[Postfixbuch-users] postfix und sasldb funktioniert nicht
Steffen Diehl
st.diehl at gmx.de
Mo Jul 23 23:20:05 CEST 2007
So, habe sasl jetzt aus den chroot-jail rausgenommen. Leider
funktioniert es immer noch nicht mit testsaslauthd funktioniert die
Authentifizierung. Also scheint sasl prinzipiell ja zu funktionieren.
Hier mal der output von postconf -n
alias_maps = hash:/etc/postfix/aliases
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
home_mailbox = Maildir/
mydestination = $mydomain, $myhostname, localhost,
localhost.$mydomain
myhostname = mail.localdomain.de
myorigin = $mydomain
smtpd_recipient_restrictions = permit_sasl_authenticated, mynetworks,
reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
und hier der output von saslfinger
-- basics --
Postfix: 2.3.8
System: Ubuntu 7.04 \n \l
-- smtpd is linked to --
libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7d80000)
-- active SMTP AUTH and TLS parameters for smtpd --
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
-- listing of /usr/lib/sasl2 --
insgesamt 740
drwxr-xr-x 2 root root 4096 2007-07-23 23:05 .
drwxr-xr-x 180 root root 53248 2007-07-22 00:40 ..
-rw-r--r-- 1 root root 13640 2007-01-09 11:33 libanonymous.a
-rw-r--r-- 1 root root 855 2007-01-09 11:33 libanonymous.la
-rw-r--r-- 1 root root 13240 2007-01-09 11:33 libanonymous.so
-rw-r--r-- 1 root root 13240 2007-01-09 11:33 libanonymous.so.2
-rw-r--r-- 1 root root 13240 2007-01-09 11:33 libanonymous.so.2.0.22
-rw-r--r-- 1 root root 15942 2007-01-09 11:33 libcrammd5.a
-rw-r--r-- 1 root root 841 2007-01-09 11:33 libcrammd5.la
-rw-r--r-- 1 root root 15704 2007-01-09 11:33 libcrammd5.so
-rw-r--r-- 1 root root 15704 2007-01-09 11:33 libcrammd5.so.2
-rw-r--r-- 1 root root 15704 2007-01-09 11:33 libcrammd5.so.2.0.22
-rw-r--r-- 1 root root 47348 2007-01-09 11:33 libdigestmd5.a
-rw-r--r-- 1 root root 864 2007-01-09 11:33 libdigestmd5.la
-rw-r--r-- 1 root root 43884 2007-01-09 11:33 libdigestmd5.so
-rw-r--r-- 1 root root 43884 2007-01-09 11:33 libdigestmd5.so.2
-rw-r--r-- 1 root root 43884 2007-01-09 11:33 libdigestmd5.so.2.0.22
-rw-r--r-- 1 root root 13650 2007-01-09 11:33 liblogin.a
-rw-r--r-- 1 root root 835 2007-01-09 11:33 liblogin.la
-rw-r--r-- 1 root root 14036 2007-01-09 11:33 liblogin.so
-rw-r--r-- 1 root root 14036 2007-01-09 11:33 liblogin.so.2
-rw-r--r-- 1 root root 14036 2007-01-09 11:33 liblogin.so.2.0.22
-rw-r--r-- 1 root root 30516 2007-01-09 11:33 libntlm.a
-rw-r--r-- 1 root root 829 2007-01-09 11:33 libntlm.la
-rw-r--r-- 1 root root 29876 2007-01-09 11:33 libntlm.so
-rw-r--r-- 1 root root 29876 2007-01-09 11:33 libntlm.so.2
-rw-r--r-- 1 root root 29876 2007-01-09 11:33 libntlm.so.2.0.22
-rw-r--r-- 1 root root 13938 2007-01-09 11:33 libplain.a
-rw-r--r-- 1 root root 835 2007-01-09 11:33 libplain.la
-rw-r--r-- 1 root root 14036 2007-01-09 11:33 libplain.so
-rw-r--r-- 1 root root 14036 2007-01-09 11:33 libplain.so.2
-rw-r--r-- 1 root root 14036 2007-01-09 11:33 libplain.so.2.0.22
-rw-r--r-- 1 root root 22150 2007-01-09 11:33 libsasldb.a
-rw-r--r-- 1 root root 856 2007-01-09 11:33 libsasldb.la
-rw-r--r-- 1 root root 18372 2007-01-09 11:33 libsasldb.so
-rw-r--r-- 1 root root 18372 2007-01-09 11:33 libsasldb.so.2
-rw-r--r-- 1 root root 18372 2007-01-09 11:33 libsasldb.so.2.0.22
-rw-r--r-- 1 root root 291 2007-07-23 23:05 smtpd.conf
-- content of /usr/lib/sasl2/smtpd.conf --
#smtpd.conf for use with sasl2
#set level of logging
log_level: 7
#set authentification details
pwcheck_method: auxprop
#mechanism which are offered for the exchange of authorization data
mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
#Plugin for password verification
auxprop_plugin: sasldb
-- content of /etc/postfix/sasl/smtpd.conf --
#smtpd.conf for use with sasl2
#set level of logging
log_level: 7
#set authentification details
pwcheck_method: auxprop
#mechanism which are offered for the exchange of authorization data
mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
#Plugin for password verification
auxprop_plugin: sasldb
-- active services in /etc/postfix/master.cf --
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
smtp inet n - n - - smtpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
-o fallback_relay=
showq unix n - n - - showq
error unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender
$recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
-- mechanisms on localhost --
250-AUTH PLAIN LOGIN DIGEST-MD5 CRAM-MD5
250-AUTH=PLAIN LOGIN DIGEST-MD5 CRAM-MD5
-- end of saslfinger output --
Postfix allein läuft übrigens auch..zumindest ohne sasl
wenn ich jetzt über ne telnet-Verbindung ein AUTH-PLAIN starte, bekomme
ich folgende Meldung:
535 5.7.0 Error: authentication failed: bad protocol / cancel
Wo liegt mein Fehler...hatte ja bisher das chroot im Verdacht, aber
nachdem der Postfix da raus ist, kann ich es ausschließen.
Danke schon mal für die Hilfe!
Gruß
Steffen
Mehr Informationen über die Mailingliste Postfixbuch-users