[Postfixbuch-users] SASL ueber TLS

Markus Ebel me at hamtec.de
Di Jun 1 15:30:03 CEST 2004 

Hallo,

ich versuche gerade SASL ueber TLS mit Postfix und amavisd-new 
ans laufen zu bringen.

Ich scheitere hierbei mit folgender Fehlermeldung:

Jun  1 14:13:24 mail amavis[2927]: (02927-04) mail_via_smtp: 530 
5.5.0 Rejected by MTA: 530 Must issue a STARTTLS command first, 
id=02927-04
Jun  1 14:13:24 mail amavis[2927]: (02927-04) Not-Delivered, <me-at-
hamtec.de> -> <vs-at-firmenprovider.de>, Message-ID: 
<40BC8F07.23261.151313B at localhost>, Hits: -
4.901
Jun  1 14:13:24 mail postfix/smtp[3061]: E3D626F5F: to=<vs-at-
firmenprovider.de>, orig_to=<vs-at-hamtec.de>, 
relay=127.0.0.1[127.0.0.1], delay=2, status=bounced (ho
st 127.0.0.1[127.0.0.1] said: 530 5.5.0 Rejected by MTA: 530 Must 
issue a STARTTLS command first, id=02927-04 (in reply to end of DATA 
command))


Hier sind die Einstellungen die ich getätigt habe.

------ main.cf ---------
smtpd_recipient_restrictions = permit_mynetworks, 
permit_sasl_authenticated, check_client_access hash:/etc/postfix/pop-
before-smtp, reject_unauth_destination

smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_use_tls = yes
smtpd_enforce_tls = yes
smtpd_tls_auth_only = yes
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain =
smtp_sasl_auth_enable = no
------------------------


------ master.cf -------
smtp-amavis unix -      -       n       -       4       smtp
    -o smtp_data_done_timeout=1200
    -o disable_dns_lookups=yes
127.0.0.1:10025 inet n  -       n       -       -       smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_client_restrictions=
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks=127.0.0.0/8
    -o strict_rfc821_envelopes=yes
    -o smtpd_tls_auth_only=no
------------------------

Hat jemand einen Tipp fuer mich ? oder zwei oder drei ??

vielen Dank

Markus

Mehr Informationen über die Mailingliste Postfixbuch-users