[linux] SMTP autorizacia v postfixe cez cyrus-sasl

Matus Horvath matus na mujmail.cz
Čtvrtek Září 16 15:21:01 CEST 2004 

Friday, August 6, 2004, 8:44:01 AM, you wrote:

Hi,

problem moze byt v tom ze postfix casto bezi chrootnuty, takze hlada
subory pod svojim vlastnym root directory (nie /etc/sasldb2 ale napr.
/var/...../etc/sasldb2). Ak chces zrusit chroot, robi sa to v
/etc/postfix/master.cf. Alebo mozes sasldb2 premiestnit/hardlinknut
tam kde ho hlada postfix.

(Ok, viem ze je toto mesiac stara otazka, ale mam teraz trochu volno
tak pozeram mejly co som nestihol doteraz ;).

Matus

OS> Ahojte,


OS> pokusam sa rozbehat smtp autorizaciu v postfixe na fedore 1. Mam 
OS> nakonfigurovany postfix takto:

OS> # cat /etc/postfix/main.cf |grep -v "^#" |tr -s '\n'

OS> queue_directory = /var/spool/postfix
OS> command_directory = /usr/sbin
OS> daemon_directory = /usr/libexec/postfix
OS> mail_owner = postfix
OS> myhostname = mail.firma.sk
OS> mydomain = firma.sk
OS> myorigin = $mydomain
OS> inet_interfaces = all
OS> mydestination = $mydomain, $myhostname, localhost.$mydomain
OS> unknown_local_recipient_reject_code = 450
OS> mynetworks = 192.168.1.0/24, 192.168.2.0/24, 192.168.3.0/24, 127.0.0.0/8
OS> relay_domains = firma.sk
OS> alias_maps = hash:/etc/postfix/aliases
OS> home_mailbox = Maildir/
OS> debug_peer_level = 2
OS> debugger_command =
OS>           PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
OS>           xxgdb $daemon_directory/$process_name $process_id & sleep 5
OS> sendmail_path = /usr/sbin/sendmail.postfix
OS> newaliases_path = /usr/bin/newaliases.postfix
OS> mailq_path = /usr/bin/mailq.postfix
OS> setgid_group = postdrop
OS> manpage_directory = /usr/share/man
OS> sample_directory = /usr/share/doc/postfix-2.0.16/samples
OS> readme_directory = /usr/share/doc/postfix-2.0.16/README_FILES
OS> alias_database = hash:/etc/postfix/aliases
OS> mailbox_size_limit = 512000000

OS> smtpd_sasl_auth_enable = yes
OS> smtpd_sasl_security_options = noanonymous
OS> smtpd_sasl_local_domain = $myhostname
OS> broken_sasl_auth_clients = yes
OS> smtpd_recipient_restrictions = permit_mynetworks,
OS>   reject_unauth_destination, permit_sasl_authenticated,
OS>   reject_unknown_recipient_domain

OS> content_filter = amavis:
OS> virtual_alias_maps = hash:/etc/postfix/virtual
OS> masquerade_domains = firma.sk
OS> masquerade_exceptions = root
OS> maps_rbl_domains = blackholes.mail-abuse.org, rbl.maps.vix.com,
OS>          orbs.dorkslayers.com, orbz.gst-group.co.uk,
OS>          relays.osirusoft.com, relays.ordb.org,
OS>          inputs.orbz.org, outputs.orbz.org


OS> # ps axu |grep sasl
OS> root     13645  0.0  0.1  3720  576 ?        S    07:41   0:00 
OS> /usr/sbin/saslauthd -m /var/run/saslauthd -a pam
OS> root     13646  0.0  0.1  3764  828 ?        S    07:41   0:00 
OS> /usr/sbin/saslauthd -m /var/run/saslauthd -a pam
OS> root     13647  0.0  0.1  3764  828 ?        S    07:41   0:00 
OS> /usr/sbin/saslauthd -m /var/run/saslauthd -a pam
OS> root     13648  0.0  0.1  3720  576 ?        S    07:41   0:00 
OS> /usr/sbin/saslauthd -m /var/run/saslauthd -a pam
OS> root     13649  0.0  0.1  3720  576 ?        S    07:41   0:00 
OS> /usr/sbin/saslauthd -m /var/run/saslauthd -a pam


OS> # cat /usr/lib/sasl2/smtpd.conf
OS> pwcheck_method: saslauthd


OS> Ked sa pokusam poslat mail, v logoch vidim:

OS> Aug  6 07:01:14 mail postfix/smtpd[12798]: connect from 
OS> unknown[213.215.79.23]

OS> Aug  6 07:01:22 mail postfix/smtpd[12798]: warning: SASL authentication
OS> problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
OS> Aug  6 07:01:22 mail postfix/smtpd[12798]: warning: SASL authentication
OS> problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
OS> Aug  6 07:01:22 mail postfix/smtpd[12798]: warning: SASL authentication
OS> failure: no secret in database
OS> Aug  6 07:01:22 mail postfix/smtpd[12798]: warning: 
OS> unknown[213.215.79.23]: SASL CRAM-MD5 authentication failed

OS> Aug  6 07:01:23 mail postfix/smtpd[12798]: warning: SASL authentication
OS> problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
OS> Aug  6 07:01:23 mail postfix/smtpd[12798]: warning: SASL authentication
OS> problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
OS> Aug  6 07:01:25 mail postfix/smtpd[12798]: warning: SASL authentication
OS> failure: Password verification failed
OS> Aug  6 07:01:25 mail postfix/smtpd[12798]: warning: 
OS> unknown[213.215.79.23]: SASL PLAIN authentication failed

OS> Aug  6 07:01:26 mail postfix/smtpd[12798]: warning: SASL authentication
OS> problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
OS> Aug  6 07:01:26 mail postfix/smtpd[12798]: warning: SASL authentication
OS> problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
OS> Aug  6 07:01:29 mail postfix/smtpd[12798]: warning: 
OS> unknown[213.215.79.23]: SASL LOGIN authentication failed

OS> Aug  6 07:07:24 manex postfix/smtpd[12798]: disconnect from 
OS> unknown[213.215.79.23]

OS> Z logov vidiet, ze postupne skusa CRAM-MD5, PLAIN a nakoniec LOGIN.
OS> Snazim sa nakonfigurovat SASL tak, aby pouzival /etc/shadow subor ako
OS> databazu uzivatelov.

OS> Vidite niekde chybu?

OS> Vdaka vopred za nakopnutie...

OS> Oskar

OS> _______________________________________________
OS> http://lists.linux.sk/listinfo/linux
OS> Prehladavanie archivu: http://search.lists.linux.sk
OS> Meta FAQ: http://faq.lists.linux.sk






Matus Horvath

/\/\ /-\ "|" \_/ $    ]-[ () |^ \/ /-\ "|" ]-[
ICQ: 33936477
mailto:Matus.Horvath na nextra.sk
http://www.elf.stuba.sk/~horvathm

Další informace o konferenci linux