[Postfixbuch-users] postfix sasl mysql
Daniel Gompf
tech at kdmails.de
Mi Mär 12 10:38:57 CET 2008
Hallo,
ich habe hier ein Problem mit der Authetifizierung mit postfix sasl und
mysql. Ich habe im Grunde diese Konfiguration schon auf anderen Systemen
laufen tadellos laufen nur auf dem hier will er die Nutzer nicht
authentifizieren.
Der Zugriff von postfix auf mysql funktioniert, er fragt die diversen
maps ab und liefert auch richitge Ergebnisse.
Mit
# testsaslauthd -u User -p parole -s smtp
bekomme ich auch ein
0: OK "Success."
als Antwort.
Wenn ich es jedoch über telnet versuche kommt folgendes dabei raus.
220 mx01.meineDomain.de ESMTP Postfix
auth login
334 VXNlcm5hbWU6
BASE64-User
334 UGFzc3dvcmQ6
BASE64-pass
535 5.7.8 Error: authentication failed: authentication failure
quit
und im Log steht
warning: localhost[127.0.0.1]: SASL login authentication failed:
authentication failure
und im mysql.log steht keine Abfrage drin.
Kann mir hier jemand weiterhelfen ich habe folgendes angehängt
output von saslfinger, postconf -a, postconf -m, cat
/etc/default/saslauthd, cat /etc/pam.d/smtp, cat /etc/pam.d/smtp, ls -ls
/var/run/, ls -la /var/run/saslauthd, grep sasl /etc/group
Danke Daniel
##########################
saslfinger - postfix Cyrus sasl configuration Wed Mar 12 08:15:05 CET 2008
version: 1.0.2
mode: server-side SMTP AUTH
-- basics --
Postfix: 2.5.1
System: Ubuntu 6.06.2 LTS \n \l
-- smtpd is linked to --
libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x00002aaaab1f1000)
-- active SMTP AUTH and TLS parameters for smtpd --
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = /usr/lib/sasl2/smtpd
smtpd_sasl_security_options = noanonymous
-- listing of /usr/lib64/sasl2 --
total 1320
drwxr-xr-x 2 root root 4096 2008-03-10 23:19 .
drwxr-xr-x 48 root root 12288 2008-03-05 22:22 ..
-rw-r--r-- 1 root root 19036 2007-08-30 21:31 libanonymous.a
-rw-r--r-- 1 root root 855 2007-08-30 21:31 libanonymous.la
-rw-r--r-- 1 root root 15712 2007-08-30 21:31 libanonymous.so
-rw-r--r-- 1 root root 15712 2007-08-30 21:31 libanonymous.so.2
-rw-r--r-- 1 root root 15712 2007-08-30 21:31 libanonymous.so.2.0.19
-rw-r--r-- 1 root root 21802 2007-08-30 21:31 libcrammd5.a
-rw-r--r-- 1 root root 841 2007-08-30 21:31 libcrammd5.la
-rw-r--r-- 1 root root 19104 2007-08-30 21:31 libcrammd5.so
-rw-r--r-- 1 root root 19104 2007-08-30 21:31 libcrammd5.so.2
-rw-r--r-- 1 root root 19104 2007-08-30 21:31 libcrammd5.so.2.0.19
-rw-r--r-- 1 root root 59792 2007-08-30 21:31 libdigestmd5.a
-rw-r--r-- 1 root root 864 2007-08-30 21:31 libdigestmd5.la
-rw-r--r-- 1 root root 46336 2007-08-30 21:31 libdigestmd5.so
-rw-r--r-- 1 root root 46336 2007-08-30 21:31 libdigestmd5.so.2
