy Kategorie fällt.

p at rick



> > Dec 11 10:05:59 hermes postfix/smtpd[3303]: fatal: no SASL authentication mechanisms
> > Dec 11 10:06:00 hermes postfix/master[2457]: warning: process /usr/lib/postfix/smtpd pid 3303 exit status 1
> > Dec 11 10:06:00 hermes postfix/master[2457]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
> 
> > hermes:~# postconf -n
> > address_verify_map = btree:/var/spool/postfix/verified_senders
> > address_verify_negative_cache = yes
> > address_verify_negative_refresh_time = 6m
> > address_verify_poll_count = 1
> > alias_database = hash:/etc/aliases
> > alias_maps = hash:/etc/aliases
> > append_dot_mydomain = no
> > biff = no
> > config_directory = /etc/postfix
> > content_filter = amavisd-new:[127.0.0.1]:10024
> > delay_warning_time = 1h
> > disable_vrfy_command = yes
> > home_mailbox = Maildir/
> > inet_interfaces = all
> > mailbox_size_limit = 0
> > mime_header_checks = pcre:/etc/postfix/mime_header_checks
> > mydestination = $mydomain, $myhostname
> > mydomain = linuxrocks.dyndns.org
> > myhostname = hermes.linuxrocks.dyndns.org
> > mynetworks = 127.0.0.0/8
> > myorigin = $mydomain
> > recipient_delimiter = +
> > relayhost =
> > smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
> > smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
> > smtpd_data_restrictions = reject_multi_recipient_bounce
> > smtpd_discard_ehlo_keywords = silent-discard, dsn
> > smtpd_error_sleep_time = 5s
> > smtpd_hard_error_limit = 15
> > smtpd_helo_required = yes
> > smtpd_recipient_restrictions = permit_mynetworks,     reject_unlisted_recipient,      permit_sasl_authenticated,     reject_non_fqdn_hostname,     reject_non_fqdn_sender,     reject_non_fqdn_recipient,     reject_unauth_destination,     check_sender_access hash:/etc/postfix/disallow_my_domain     check_sender_access hash:/etc/postfix/blacklist_sender     check_recipient_access hash:/etc/postfix/roleaccount_exceptions     sleep 1,     reject_unauth_pipelining,     reject_unknown_reverse_client_hostname     reject_invalid_hostname,     check_helo_access pcre:/etc/postfix/helo_checks     check_client_access pcre:/etc/postfix/client-checks     check_sender_mx_access cidr:/etc/postfix/bogus_mx     reject_rbl_client list.dsbl.org,     reject_rbl_client zen.spamhaus.org,  reject_rhsbl_sender dsn.rfc-ignorant.org        reject_rhsbl_sender postmaster.rfc-ignorant.org reject_rhsbl_sender abuse.rfc-ignorant.org      reject_rhsbl_sender cbl.abuseat.org    reject_rhsbl_sender bogusmx.
> abuseat.org  reject_rbl_client ix.dnsbl.manitu.net     reject_unknown_sender_domain permit
> > smtpd_sasl_auth_enable = yes
> > smtpd_sasl_authenticated_header = yes
> > smtpd_sasl_local_domain =
> > smtpd_sasl_security_options = noanonymous, nodictionary
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> Da scheint irgendwie der Hund begraben?
> 
> > smtpd_soft_error_limit = 5
> > unverified_sender_reject_code = 550
> > virtual_alias_domains = hash:/etc/postfix/virtual_alias_domains
> > virtual_alias_maps = hash:/etc/postfix/virtual_mailbox_aliases
> > virtual_gid_maps = static:1003
> > virtual_mailbox_base = /var/spool/virtual_mailboxes
> > virtual_mailbox_domains = haegele-clan.eu
> > virtual_mailbox_maps = hash:/etc/postfix/virtual_mailbox_recipients
> > virtual_uid_maps = static:1003
> 
> 
> ii  postfix        2.3.8-2+b1     A high-performance mail transport agent
> ii  postfix-doc    2.3.8-2        Postfix documentation
> ii  postfix-ldap   2.3.8-2+b1     LDAP map support for Postfix
> ii  postfix-mysql  2.3.8-2+b1     MYSQL map support for Postfix
> ii  postfix-pcre   2.3.8-2+b1     PCRE map support for Postfix
> 
> > ii  libsasl2-2     2.1.22.dfsg1-8 Authentication abstraction library
> > ii  libsasl2-modul 2.1.22.dfsg1-8 Pluggable Authentication Modules for SASL
> > ii  sasl2-bin      2.1.22.dfsg1-8 Administration programs for SASL users datab
> 
> Danke im Voraus!
> 
> 
> -- 
> Grüsse/Greetings
> MH
> 
> 
> Dont send mail to: ubecatcher at linuxrocks.dyndns.org
> --
> 
> -- 
> _______________________________________________
> Postfixbuch-users -- http://www.postfixbuch.de
> Heinlein Professional Linux Support GmbH
> 
> Postfixbuch-users at listi.jpberlin.de
> https://listi.jpberlin.de/mailman/listinfo/postfixbuch-users

-- 
Postfix - Einrichtung, Betrieb und Wartung
<http://www.postfix-buch.com>
saslfinger (debugging SMTP AUTH):
<http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>

Mehr Informationen über die Mailingliste Postfixbuch-users