[Postfixbuch-users] Sasl Auth Problem Relay access denied

Patrick Ben Koetter p at state-of-mind.de
Mi Jun 20 15:06:29 CEST 2007


* Bernhard Schneider <mail at sb-webdesign.de>:
>  
> Hallo Patrick die gewünschten daten
> 
> box79146:~ # sasldblistusers2
> bernhard at boerny.org: userPassword
> 
> box79146:~ # ls -al /etc/sasldb2
> -rwxrwxrwx  1 root root 12288 Jun 20 14:30 /etc/sasldb2

Gut. Kann sich "bernhard at boerny.org" per telnet anmelden, wenn Du mit
gen-auth <http://www.jetmore.org/john/code/#gen-auth> einen PLAIN-Mechanismus
string bastelst?

$ telnet localhost 25
...
AUTH PLAIN <string>
...



> 
> 
> -----Original Message-----
> From: postfixbuch-users-bounces at listi.jpberlin.de
> [mailto:postfixbuch-users-bounces at listi.jpberlin.de] On Behalf Of Patrick
> Ben Koetter
> Sent: Wednesday, June 20, 2007 2:41 PM
> To: postfixbuch-users at listi.jpberlin.de
> Subject: Re: [Postfixbuch-users] Sasl Auth Problem Relay access denied
> 
> * mail at sb-webdesign.de <mail at sb-webdesign.de>:
> > Hallo Patrick
> > 
> > Der Genwünachte auszug aus saslfinger -s
> > 
> > saslfinger - postfix Cyrus sasl configuration Wed Jun 20 13:43:28 CEST 
> > 2007
> > version: 1.0.2
> > mode: server-side SMTP AUTH
> > 
> > -- basics --
> > Postfix: 2.2.5
> > System:
> > Welcome to SUSE LINUX 10.0 (i586) - Kernel \r (\l).
> > 
> > -- smtpd is linked to --
> >         libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x400ec000)
> > 
> > -- active SMTP AUTH and TLS parameters for smtpd -- 
> > broken_sasl_auth_clients = yes smtpd_sasl_auth_enable = yes 
> > smtpd_sasl_local_domain = box79146 smtpd_sasl_security_options = 
> > noanonymous smtpd_tls_auth_only = no smtpd_use_tls = no
> > 
> 
> 
> okay.
> 
> > 
> > -- listing of /usr/lib/sasl2 --
> > total 704
> > drwxr-xr-x   2 root root  4096 Jun 20 08:15 .
> > drwxr-xr-x  69 root root 20480 Jun 20 07:58 ..
> > -rwxr-xr-x   1 root root 13592 Sep  9  2005 libanonymous.so
> > -rwxr-xr-x   1 root root 13592 Sep  9  2005 libanonymous.so.2
> > -rwxr-xr-x   1 root root 13592 Sep  9  2005 libanonymous.so.2.0.21
> > -rwxr-xr-x   1 root root 15796 Sep  9  2005 libcrammd5.so
> > -rwxr-xr-x   1 root root 15796 Sep  9  2005 libcrammd5.so.2
> > -rwxr-xr-x   1 root root 15796 Sep  9  2005 libcrammd5.so.2.0.21
> > -rwxr-xr-x   1 root root 43416 Sep  9  2005 libdigestmd5.so
> > -rwxr-xr-x   1 root root 43416 Sep  9  2005 libdigestmd5.so.2
> > -rwxr-xr-x   1 root root 43416 Sep  9  2005 libdigestmd5.so.2.0.21
> > -rwxr-xr-x   1 root root 25336 Sep  9  2005 libgssapiv2.so
> > -rwxr-xr-x   1 root root 25336 Sep  9  2005 libgssapiv2.so.2
> > -rwxr-xr-x   1 root root 25336 Sep  9  2005 libgssapiv2.so.2.0.21
> > -rwxr-xr-x   1 root root 14420 Sep  9  2005 liblogin.so
> > -rwxr-xr-x   1 root root 14420 Sep  9  2005 liblogin.so.2
> > -rwxr-xr-x   1 root root 14420 Sep  9  2005 liblogin.so.2.0.21
> > -rwxr-xr-x   1 root root 45020 Sep  9  2005 libotp.so
> > -rwxr-xr-x   1 root root 45020 Sep  9  2005 libotp.so.2
> > -rwxr-xr-x   1 root root 45020 Sep  9  2005 libotp.so.2.0.21
> > -rwxr-xr-x   1 root root 14420 Sep  9  2005 libplain.so
> > -rwxr-xr-x   1 root root 14420 Sep  9  2005 libplain.so.2
> > -rwxr-xr-x   1 root root 14420 Sep  9  2005 libplain.so.2.0.21
> > -rwxr-xr-x   1 root root 18756 Sep  9  2005 libsasldb.so
> > -rwxr-xr-x   1 root root 18756 Sep  9  2005 libsasldb.so.2
> > -rwxr-xr-x   1 root root 18756 Sep  9  2005 libsasldb.so.2.0.21
> > -rwxr-xr-x   1 root root 21932 Sep  9  2005 libsql.so
> > -rwxr-xr-x   1 root root 21932 Sep  9  2005 libsql.so.2
> > -rwxr-xr-x   1 root root 21932 Sep  9  2005 libsql.so.2.0.21
> > -rw-------   1 root root   127 Jun 20 08:15 smtpd.conf
> > -rw-------   1 root root    58 Jun 20 08:15 smtpd.conf~
> > 
> 
> okay.
> 
> > 
> > 
> > 
> > -- content of /usr/lib/sasl2/smtpd.conf -- #pwcheck_method:auxprob # 
> > saslauthd
> > mech_list: plain
> > # login
> > # erunen nach sandy
> > pwcheck_method: auxprop
> > auxprop_plugin: sasldb
> 
> Kannst Du bei sasldb wie folgt machen:
> 
> pwcheck_method: auxprop
> auxprop_plugin: sasldb
> mech_list: plain login cram-md5 digest-md5
> 
> 
> > -- active services in /etc/postfix/master.cf -- # service type  
> > private unpriv  chroot  wakeup  maxproc command + args
> > #               (yes)   (yes)   (yes)   (never) (100)
> > smtp      inet  n       -       n       -       -       smtpd
> 
> okay.
> 
> > -- mechanisms on localhost --
> 
> Mach mal folgendes:
> 
> $ ls -al /etc/sasldb2
> 
> Und dann:
> 
> $ sasldblistusers2
> 
> 
> Dann sollten wir alle Daten zusammenhaben, um eine Aussage zu machen.
> 
> p at rick
> 
> --
> Postfix - Einrichtung, Betrieb und Wartung <http://www.postfix-buch.com>
> saslfinger (debugging SMTP AUTH):
> <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
> --
> _______________________________________________
> Postfixbuch-users -- http://www.postfixbuch.de Heinlein Professional Linux
> Support GmbH
> 
> Postfixbuch-users at listi.jpberlin.de
> https://listi.jpberlin.de/mailman/listinfo/postfixbuch-users
> 
> -- 
> _______________________________________________
> Postfixbuch-users -- http://www.postfixbuch.de
> Heinlein Professional Linux Support GmbH
> 
> Postfixbuch-users at listi.jpberlin.de
> https://listi.jpberlin.de/mailman/listinfo/postfixbuch-users

-- 
Postfix - Einrichtung, Betrieb und Wartung
<http://www.postfix-buch.com>
saslfinger (debugging SMTP AUTH):
<http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>



Mehr Informationen über die Mailingliste Postfixbuch-users