[Postfixbuch-users] smtpd und saslauth wollen nicht, wie ich will

Andreas Winkelmann ml at awinkelmann.de
Mi Mai 23 18:52:07 CEST 2007


On Wednesday 23 May 2007 13:13, Michael Krauth wrote:

> > Vielleicht noch saslfinger (downloaden und das script ausführen?).
>
> Aber gerne:
>
> # /temp/saslfinger-1.0.1/saslfinger -s
> saslfinger - postfix Cyrus sasl configuration Mi 23. Mai 13:09:28 CEST 2007
> version: 1.0.1
> mode: server-side SMTP AUTH
>
> -- basics --
> Postfix: 2.3.8
> System: Debian GNU/Linux 4.0 \n \l
>
> -- smtpd is linked to --
>         libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7dac000)
>
> -- active SMTP AUTH and TLS parameters for smtpd --
> broken_sasl_auth_clients = yes
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_local_domain = $myhostname
> smtpd_sasl_security_options = noanonymous
> smtpd_tls_auth_only = no
>
>
> -- listing of /usr/lib/sasl2 --
> insgesamt 700
> drwxr-xr-x  2 root root  4096 2007-05-23 09:51 .
> drwxr-xr-x 54 root root 20480 2007-05-22 19:34 ..
> -rw-r--r--  1 root root 13304 2006-12-13 22:26 libanonymous.a
> -rw-r--r--  1 root root   855 2006-12-13 22:26 libanonymous.la
> -rw-r--r--  1 root root 12844 2006-12-13 22:26 libanonymous.so
> -rw-r--r--  1 root root 12844 2006-12-13 22:26 libanonymous.so.2
> -rw-r--r--  1 root root 12844 2006-12-13 22:26 libanonymous.so.2.0.22
> -rw-r--r--  1 root root 15502 2006-12-13 22:26 libcrammd5.a
> -rw-r--r--  1 root root   841 2006-12-13 22:26 libcrammd5.la
> -rw-r--r--  1 root root 15052 2006-12-13 22:26 libcrammd5.so
> -rw-r--r--  1 root root 15052 2006-12-13 22:26 libcrammd5.so.2
> -rw-r--r--  1 root root 15052 2006-12-13 22:26 libcrammd5.so.2.0.22
> -rw-r--r--  1 root root 46320 2006-12-13 22:26 libdigestmd5.a
> -rw-r--r--  1 root root   864 2006-12-13 22:26 libdigestmd5.la
> -rw-r--r--  1 root root 43040 2006-12-13 22:26 libdigestmd5.so
> -rw-r--r--  1 root root 43040 2006-12-13 22:26 libdigestmd5.so.2
> -rw-r--r--  1 root root 43040 2006-12-13 22:26 libdigestmd5.so.2.0.22
> -rw-r--r--  1 root root 13482 2006-12-13 22:26 liblogin.a
> -rw-r--r--  1 root root   835 2006-12-13 22:26 liblogin.la
> -rw-r--r--  1 root root 13384 2006-12-13 22:26 liblogin.so
> -rw-r--r--  1 root root 13384 2006-12-13 22:26 liblogin.so.2
> -rw-r--r--  1 root root 13384 2006-12-13 22:26 liblogin.so.2.0.22
> -rw-r--r--  1 root root 29300 2006-12-13 22:26 libntlm.a
> -rw-r--r--  1 root root   829 2006-12-13 22:26 libntlm.la
> -rw-r--r--  1 root root 28776 2006-12-13 22:26 libntlm.so
> -rw-r--r--  1 root root 28776 2006-12-13 22:26 libntlm.so.2
> -rw-r--r--  1 root root 28776 2006-12-13 22:26 libntlm.so.2.0.22
> -rw-r--r--  1 root root 13818 2006-12-13 22:26 libplain.a
> -rw-r--r--  1 root root   835 2006-12-13 22:26 libplain.la
> -rw-r--r--  1 root root 13992 2006-12-13 22:26 libplain.so
> -rw-r--r--  1 root root 13992 2006-12-13 22:26 libplain.so.2
> -rw-r--r--  1 root root 13992 2006-12-13 22:26 libplain.so.2.0.22
> -rw-r--r--  1 root root 21726 2006-12-13 22:26 libsasldb.a
> -rw-r--r--  1 root root   856 2006-12-13 22:25 libsasldb.la
> -rw-r--r--  1 root root 17980 2006-12-13 22:26 libsasldb.so
> -rw-r--r--  1 root root 17980 2006-12-13 22:26 libsasldb.so.2
> -rw-r--r--  1 root root 17980 2006-12-13 22:26 libsasldb.so.2.0.22
>
> -- content of /etc/postfix/sasl/smtpd.conf --
> pwcheck_method: auxprop
> auxprop_plugin: sql

