vtigerCRM - 503 5.5.1 Error: authentication not enabled
Andre Pirot
andre.pirot at gmx.de
Mi Jan 20 08:59:23 CET 2016
Guten Morgen,
ich versuche in vtigerCRM meinen Postfix/Dovecot-Server als SMTP-Server einzurichten. In vtigerCRM habe ich die Möglichkeit, "Server Name", "User Name", "Password", "From Email" und "Requires Authentication" anzugeben, aber keinen Port 25, 465 oder 587. Mein Postfix erwartet die Authentifizierung auf 587. Jetzt habe ich unter mynetworks explizit 192.168.1.0/24 angegeben, weil der crm-Server auf 192.168.1.7 liegt, währende Postfix auf 192.168.1.3.
Wenn ich in vtigerCRM die Mailserver-Einstellungen abschicken sehe ich:
Jan 20 08:34:01 mail postfix/smtpd[17231]: input attribute name: (end)
Jan 20 08:34:01 mail postfix/smtpd[17231]: connection established
Jan 20 08:34:01 mail postfix/smtpd[17231]: master_notify: status 0
Jan 20 08:34:01 mail postfix/smtpd[17231]: name_mask: resource
Jan 20 08:34:01 mail postfix/smtpd[17231]: name_mask: software
Jan 20 08:34:01 mail postfix/smtpd[17231]: connect from unknown[192.168.1.7]
Jan 20 08:34:01 mail postfix/smtpd[17231]: match_list_match: unknown: no match
Jan 20 08:34:01 mail postfix/smtpd[17231]: match_list_match: 192.168.1.7: no match
Jan 20 08:34:01 mail postfix/smtpd[17231]: match_list_match: unknown: no match
Jan 20 08:34:01 mail postfix/smtpd[17231]: match_list_match: 192.168.1.7: no match
Jan 20 08:34:01 mail postfix/smtpd[17231]: smtp_stream_setup: maxtime=300 enable_deadline=0
Jan 20 08:34:01 mail postfix/smtpd[17231]: match_hostname: unknown ~? 127.0.0.0/8
Jan 20 08:34:01 mail postfix/smtpd[17231]: match_hostaddr: 192.168.1.7 ~? 127.0.0.0/8
Jan 20 08:34:01 mail postfix/smtpd[17231]: match_hostname: unknown ~? [::ffff:127.0.0.0]/104
Jan 20 08:34:01 mail postfix/smtpd[17231]: match_hostaddr: 192.168.1.7 ~? [::ffff:127.0.0.0]/104
Jan 20 08:34:01 mail postfix/smtpd[17231]: match_hostname: unknown ~? [::1]/128
Jan 20 08:34:01 mail postfix/smtpd[17231]: match_hostaddr: 192.168.1.7 ~? [::1]/128
Jan 20 08:34:01 mail postfix/smtpd[17231]: match_hostname: unknown ~? 192.168.1.0/24
Jan 20 08:34:01 mail postfix/smtpd[17231]: match_hostaddr: 192.168.1.7 ~? 192.168.1.0/24
Jan 20 08:34:01 mail postfix/smtpd[17231]: > unknown[192.168.1.7]: 220 mail.example.com
Jan 20 08:34:01 mail postfix/smtpd[17231]: < unknown[192.168.1.7]: EHLO 192.168.1.7
Jan 20 08:34:01 mail postfix/smtpd[17231]: match_list_match: unknown: no match
Jan 20 08:34:01 mail postfix/smtpd[17231]: match_list_match: 192.168.1.7: no match
Jan 20 08:34:01 mail postfix/smtpd[17231]: > unknown[192.168.1.7]: 250-mail.example.com
Jan 20 08:34:01 mail postfix/smtpd[17231]: > unknown[192.168.1.7]: 250-PIPELINING
Jan 20 08:34:01 mail postfix/smtpd[17231]: > unknown[192.168.1.7]: 250-SIZE 26214400
Jan 20 08:34:01 mail postfix/smtpd[17231]: > unknown[192.168.1.7]: 250-ETRN
Jan 20 08:34:01 mail postfix/smtpd[17231]: > unknown[192.168.1.7]: 250-STARTTLS
Jan 20 08:34:01 mail postfix/smtpd[17231]: > unknown[192.168.1.7]: 250-ENHANCEDSTATUSCODES
Jan 20 08:34:01 mail postfix/smtpd[17231]: > unknown[192.168.1.7]: 250-8BITMIME
Jan 20 08:34:01 mail postfix/smtpd[17231]: > unknown[192.168.1.7]: 250 DSN
Jan 20 08:34:01 mail postfix/smtpd[17231]: < unknown[192.168.1.7]: AUTH LOGIN
Jan 20 08:34:01 mail postfix/smtpd[17231]: > unknown[192.168.1.7]: 503 5.5.1 Error: authentication not enabled
Jan 20 08:34:01 mail postfix/smtpd[17231]: < unknown[192.168.1.7]: quit
Jan 20 08:34:01 mail postfix/smtpd[17231]: > unknown[192.168.1.7]: 221 2.0.0 Bye
Jan 20 08:34:01 mail postfix/smtpd[17231]: match_hostname: unknown ~? 127.0.0.0/8
Jan 20 08:34:01 mail postfix/smtpd[17231]: match_hostaddr: 192.168.1.7 ~? 127.0.0.0/8
Jan 20 08:34:01 mail postfix/smtpd[17231]: match_hostname: unknown ~? [::ffff:127.0.0.0]/104
Jan 20 08:34:01 mail postfix/smtpd[17231]: match_hostaddr: 192.168.1.7 ~? [::ffff:127.0.0.0]/104
Jan 20 08:34:01 mail postfix/smtpd[17231]: match_hostname: unknown ~? [::1]/128
Jan 20 08:34:01 mail postfix/smtpd[17231]: match_hostaddr: 192.168.1.7 ~? [::1]/128
Jan 20 08:34:01 mail postfix/smtpd[17231]: match_hostname: unknown ~? 192.168.1.0/24
Jan 20 08:34:01 mail postfix/smtpd[17231]: match_hostaddr: 192.168.1.7 ~? 192.168.1.0/24
Jan 20 08:34:01 mail postfix/smtpd[17231]: disconnect from unknown[192.168.1.7]
Jan 20 08:34:01 mail postfix/smtpd[17231]: master_notify: status 1
Jan 20 08:34:01 mail postfix/smtpd[17231]: connection closed
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
bounce_queue_lifetime = 1d
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
disable_vrfy_command = yes
