[Postfixbuch-users] SMTP-AUTH saslauthd (shadow)

Dejan (Postfix) postfix at kabelplus.at
Mo Mai 12 13:33:58 CEST 2014 

Hallo Leute,

brauche wieder eure Hilfe, komm leider nicht weiter… Diesmal hapert es bei der Authentifizierung.

So klappt die Authentifizierung:
root at c5773:~# testsaslauthd -u dejan -p xxxxxxxx
0: OK "Success."

System: 
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=13.10
DISTRIB_CODENAME=saucy
DISTRIB_DESCRIPTION="Ubuntu 13.10"

/usr/lib/sasl2/smtpd.conf 

# Global parameters

# Detailgrad der Protokolierung
log_level: 3

# Password-Check-Methode bestimmen
pwcheck_method: saslauthd
# Liste anzubietender Mechanismen
mech_list: PLAIN LOGIN
saslauthd_path: /var/run/saslauthd/mux

/etc/postfix/main.cf 

# SMTP Auth aktivieren
smtpd_sasl_auth_enable = yes
# Sicherheitseinstellungen für Mechanismen
smtpd_sasl_security_options = noanonymous
# Unterstützung für nicht standardkonforme Clients
broken_sasl_auth_clients = yes

smtpd_recipient_restrictions =
        permit_sasl_authenticated
        permit_mynetworks
        reject_unauth_destination
        permit

saslauthd -v
saslauthd 2.1.25
authentication mechanisms: sasldb getpwent kerberos5 pam rimap shadow ldap

saslauthd -a shadow -d

saslauthd[14648] :main            : num_procs  : 5
saslauthd[14648] :main            : mech_option: NULL
saslauthd[14648] :main            : run_path   : /var/run/saslauthd
saslauthd[14648] :main            : auth_mech  : shadow
saslauthd[14648] :ipc_init        : using accept lock file: /var/run/saslauthd/mux.accept
saslauthd[14648] :detach_tty      : master pid is: 0
saslauthd[14648] :ipc_init        : listening on socket: /var/run/saslauthd/mux
saslauthd[14648] :main            : using process model
saslauthd[14648] :have_baby       : forked child: 14649
saslauthd[14648] :have_baby       : forked child: 14650
saslauthd[14648] :have_baby       : forked child: 14651
saslauthd[14648] :have_baby       : forked child: 14652

Hier habt Ihr die telnet Verbindung zum Server und die Log-Files dazu, hoffe Ihr findet den Fehler.

root at c5773:~# telnet mail.rasic.priv.at 25
Trying 81.16.32.24...
Connected to mail.rasic.priv.at.
Escape character is '^]'.
220 c5773.vserver.aic.at ESMTP Postfix (Ubuntu)

