[Postfixbuch-users] Kein SMTP-Auth bei ausschließlich lokalen Domains
Patrick Westenberg
pw at wk-serv.de
Mo Mai 24 20:42:34 CEST 2010
Hallo zusammen,
ich habe ein Postfixsystem mit virtuellen Domains inkl. SASL über
Dovecot und mit Pgsql-Backend aufgesetzt.
Wenn ich über dieses System eine E-Mail verschicke, bei der sowohl
die MAIL FROM als auch die RCPT TO Domain bzw. Mailbox als virtuelle
Domain angelegt sind, dann ist ein Versand ohne SMTP AUTH möglich!
Ist eine der beiden Adresse nicht im System angelegt, funktioniert
SMTP-AUTH hervorragend.
Habe ich etwas elementares übersehen?
Gruß
Patrick
main.cf
-----------
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
home_mailbox = Maildir/
inet_interfaces = all
mailbox_size_limit = 0
mydestination = smtp02.serverfreak.net, localhost.serverfreak.net, localhost
myhostname = smtp02.serverfreak.net
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name $mail_version (Debian/GNU)
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unverified_recipient,
reject_non_fqdn_sender,
reject_unauth_destination,
reject_invalid_helo_hostname,
reject_unknown_sender_domain
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_tls_CAfile = /etc/postfix/class3.crt
smtpd_tls_cert_file = /etc/postfix/smtp_serverfreak_net.crt
smtpd_tls_key_file = /etc/postfix/smtp_serverfreak_net.key
smtpd_tls_loglevel = 2
smtpd_tls_received_header = yes
smtpd_tls_security_level = encrypt
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
tls_random_source = dev:/dev/urandom
virtual_gid_maps = static:5000
virtual_mailbox_base = /var/mail/vhosts
virtual_mailbox_domains = pgsql:/etc/postfix/virtual_mailbox_domains
virtual_mailbox_maps = pgsql:/etc/postfix/virtual_mailbox_maps
virtual_minimum_uid = 5000
virtual_uid_maps = static:5000
master.cf
----------
smtp inet n - - - - smtpd
smtps inet n - - - - smtpd -v
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#628 inet n - - - - qmqpd
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - - 300 1 oqmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - - - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - - - - smtp
-o smtp_fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - - - - showq
error unix - - - - - error
retry unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender
$recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
Auszug aus dem Log bei lokalem Versender und Empfänger
------------------------------------------------------
May 24 20:29:49 smtp02 postfix/smtpd[1521]: initializing the server-side
TLS engine
May 24 20:29:49 smtp02 postfix/smtpd[1521]: connect from unknown[10.5.29.31]
May 24 20:29:49 smtp02 postfix/smtpd[1521]: setting up TLS connection
from unknown[10.5.29.31]
May 24 20:29:49 smtp02 postfix/smtpd[1521]: unknown[10.5.29.31]: TLS
cipher list "ALL:!EXPORT:!LOW:+RC4:@STRENGTH"
May 24 20:29:49 smtp02 postfix/smtpd[1521]: SSL_accept:before/accept
initialization
May 24 20:29:49 smtp02 postfix/smtpd[1521]: SSL_accept:SSLv3 read client
hello B
May 24 20:29:49 smtp02 postfix/smtpd[1521]: SSL_accept:SSLv3 write
server hello A
May 24 20:29:49 smtp02 postfix/smtpd[1521]: SSL_accept:SSLv3 write
certificate A
May 24 20:29:49 smtp02 postfix/smtpd[1521]: SSL_accept:SSLv3 write key
exchange A
May 24 20:29:49 smtp02 postfix/smtpd[1521]: SSL_accept:SSLv3 write
server done A
May 24 20:29:49 smtp02 postfix/smtpd[1521]: SSL_accept:SSLv3 flush data
May 24 20:29:49 smtp02 postfix/smtpd[1521]: SSL_accept:SSLv3 read client
key exchange A
May 24 20:29:49 smtp02 postfix/smtpd[1521]: SSL_accept:SSLv3 read finished A
May 24 20:29:49 smtp02 postfix/smtpd[1521]: SSL_accept:SSLv3 write
session ticket A
May 24 20:29:49 smtp02 postfix/smtpd[1521]: SSL_accept:SSLv3 write