html_directory = /usr/share/doc/postfix/html
inet_interfaces = all
inet_protocols = all
mailbox_size_limit = 0
maximal_backoff_time = 1800s
maximal_queue_lifetime = 1d
message_size_limit = 26214400
milter_default_action = accept
milter_protocol = 6
minimal_backoff_time = 300s
mydestination = mail.example.com, localhost.example.com, localhost
myhostname = mail.example.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128, 192.168.1.0/24
myorigin = /etc/mailname
postscreen_access_list = permit_mynetworks, cidr:/etc/postfix/postscreen_access.cidr
postscreen_bare_newline_enable = no
postscreen_blacklist_action = drop
postscreen_cache_cleanup_interval = 24h
postscreen_cache_map = proxy:btree:$data_directory/postscreen_cache
postscreen_dnsbl_action = enforce
postscreen_dnsbl_sites = b.barracudacentral.org=127.0.0.2*7 dnsbl.inps.de=127.0.0.2*7 bl.mailspike.net=127.0.0.2*5 bl.mailspike.net=127.0.0.[10;11;12]*4 dnsbl.sorbs.net=127.0.0.10*8 dnsbl.sorbs.net=127.0.0.5*6 dnsbl.sorbs.net=127.0.0.7*3 dnsbl.sorbs.net=127.0.0.8*2 dnsbl.sorbs.net=127.0.0.6*2 dnsbl.sorbs.net=127.0.0.9*2 zen.spamhaus.org=127.0.0.[10;11]*8 zen.spamhaus.org=127.0.0.[4..7]*6 zen.spamhaus.org=127.0.0.3*4 zen.spamhaus.org=127.0.0.2*3 hostkarma.junkemailfilter.com=127.0.0.2*3 hostkarma.junkemailfilter.com=127.0.0.4*1 hostkarma.junkemailfilter.com=127.0.1.2*1 wl.mailspike.net=127.0.0.[18;19;20]*-2 hostkarma.junkemailfilter.com=127.0.0.1*-2
postscreen_dnsbl_threshold = 8
postscreen_dnsbl_ttl = 5m
postscreen_greet_action = enforce
postscreen_greet_banner = $smtpd_banner
postscreen_greet_ttl = 2d
postscreen_greet_wait = 3s
postscreen_non_smtp_command_enable = no
postscreen_pipelining_enable = no
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
queue_run_delay = 300s
readme_directory = /usr/share/doc/postfix
recipient_delimiter = +
relay_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_mxdomain_maps.cf
relay_recipient_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf
relayhost =
smtp_header_checks = pcre:/etc/postfix/mailcow_anonymize_headers.pcre
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_tls_cert_file = /etc/ssl/mail/mail.crt
smtp_tls_key_file = /etc/ssl/mail/mail.key
smtp_tls_loglevel = 1
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname
smtpd_data_restrictions = reject_unauth_pipelining, permit
smtpd_delay_reject = yes
smtpd_error_sleep_time = 10s
smtpd_hard_error_limit = ${stress?1}${stress:5}
smtpd_helo_required = yes
smtpd_proxy_timeout = 600s
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, reject_unknown_reverse_client_hostname, reject_unauth_destination
smtpd_restriction_classes = z1_greylisting
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = private/auth_dovecot
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_sender_acl.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf
smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch, permit_mynetworks, reject_sender_login_mismatch, permit_sasl_authenticated, reject_unlisted_sender, reject_unknown_sender_domain
smtpd_soft_error_limit = 3
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/mail/mail.crt
smtpd_tls_dh1024_param_file = /etc/ssl/mail/dhparams.pem
smtpd_tls_eecdh_grade = strong
smtpd_tls_exclude_ciphers = ECDHE-RSA-RC4-SHA
smtpd_tls_key_file = /etc/ssl/mail/mail.key
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_ciphers = high
smtpd_tls_mandatory_exclude_ciphers = ECDHE-RSA-RC4-SHA
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
tls_high_cipherlist = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
virtual_alias_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_spamalias_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /var/vmail/
virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf
virtual_minimum_uid = 104
virtual_transport = lmtp:unix:private/dovecot-lmtp
virtual_uid_maps = static:5000
z1_greylisting = permit_dnswl_client list.dnswl.org, check_policy_service inet:127.0.0.1:10023
Liegt die Unfähigkeit des Authentifizierens daran, dass 587 nicht angesprochen wird? Deswegen hatte ich eigentlich mynetworks entsprechend erweitert, damit Port 25 gilt. Oder liegt das an der Verschlüsselung des Passwortes? Ich trage das Passwort in vtigerCRM im Klartext ein und nutze als Benutzernamen die Form user at example.com.
Wie sähe die Authenfitierung auf einem Postfix auf 192.168.1.7 aus, wenn dieser nur als SMTP-Relay an mail.example.com (192.168.1.2) senden können soll? Hier würde ich einen spartanische Postfix-Konfiguration einrichten.
Grüße
Andre
Mehr Informationen über die Mailingliste Postfixbuch-users