May 12 13:12:52 c5773 postfix/smtpd[14685]: connection established
May 12 13:12:52 c5773 postfix/smtpd[14685]: master_notify: status 0
May 12 13:12:52 c5773 postfix/smtpd[14685]: name_mask: resource
May 12 13:12:52 c5773 postfix/smtpd[14685]: name_mask: software
May 12 13:12:52 c5773 postfix/smtpd[14685]: connect from c5773.vserver.aic.at[81.16.32.24]
May 12 13:12:52 c5773 postfix/smtpd[14685]: match_list_match: c5773.vserver.aic.at: no match
May 12 13:12:52 c5773 postfix/smtpd[14685]: match_list_match: 81.16.32.24: no match
May 12 13:12:52 c5773 postfix/smtpd[14685]: match_list_match: c5773.vserver.aic.at: no match
May 12 13:12:52 c5773 postfix/smtpd[14685]: match_list_match: 81.16.32.24: no match
May 12 13:12:52 c5773 postfix/smtpd[14685]: smtp_stream_setup: maxtime=300 enable_deadline=0
May 12 13:12:52 c5773 postfix/smtpd[14685]: match_hostname: c5773.vserver.aic.at ~? 127.0.0.0/8
May 12 13:12:52 c5773 postfix/smtpd[14685]: match_hostaddr: 81.16.32.24 ~? 127.0.0.0/8
May 12 13:12:52 c5773 postfix/smtpd[14685]: match_hostname: c5773.vserver.aic.at ~? [::ffff:127.0.0.0]/104
May 12 13:12:52 c5773 postfix/smtpd[14685]: match_hostaddr: 81.16.32.24 ~? [::ffff:127.0.0.0]/104
May 12 13:12:52 c5773 postfix/smtpd[14685]: match_hostname: c5773.vserver.aic.at ~? [::1]/128
May 12 13:12:52 c5773 postfix/smtpd[14685]: match_hostaddr: 81.16.32.24 ~? [::1]/128
May 12 13:12:52 c5773 postfix/smtpd[14685]: match_list_match: c5773.vserver.aic.at: no match
May 12 13:12:52 c5773 postfix/smtpd[14685]: match_list_match: 81.16.32.24: no match
May 12 13:12:52 c5773 postfix/smtpd[14685]: send attr request = connect
May 12 13:12:52 c5773 postfix/smtpd[14685]: send attr ident = smtp:81.16.32.24
May 12 13:12:52 c5773 postfix/smtpd[14685]: private/anvil: wanted attribute: status
May 12 13:12:52 c5773 postfix/smtpd[14685]: input attribute name: status
May 12 13:12:52 c5773 postfix/smtpd[14685]: input attribute value: 0
May 12 13:12:52 c5773 postfix/smtpd[14685]: private/anvil: wanted attribute: count
May 12 13:12:52 c5773 postfix/smtpd[14685]: input attribute name: count
May 12 13:12:52 c5773 postfix/smtpd[14685]: input attribute value: 1
May 12 13:12:52 c5773 postfix/smtpd[14685]: private/anvil: wanted attribute: rate
May 12 13:12:52 c5773 postfix/smtpd[14685]: input attribute name: rate
May 12 13:12:52 c5773 postfix/smtpd[14685]: input attribute value: 1
May 12 13:12:52 c5773 postfix/smtpd[14685]: private/anvil: wanted attribute: (list terminator)
May 12 13:12:52 c5773 postfix/smtpd[14685]: input attribute name: (end)
May 12 13:12:52 c5773 postfix/smtpd[14685]: > c5773.vserver.aic.at[81.16.32.24]: 220 c5773.vserver.aic.at ESMTP Postfix (Ubuntu)
May 12 13:12:52 c5773 postfix/smtpd[14685]: xsasl_cyrus_server_create: SASL service=smtp, realm=(null)
May 12 13:12:52 c5773 postfix/smtpd[14685]: name_mask: noanonymous

EHLO mail.kabelplus.at
250-c5773.vserver.aic.at
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-STARTTLS
250-AUTH DIGEST-MD5 CRAM-MD5 NTLM PLAIN LOGIN
250-AUTH=DIGEST-MD5 CRAM-MD5 NTLM PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

May 12 13:14:27 c5773 postfix/smtpd[14685]: < c5773.vserver.aic.at[81.16.32.24]: EHLO mail.kabelplus.at
May 12 13:14:27 c5773 postfix/smtpd[14685]: match_list_match: c5773.vserver.aic.at: no match
May 12 13:14:27 c5773 postfix/smtpd[14685]: match_list_match: 81.16.32.24: no match
May 12 13:14:27 c5773 postfix/smtpd[14685]: > c5773.vserver.aic.at[81.16.32.24]: 250-c5773.vserver.aic.at
May 12 13:14:27 c5773 postfix/smtpd[14685]: > c5773.vserver.aic.at[81.16.32.24]: 250-PIPELINING
May 12 13:14:27 c5773 postfix/smtpd[14685]: > c5773.vserver.aic.at[81.16.32.24]: 250-SIZE 10240000
May 12 13:14:27 c5773 postfix/smtpd[14685]: > c5773.vserver.aic.at[81.16.32.24]: 250-ETRN
May 12 13:14:27 c5773 postfix/smtpd[14685]: > c5773.vserver.aic.at[81.16.32.24]: 250-STARTTLS
May 12 13:14:27 c5773 postfix/smtpd[14685]: > c5773.vserver.aic.at[81.16.32.24]: 250-AUTH DIGEST-MD5 CRAM-MD5 NTLM PLAIN LOGIN
May 12 13:14:27 c5773 postfix/smtpd[14685]: > c5773.vserver.aic.at[81.16.32.24]: 250-AUTH=DIGEST-MD5 CRAM-MD5 NTLM PLAIN LOGIN
May 12 13:14:27 c5773 postfix/smtpd[14685]: > c5773.vserver.aic.at[81.16.32.24]: 250-ENHANCEDSTATUSCODES
May 12 13:14:27 c5773 postfix/smtpd[14685]: > c5773.vserver.aic.at[81.16.32.24]: 250-8BITMIME
May 12 13:14:27 c5773 postfix/smtpd[14685]: > c5773.vserver.aic.at[81.16.32.24]: 250 DSN