-rw-r--r-- 1 root root 46336 2007-08-30 21:31 libdigestmd5.so.2.0.19
-rw-r--r-- 1 root root 31532 2006-04-24 13:38 libgssapiv2.a
-rw-r--r-- 1 root root 1029 2006-04-24 13:38 libgssapiv2.la
-rw-r--r-- 1 root root 27528 2006-04-24 13:38 libgssapiv2.so
-rw-r--r-- 1 root root 27528 2006-04-24 13:38 libgssapiv2.so.2
-rw-r--r-- 1 root root 27528 2006-04-24 13:38 libgssapiv2.so.2.0.19
-rw-r--r-- 1 root root 31300 2005-12-22 04:26 libkerberos4.a
-rw-r--r-- 1 root root 862 2005-12-22 04:26 libkerberos4.la
-rw-r--r-- 1 root root 25280 2005-12-22 04:26 libkerberos4.so
-rw-r--r-- 1 root root 25280 2005-12-22 04:26 libkerberos4.so.2
-rw-r--r-- 1 root root 25280 2005-12-22 04:26 libkerberos4.so.2.0.19
-rw-r--r-- 1 root root 19262 2007-08-30 21:31 liblogin.a
-rw-r--r-- 1 root root 835 2007-08-30 21:31 liblogin.la
-rw-r--r-- 1 root root 16352 2007-08-30 21:31 liblogin.so
-rw-r--r-- 1 root root 16352 2007-08-30 21:31 liblogin.so.2
-rw-r--r-- 1 root root 16352 2007-08-30 21:31 liblogin.so.2.0.19
-rw-r--r-- 1 root root 38724 2007-08-30 21:31 libntlm.a
-rw-r--r-- 1 root root 829 2007-08-30 21:31 libntlm.la
-rw-r--r-- 1 root root 32264 2007-08-30 21:31 libntlm.so
-rw-r--r-- 1 root root 32264 2007-08-30 21:31 libntlm.so.2
-rw-r--r-- 1 root root 32264 2007-08-30 21:31 libntlm.so.2.0.19
-rw-r--r-- 1 root root 27142 2007-08-30 21:31 libotp.a
-rw-r--r-- 1 root root 829 2007-08-30 21:31 libotp.la
-rw-r--r-- 1 root root 48856 2007-08-30 21:31 libotp.so
-rw-r--r-- 1 root root 48856 2007-08-30 21:31 libotp.so.2
-rw-r--r-- 1 root root 48856 2007-08-30 21:31 libotp.so.2.0.19
-rw-r--r-- 1 root root 19342 2007-08-30 21:31 libplain.a
-rw-r--r-- 1 root root 835 2007-08-30 21:31 libplain.la
-rw-r--r-- 1 root root 16384 2007-08-30 21:31 libplain.so
-rw-r--r-- 1 root root 16384 2007-08-30 21:31 libplain.so.2
-rw-r--r-- 1 root root 16384 2007-08-30 21:31 libplain.so.2.0.19
-rw-r--r-- 1 root root 29164 2007-08-30 21:31 libsasldb.a
-rw-r--r-- 1 root root 856 2007-08-30 21:31 libsasldb.la
-rw-r--r-- 1 root root 21288 2007-08-30 21:31 libsasldb.so
-rw-r--r-- 1 root root 21288 2007-08-30 21:31 libsasldb.so.2
-rw-r--r-- 1 root root 21288 2007-08-30 21:31 libsasldb.so.2.0.19
-rw-r--r-- 1 root root 30856 2006-04-24 13:38 libsql.a
-rw-r--r-- 1 root root 895 2006-04-24 13:38 libsql.la
-rw-r--r-- 1 root root 24848 2006-04-24 13:38 libsql.so
-rw-r--r-- 1 root root 24848 2006-04-24 13:38 libsql.so.2
-rw-r--r-- 1 root root 24848 2006-04-24 13:38 libsql.so.2.0.19
-rw------- 1 root root 299 2008-03-10 23:19 smtpd.conf
-- listing of /usr/lib/sasl2 --
total 1320
drwxr-xr-x 2 root root 4096 2008-03-10 23:19 .
drwxr-xr-x 48 root root 12288 2008-03-05 22:22 ..