change cipher spec A
May 24 20:29:49 smtp02 postfix/smtpd[1521]: SSL_accept:SSLv3 write
finished A
May 24 20:29:49 smtp02 postfix/smtpd[1521]: SSL_accept:SSLv3 flush data
May 24 20:29:49 smtp02 postfix/smtpd[1521]: Anonymous TLS connection
established from unknown[10.5.29.31]: TLSv1 with cipher
DHE-RSA-AES256-SHA (256/256 bits)
May 24 20:29:49 smtp02 postfix/smtpd[1521]: 75DFD51FEF:
client=unknown[10.5.29.31]
May 24 20:29:49 smtp02 postfix/cleanup[1526]: 75DFD51FEF:
message-id=<4BFAC59C.1000604 at jasbafliesen.de>
May 24 20:29:49 smtp02 postfix/qmgr[1496]: 75DFD51FEF:
from=<mail at jasbafliesen.de>, size=685, nrcpt=1 (queue active)
May 24 20:29:49 smtp02 postfix/smtpd[1521]: disconnect from
unknown[10.5.29.31]
May 24 20:29:49 smtp02 postfix/virtual[1527]: 75DFD51FEF:
to=<post at grohnfliesen.de>, relay=virtual, delay=0.13,
delays=0.09/0.01/0/0.02, dsn=2.0.0, status=sent (delivered to maildir)
May 24 20:29:49 smtp02 postfix/qmgr[1496]: 75DFD51FEF: removed
Auszug aus dem Log bei einem externen Empfänger
-----------------------------------------------
May 24 20:40:25 smtp02 postfix/smtpd[1763]: initializing the server-side
TLS engine
May 24 20:40:25 smtp02 postfix/tlsmgr[1765]: open smtpd TLS cache
btree:/var/lib/postfix/smtpd_scache
May 24 20:40:25 smtp02 postfix/tlsmgr[1765]: tlsmgr_cache_run_event:
start TLS smtpd session cache cleanup
May 24 20:40:25 smtp02 postfix/smtpd[1763]: connect from unknown[10.5.29.31]
May 24 20:40:25 smtp02 postfix/smtpd[1763]: setting up TLS connection
from unknown[10.5.29.31]
May 24 20:40:25 smtp02 postfix/smtpd[1763]: unknown[10.5.29.31]: TLS
cipher list "ALL:!EXPORT:!LOW:+RC4:@STRENGTH"
May 24 20:40:25 smtp02 postfix/smtpd[1763]: SSL_accept:before/accept
initialization
May 24 20:40:25 smtp02 postfix/smtpd[1763]: SSL_accept:SSLv3 read client
hello B
May 24 20:40:25 smtp02 postfix/smtpd[1763]: SSL_accept:SSLv3 write
server hello A
May 24 20:40:25 smtp02 postfix/smtpd[1763]: SSL_accept:SSLv3 write
certificate A
May 24 20:40:25 smtp02 postfix/smtpd[1763]: SSL_accept:SSLv3 write key
exchange A
May 24 20:40:25 smtp02 postfix/smtpd[1763]: SSL_accept:SSLv3 write
server done A
May 24 20:40:25 smtp02 postfix/smtpd[1763]: SSL_accept:SSLv3 flush data
May 24 20:40:25 smtp02 postfix/smtpd[1763]: SSL_accept:SSLv3 read client
key exchange A
May 24 20:40:25 smtp02 postfix/smtpd[1763]: SSL_accept:SSLv3 read finished A
May 24 20:40:25 smtp02 postfix/smtpd[1763]: SSL_accept:SSLv3 write
session ticket A
May 24 20:40:25 smtp02 postfix/smtpd[1763]: SSL_accept:SSLv3 write
change cipher spec A
May 24 20:40:25 smtp02 postfix/smtpd[1763]: SSL_accept:SSLv3 write
finished A
May 24 20:40:25 smtp02 postfix/smtpd[1763]: SSL_accept:SSLv3 flush data
May 24 20:40:25 smtp02 postfix/smtpd[1763]: Anonymous TLS connection
established from unknown[10.5.29.31]: TLSv1 with cipher
DHE-RSA-AES256-SHA (256/256 bits)
May 24 20:40:26 smtp02 postfix/cleanup[1769]: 0360E51FEF:
message-id=<20100524184026.0360E51FEF at smtp02.serverfreak.net>
May 24 20:40:26 smtp02 postfix/qmgr[1760]: 0360E51FEF:
from=<double-bounce at smtp02.serverfreak.net>, size=287, nrcpt=1 (queue
active)
May 24 20:40:26 smtp02 postfix/smtp[1770]: 0360E51FEF:
to=<pw at wk-serv.de>, relay=mail.wk-serv.de[83.149.68.7]:25, delay=0.44,
delays=0/0.01/0.08/0.34, dsn=2.0.0, status=deliverable (250 ok)
May 24 20:40:26 smtp02 postfix/qmgr[1760]: 0360E51FEF: removed
May 24 20:40:29 smtp02 postfix/smtpd[1763]: NOQUEUE: reject: RCPT from
unknown[10.5.29.31]: 554 5.7.1 <pw at wk-serv.de>: Relay access denied;
from=<mail at jasbafliesen.de> to=<pw at wk-serv.de> proto=ESMTP
helo=<[10.5.29.31]>
May 24 20:40:32 smtp02 postfix/smtpd[1763]: disconnect from
unknown[10.5.29.31]
Mehr Informationen über die Mailingliste Postfixbuch-users