AUTH PLAIN xxxxxxxxxxxxxxxxxxxxxxx
535 5.7.8 Error: authentication failed: authentication failure

May 12 13:15:41 c5773 postfix/smtpd[14685]: < c5773.vserver.aic.at[81.16.32.24]: AUTH PLAIN xxxxxxxxxxxxxxxxxxxxxxx
May 12 13:15:41 c5773 postfix/smtpd[14685]: xsasl_cyrus_server_first: sasl_method PLAIN, init_response xxxxxxxxxxxxxxxxxxxxxxx
May 12 13:15:41 c5773 postfix/smtpd[14685]: xsasl_cyrus_server_first: decoded initial response dejan
May 12 13:15:41 c5773 postfix/smtpd[14685]: warning: SASL authentication failure: Password verification failed
May 12 13:15:41 c5773 postfix/smtpd[14685]: warning: c5773.vserver.aic.at[81.16.32.24]: SASL PLAIN authentication failed: authentication failure
May 12 13:15:41 c5773 postfix/smtpd[14685]: > c5773.vserver.aic.at[81.16.32.24]: 535 5.7.8 Error: authentication failed: authentication failure

quit
221 2.0.0 Bye
Connection closed by foreign host.

May 12 13:16:35 c5773 postfix/smtpd[14685]: < c5773.vserver.aic.at[81.16.32.24]: quit
May 12 13:16:35 c5773 postfix/smtpd[14685]: > c5773.vserver.aic.at[81.16.32.24]: 221 2.0.0 Bye
May 12 13:16:35 c5773 postfix/smtpd[14685]: match_hostname: c5773.vserver.aic.at ~? 127.0.0.0/8
May 12 13:16:35 c5773 postfix/smtpd[14685]: match_hostaddr: 81.16.32.24 ~? 127.0.0.0/8
May 12 13:16:35 c5773 postfix/smtpd[14685]: match_hostname: c5773.vserver.aic.at ~? [::ffff:127.0.0.0]/104
May 12 13:16:35 c5773 postfix/smtpd[14685]: match_hostaddr: 81.16.32.24 ~? [::ffff:127.0.0.0]/104
May 12 13:16:35 c5773 postfix/smtpd[14685]: match_hostname: c5773.vserver.aic.at ~? [::1]/128
May 12 13:16:35 c5773 postfix/smtpd[14685]: match_hostaddr: 81.16.32.24 ~? [::1]/128
May 12 13:16:35 c5773 postfix/smtpd[14685]: match_list_match: c5773.vserver.aic.at: no match
May 12 13:16:35 c5773 postfix/smtpd[14685]: match_list_match: 81.16.32.24: no match
May 12 13:16:35 c5773 postfix/smtpd[14685]: send attr request = disconnect
May 12 13:16:35 c5773 postfix/smtpd[14685]: send attr ident = smtp:81.16.32.24
May 12 13:16:35 c5773 postfix/smtpd[14685]: private/anvil: wanted attribute: status
May 12 13:16:35 c5773 postfix/smtpd[14685]: input attribute name: status
May 12 13:16:35 c5773 postfix/smtpd[14685]: input attribute value: 0
May 12 13:16:35 c5773 postfix/smtpd[14685]: private/anvil: wanted attribute: (list terminator)
May 12 13:16:35 c5773 postfix/smtpd[14685]: input attribute name: (end)
May 12 13:16:35 c5773 postfix/smtpd[14685]: disconnect from c5773.vserver.aic.at[81.16.32.24]
May 12 13:16:35 c5773 postfix/smtpd[14685]: master_notify: status 1
May 12 13:16:35 c5773 postfix/smtpd[14685]: connection closed

Habt Ihr einen Tipp oder eine Idee für mich? So komm ich leider nicht weiter, hab mich ziemlich genau ans Postfix-Buch gehalten.

Danke für eure Hilfe…

Lg Dejan
-------------- nächster Teil --------------
Ein Dateianhang mit HTML-Daten wurde abgetrennt...
URL: <https://listi.jpberlin.de/pipermail/postfixbuch-users/attachments/20140512/184f694e/attachment.html>

Mehr Informationen über die Mailingliste Postfixbuch-users