-rw-r--r-- 1 root root 19036 2007-08-30 21:31 libanonymous.a
-rw-r--r-- 1 root root 855 2007-08-30 21:31 libanonymous.la
-rw-r--r-- 1 root root 15712 2007-08-30 21:31 libanonymous.so
-rw-r--r-- 1 root root 15712 2007-08-30 21:31 libanonymous.so.2
-rw-r--r-- 1 root root 15712 2007-08-30 21:31 libanonymous.so.2.0.19
-rw-r--r-- 1 root root 21802 2007-08-30 21:31 libcrammd5.a
-rw-r--r-- 1 root root 841 2007-08-30 21:31 libcrammd5.la
-rw-r--r-- 1 root root 19104 2007-08-30 21:31 libcrammd5.so
-rw-r--r-- 1 root root 19104 2007-08-30 21:31 libcrammd5.so.2
-rw-r--r-- 1 root root 19104 2007-08-30 21:31 libcrammd5.so.2.0.19
-rw-r--r-- 1 root root 59792 2007-08-30 21:31 libdigestmd5.a
-rw-r--r-- 1 root root 864 2007-08-30 21:31 libdigestmd5.la
-rw-r--r-- 1 root root 46336 2007-08-30 21:31 libdigestmd5.so
-rw-r--r-- 1 root root 46336 2007-08-30 21:31 libdigestmd5.so.2
-rw-r--r-- 1 root root 46336 2007-08-30 21:31 libdigestmd5.so.2.0.19
-rw-r--r-- 1 root root 31532 2006-04-24 13:38 libgssapiv2.a
-rw-r--r-- 1 root root 1029 2006-04-24 13:38 libgssapiv2.la
-rw-r--r-- 1 root root 27528 2006-04-24 13:38 libgssapiv2.so
-rw-r--r-- 1 root root 27528 2006-04-24 13:38 libgssapiv2.so.2
-rw-r--r-- 1 root root 27528 2006-04-24 13:38 libgssapiv2.so.2.0.19
-rw-r--r-- 1 root root 31300 2005-12-22 04:26 libkerberos4.a
-rw-r--r-- 1 root root 862 2005-12-22 04:26 libkerberos4.la
-rw-r--r-- 1 root root 25280 2005-12-22 04:26 libkerberos4.so
-rw-r--r-- 1 root root 25280 2005-12-22 04:26 libkerberos4.so.2
-rw-r--r-- 1 root root 25280 2005-12-22 04:26 libkerberos4.so.2.0.19
-rw-r--r-- 1 root root 19262 2007-08-30 21:31 liblogin.a
-rw-r--r-- 1 root root 835 2007-08-30 21:31 liblogin.la
-rw-r--r-- 1 root root 16352 2007-08-30 21:31 liblogin.so
-rw-r--r-- 1 root root 16352 2007-08-30 21:31 liblogin.so.2
-rw-r--r-- 1 root root 16352 2007-08-30 21:31 liblogin.so.2.0.19
-rw-r--r-- 1 root root 38724 2007-08-30 21:31 libntlm.a
-rw-r--r-- 1 root root 829 2007-08-30 21:31 libntlm.la
-rw-r--r-- 1 root root 32264 2007-08-30 21:31 libntlm.so
-rw-r--r-- 1 root root 32264 2007-08-30 21:31 libntlm.so.2
-rw-r--r-- 1 root root 32264 2007-08-30 21:31 libntlm.so.2.0.19
-rw-r--r-- 1 root root 27142 2007-08-30 21:31 libotp.a
-rw-r--r-- 1 root root 829 2007-08-30 21:31 libotp.la
-rw-r--r-- 1 root root 48856 2007-08-30 21:31 libotp.so
-rw-r--r-- 1 root root 48856 2007-08-30 21:31 libotp.so.2
-rw-r--r-- 1 root root 48856 2007-08-30 21:31 libotp.so.2.0.19
-rw-r--r-- 1 root root 19342 2007-08-30 21:31 libplain.a
-rw-r--r-- 1 root root 835 2007-08-30 21:31 libplain.la
-rw-r--r-- 1 root root 16384 2007-08-30 21:31 libplain.so
-rw-r--r-- 1 root root 16384 2007-08-30 21:31 libplain.so.2
-rw-r--r-- 1 root root 16384 2007-08-30 21:31 libplain.so.2.0.19
