[Postfixbuch-users] SMTP_AUTH

Silvio Siefke listen at silvio-siefke.de
So Okt 24 20:31:23 CEST 2004


* Andreas Winkelmann schrieb am 24.10.2004

> Womit die Frage "saslauthd oder sasldb?" immernoch nicht geklärt wäre.

Stimmt, besser wüde es mir gefallen wenn er auf die Linux
Benutzerdatenbank zurückgreift, was aber soweit ich das verstanden habe,
auch auf Kosten der Sicherheit geschieht. Weiter habe ich das so verstanden,
das man die saslauthd nutzen muss um den Kontakt zur Datenbank zu bekommen.

Meine Einrichtung bisher:
h4532:/etc# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
biff = no
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/lib/postfix
disable_vrfy_command = yes
home_mailbox = Maildir/
mail_owner = postfix
mailbox_size_limit = 51200000
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.serverkompetenz.net, , localhost
myhostname = h4532.serverkompetenz.net
mynetworks = 127.0.0.0/8, 81.169.169.0/24
newaliases_path = /usr/bin/newaliases
readme_directory = no
recipient_canonical_maps = hash:/etc/postfix/canonical
recipient_delimiter = +
relocated_maps = hash:/etc/postfix/relocated
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtp_sasl_security_options = noanonymous, noplaintext
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_recipient_restrictions =
reject_unknown_sender_domain,
reject_non_fqdn_senderpermit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
check_sender_access hash:/etc/postfix/sender_access,
check_sender_access hash:/etc/postfix/access
check_recipient_access hash:/etc/postfix/recipient_access,
reject_rbl_client dul.dnsbl.sorbs.net
reject_rbl_client ix.dnsbl.manitu.net
reject_rbl_client cbl.abuseat.org
reject_rbl_client sbl.spamhaus.org
reject_rbl_client list.dsbl.org
reject_rbl_client relays.ordb.org
reject_rbl_client opm.blitzed.org
reject_rhsbl_client blackhole.securitysage.com
reject_rhsbl_sender blackhole.securitysage.com
permit
smtpd_sasl_auth_enable = yes
strict_rfc821_envelopes = yes

/etc/postfix/sasl/smtpd.conf
pwcheck_method: saslauth

/etc/default/saslauthd
# This needs to be uncommented before saslauthd will be run automatically
START=yes
# You must specify the authentication mechanisms you wish to use.
# This defaults to "pam" for PAM support, but may also include
# "shadow" or "sasldb", like this:
# MECHANISMS="pam shadow"
MECHANISMS="sasldb"


Mit freundlichen Grüßen
Silvio Siefke




Mehr Informationen über die Mailingliste Postfixbuch-users