[Postfixbuch-users] smtpd und saslauth wollen nicht, wie ich will
Andreas Winkelmann
ml at awinkelmann.de
Mi Mai 23 18:52:07 CEST 2007
On Wednesday 23 May 2007 13:13, Michael Krauth wrote:
> > Vielleicht noch saslfinger (downloaden und das script ausführen?).
>
> Aber gerne:
>
> # /temp/saslfinger-1.0.1/saslfinger -s
> saslfinger - postfix Cyrus sasl configuration Mi 23. Mai 13:09:28 CEST 2007
> version: 1.0.1
> mode: server-side SMTP AUTH
>
> -- basics --
> Postfix: 2.3.8
> System: Debian GNU/Linux 4.0 \n \l
>
> -- smtpd is linked to --
> libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7dac000)
>
> -- active SMTP AUTH and TLS parameters for smtpd --
> broken_sasl_auth_clients = yes
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_local_domain = $myhostname
> smtpd_sasl_security_options = noanonymous
> smtpd_tls_auth_only = no
>
>
> -- listing of /usr/lib/sasl2 --
> insgesamt 700
> drwxr-xr-x 2 root root 4096 2007-05-23 09:51 .
> drwxr-xr-x 54 root root 20480 2007-05-22 19:34 ..
> -rw-r--r-- 1 root root 13304 2006-12-13 22:26 libanonymous.a
> -rw-r--r-- 1 root root 855 2006-12-13 22:26 libanonymous.la
> -rw-r--r-- 1 root root 12844 2006-12-13 22:26 libanonymous.so
> -rw-r--r-- 1 root root 12844 2006-12-13 22:26 libanonymous.so.2
> -rw-r--r-- 1 root root 12844 2006-12-13 22:26 libanonymous.so.2.0.22
> -rw-r--r-- 1 root root 15502 2006-12-13 22:26 libcrammd5.a
> -rw-r--r-- 1 root root 841 2006-12-13 22:26 libcrammd5.la
> -rw-r--r-- 1 root root 15052 2006-12-13 22:26 libcrammd5.so
> -rw-r--r-- 1 root root 15052 2006-12-13 22:26 libcrammd5.so.2
> -rw-r--r-- 1 root root 15052 2006-12-13 22:26 libcrammd5.so.2.0.22
> -rw-r--r-- 1 root root 46320 2006-12-13 22:26 libdigestmd5.a
> -rw-r--r-- 1 root root 864 2006-12-13 22:26 libdigestmd5.la
> -rw-r--r-- 1 root root 43040 2006-12-13 22:26 libdigestmd5.so
> -rw-r--r-- 1 root root 43040 2006-12-13 22:26 libdigestmd5.so.2
> -rw-r--r-- 1 root root 43040 2006-12-13 22:26 libdigestmd5.so.2.0.22
> -rw-r--r-- 1 root root 13482 2006-12-13 22:26 liblogin.a
> -rw-r--r-- 1 root root 835 2006-12-13 22:26 liblogin.la
> -rw-r--r-- 1 root root 13384 2006-12-13 22:26 liblogin.so
> -rw-r--r-- 1 root root 13384 2006-12-13 22:26 liblogin.so.2
> -rw-r--r-- 1 root root 13384 2006-12-13 22:26 liblogin.so.2.0.22
> -rw-r--r-- 1 root root 29300 2006-12-13 22:26 libntlm.a
> -rw-r--r-- 1 root root 829 2006-12-13 22:26 libntlm.la
> -rw-r--r-- 1 root root 28776 2006-12-13 22:26 libntlm.so
> -rw-r--r-- 1 root root 28776 2006-12-13 22:26 libntlm.so.2
> -rw-r--r-- 1 root root 28776 2006-12-13 22:26 libntlm.so.2.0.22
> -rw-r--r-- 1 root root 13818 2006-12-13 22:26 libplain.a
> -rw-r--r-- 1 root root 835 2006-12-13 22:26 libplain.la
> -rw-r--r-- 1 root root 13992 2006-12-13 22:26 libplain.so
> -rw-r--r-- 1 root root 13992 2006-12-13 22:26 libplain.so.2
> -rw-r--r-- 1 root root 13992 2006-12-13 22:26 libplain.so.2.0.22
> -rw-r--r-- 1 root root 21726 2006-12-13 22:26 libsasldb.a
> -rw-r--r-- 1 root root 856 2006-12-13 22:25 libsasldb.la
> -rw-r--r-- 1 root root 17980 2006-12-13 22:26 libsasldb.so
> -rw-r--r-- 1 root root 17980 2006-12-13 22:26 libsasldb.so.2
> -rw-r--r-- 1 root root 17980 2006-12-13 22:26 libsasldb.so.2.0.22
>
> -- content of /etc/postfix/sasl/smtpd.conf --
> pwcheck_method: auxprop
> auxprop_plugin: sql
Du hast das Cyrus-SASL sql Auxprop Plugin konfiguriert aber nicht installiert.
Das ist schlecht.
Also entscheiden, ob Du es wirklich benutzen willst, dann installiere es. Oder
wenn Du saslauthd benutzen willst, dann wäre in der smtpd.conf der
Einstiegspunkt.
> mech_list: cram-md5 digest-md5 ntlm plain login
> allow_plaintext: yes
> sql_engine: mysql
> sql_hostnames: 127.0.0.1
> sql_user: --- replaced ---
> sql_passwd: --- replaced ---
> sql_database: mailserver
> sql_select: SELECT password FROM users WHERE email='%u@%r'
> log_level: 5
>
>
> -- active services in /etc/postfix/master.cf --
> # service type private unpriv chroot wakeup maxproc command + args
> # (yes) (yes) (yes) (never) (100)
> smtp inet n - - - - smtpd
Ist im chroot. Für saslauthd wichtig, bei obiger smtpd.conf mit installiertem
libsql.* eher nebensächlich.
> pickup fifo n - - 60 1 pickup
> cleanup unix n - - - 0 cleanup
> qmgr fifo n - n 300 1 qmgr
> tlsmgr unix - - - 1000? 1 tlsmgr
> rewrite unix - - - - - trivial-rewrite
> bounce unix - - - - 0 bounce
> defer unix - - - - 0 bounce
> trace unix - - - - 0 bounce
> verify unix - - - - 1 verify
> flush unix n - - 1000? 0 flush
> proxymap unix - - n - - proxymap
> smtp unix - - - - - smtp
> relay unix - - - - - smtp
> -o fallback_relay=
> showq unix n - - - - showq
> error unix - - - - - error
> discard unix - - - - - discard
> local unix - n n - - local
> virtual unix - n n - - virtual
> lmtp unix - - - - - lmtp
> anvil unix - - - - 1 anvil
> scache unix - - - - 1 scache
> maildrop unix - n n - - pipe
> flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
> uucp unix - n n - - pipe
> flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
> ($recipient)
> ifmail unix - n n - - pipe
> flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
> bsmtp unix - n n - - pipe
> flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender
> $recipient
> scalemail-backend unix - n n - 2 pipe
> flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
> ${nexthop} ${user} ${extension}
> mailman unix - n n - - pipe
> flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
> ${nexthop} ${user}
>
> -- mechanisms on localhost --
> 250-AUTH NTLM PLAIN CRAM-MD5 LOGIN DIGEST-MD5
> 250-AUTH=NTLM PLAIN CRAM-MD5 LOGIN DIGEST-MD5
>
> -- end of saslfinger output --
>
>
> Grüße,
> Michael
--
Andreas
Mehr Informationen über die Mailingliste Postfixbuch-users