Du hast das Cyrus-SASL sql Auxprop Plugin konfiguriert aber nicht installiert.

Das ist schlecht.

Also entscheiden, ob Du es wirklich benutzen willst, dann installiere es. Oder 
wenn Du saslauthd benutzen willst, dann wäre in der smtpd.conf der 
Einstiegspunkt.

> mech_list: cram-md5 digest-md5 ntlm plain login
> allow_plaintext: yes
> sql_engine: mysql
> sql_hostnames: 127.0.0.1
> sql_user: --- replaced ---
> sql_passwd: --- replaced ---
> sql_database: mailserver
> sql_select: SELECT password FROM users WHERE email='%u@%r'
> log_level: 5
>
>
> -- active services in /etc/postfix/master.cf --
> # service type  private unpriv  chroot  wakeup  maxproc command + args
> #               (yes)   (yes)   (yes)   (never) (100)
> smtp      inet  n       -       -       -       -       smtpd

Ist im chroot. Für saslauthd wichtig, bei obiger smtpd.conf mit installiertem 
libsql.* eher nebensächlich.

> pickup    fifo  n       -       -       60      1       pickup
> cleanup   unix  n       -       -       -       0       cleanup
> qmgr      fifo  n       -       n       300     1       qmgr
> tlsmgr    unix  -       -       -       1000?   1       tlsmgr
> rewrite   unix  -       -       -       -       -       trivial-rewrite
> bounce    unix  -       -       -       -       0       bounce
> defer     unix  -       -       -       -       0       bounce
> trace     unix  -       -       -       -       0       bounce
> verify    unix  -       -       -       -       1       verify
> flush     unix  n       -       -       1000?   0       flush
> proxymap  unix  -       -       n       -       -       proxymap
> smtp      unix  -       -       -       -       -       smtp
> relay     unix  -       -       -       -       -       smtp
>         -o fallback_relay=
> showq     unix  n       -       -       -       -       showq
> error     unix  -       -       -       -       -       error
> discard   unix  -       -       -       -       -       discard
> local     unix  -       n       n       -       -       local
> virtual   unix  -       n       n       -       -       virtual
> lmtp      unix  -       -       -       -       -       lmtp
> anvil     unix  -       -       -       -       1       anvil
> scache    unix  -       -       -       -       1       scache
> maildrop  unix  -       n       n       -       -       pipe
>   flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
> uucp      unix  -       n       n       -       -       pipe
>   flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
> ($recipient)
> ifmail    unix  -       n       n       -       -       pipe
>   flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
> bsmtp     unix  -       n       n       -       -       pipe
>   flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender
> $recipient
> scalemail-backend unix  -       n       n       -       2       pipe
>   flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
> ${nexthop} ${user} ${extension}
> mailman   unix  -       n       n       -       -       pipe
>   flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
>   ${nexthop} ${user}
>
> -- mechanisms on localhost --
> 250-AUTH NTLM PLAIN CRAM-MD5 LOGIN DIGEST-MD5
> 250-AUTH=NTLM PLAIN CRAM-MD5 LOGIN DIGEST-MD5
>
> -- end of saslfinger output --
>
>
> Grüße,
> Michael

-- 
	Andreas



Mehr Informationen über die Mailingliste Postfixbuch-users