-rw-r--r-- 1 root root 29164 2007-08-30 21:31 libsasldb.a
-rw-r--r-- 1 root root 856 2007-08-30 21:31 libsasldb.la
-rw-r--r-- 1 root root 21288 2007-08-30 21:31 libsasldb.so
-rw-r--r-- 1 root root 21288 2007-08-30 21:31 libsasldb.so.2
-rw-r--r-- 1 root root 21288 2007-08-30 21:31 libsasldb.so.2.0.19
-rw-r--r-- 1 root root 30856 2006-04-24 13:38 libsql.a
-rw-r--r-- 1 root root 895 2006-04-24 13:38 libsql.la
-rw-r--r-- 1 root root 24848 2006-04-24 13:38 libsql.so
-rw-r--r-- 1 root root 24848 2006-04-24 13:38 libsql.so.2
-rw-r--r-- 1 root root 24848 2006-04-24 13:38 libsql.so.2.0.19
-rw------- 1 root root 299 2008-03-10 23:19 smtpd.conf
-- content of /usr/lib64/sasl2/smtpd.conf --
#pwcheck_method: auxprop
#auxprop_plugin: sql
pwcheck_method: saslauthd
log_level: 3
mech_list: plain login cram-md5 digest-md5
sql_engine: mysql
sql_hostnames: 127.0.0.1
sql_user: --- replaced ---
sql_passwd: --- replaced ---
sql_database: mail
sql_select: select smtp_pw_clear from popbox where smtp_login='%u'
-- content of /usr/lib/sasl2/smtpd.conf --
#pwcheck_method: auxprop
#auxprop_plugin: sql
pwcheck_method: saslauthd
log_level: 3
mech_list: plain login cram-md5 digest-md5
sql_engine: mysql
sql_hostnames: 127.0.0.1
sql_user: --- replaced ---
sql_passwd: --- replaced ---
sql_database: mail
sql_select: select smtp_pw_clear from popbox where smtp_login='%u'
-- active services in /etc/postfix/master.cf --
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
smtp inet n - n - 20 smtpd
-o smtpd_proxy_filter=127.0.0.1:10024
-o smtpd_client_connection_count_limit=10
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
-o smtp_fallback_relay=
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
-- mechanisms on localhost --
250-AUTH GSSAPI NTLM LOGIN PLAIN DIGEST-MD5 CRAM-MD5
250-AUTH=GSSAPI NTLM LOGIN PLAIN DIGEST-MD5 CRAM-MD5
-- end of saslfinger output --
# postconf -a
cyrus
dovecot
# postconf -m
btree
cidr
environ
hash
mysql
nis
pcre
proxy
regexp
static
unix
# cat /etc/default/saslauthd
START=yes
MECHANISMS="pam"
# cat /etc/pam.d/smtp
auth required pam_mysql.so user=xxx passwd=xxx host=127.0.0.1 db=mail
table=popbox usercolumn=smtp_login passwdcolumn=smtp_pw_clear
account sufficient pam_mysql.so user=xxx passwd=xxx host=127.0.0.1
db=mail table=popbox usercolumn=smtp_login passwdcolumn=smtp_pw_clear
# ls -ls /var/run/
...
drwxr-x--- 2 root sasl 100 2008-03-10 23:19 saslauthd
...
# ls -la /var/run/saslauthd
srwxrwxrwx 1 root root 0 2008-03-10 23:19 mux
-rw------- 1 root root 0 2008-03-10 23:19 mux.accept
-rw------- 1 root root 6 2008-03-10 23:19 saslauthd.pid
# grep sasl /etc/group
sasl:x:45:postfix
Mehr Informationen über die Mailingliste Postfixbuch-users