Saludos. Luego de un fracasado intento por hacer correr correctamente qmail con Dovecot, y al ser atacado por una gran cantidad de spam al servidor, decidí optar por Postfix y sasl para la autentificasión.
Estuve leyendo decenas de artículos en inglés y español intentando la mejor configuración. Básicamente lo que intento hacer es tener un servidor de correo con soporte IMAP/IMAPS y autentificasión en SMTP. El problema en sí es que, al intentar enviar correo desde alguna cuenta creada (las creo haciendo insert en MySQL) con SMTP Auth este me devuelve lo siguiente: > tail -f /var/log/mail.log Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: > unknown[192.168.1.39]: 220 mail.dominio.tld ESMTP Postfix (Debian/GNU) Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: < unknown[192.168.1.39]: EHLO host Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: > unknown[192.168.1.39]: 250-mail.dominio.tld Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: > unknown[192.168.1.39]: 250-PIPELINING Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: > unknown[192.168.1.39]: 250-SIZE 30720000 Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: > unknown[192.168.1.39]: 250-VRFY Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: > unknown[192.168.1.39]: 250-ETRN Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: > unknown[192.168.1.39]: 250-STARTTLS Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: > unknown[192.168.1.39]: 250-AUTH LOGIN PLAIN Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: match_list_match: unknown: no match Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: match_list_match: 192.168.1.39: no match Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: > unknown[192.168.1.39]: 250-AUTH=LOGIN PLAIN Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: > unknown[192.168.1.39]: 250-ENHANCEDSTATUSCODES Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: > unknown[192.168.1.39]: 250-8BITMIME Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: > unknown[192.168.1.39]: 250 DSN Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: < unknown[192.168.1.39]: AUTH LOGIN Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: xsasl_cyrus_server_first: sasl_method LOGIN Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: xsasl_cyrus_server_auth_response: uncoded server challenge: Username: Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: > unknown[192.168.1.39]: 334 VXNlcm5hbWU6 Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: < unknown[192.168.1.39]: dXNlckBkb21haW4udGxk Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: xsasl_cyrus_server_next: decoded response: [email protected] Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: xsasl_cyrus_server_auth_response: uncoded server challenge: Password: Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: > unknown[192.168.1.39]: 334 UGFzc3dvcmQ6 Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: < unknown[192.168.1.39]: c2VjcmV0 Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: xsasl_cyrus_server_next: decoded response: secret Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: warning: SASL authentication problem: unknown password verifier Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: warning: unknown[192.168.1.39]: SASL LOGIN authentication failed: no mechanism available Apr 12 15:45:47 dhcppc7 postfix/smtpd[10811]: > unknown[192.168.1.39]: 535 5.7.8 Error: authentication failed: no mechanism available Apr 12 15:45:49 dhcppc7 postfix/smtpd[10811]: smtp_get: EOF Apr 12 15:45:49 dhcppc7 postfix/smtpd[10811]: match_hostname: unknown ~? 192.168.0.0/24 Apr 12 15:45:49 dhcppc7 postfix/smtpd[10811]: match_hostaddr: 192.168.1.39 ~? 192.168.0.0/24 Apr 12 15:45:49 dhcppc7 postfix/smtpd[10811]: match_hostname: unknown ~? 127.0.0.0/8 Apr 12 15:45:49 dhcppc7 postfix/smtpd[10811]: match_hostaddr: 192.168.1.39 ~? 127.0.0.0/8 Apr 12 15:45:49 dhcppc7 postfix/smtpd[10811]: match_list_match: unknown: no match Apr 12 15:45:49 dhcppc7 postfix/smtpd[10811]: match_list_match: 192.168.1.39: no match Apr 12 15:45:49 dhcppc7 postfix/smtpd[10811]: send attr request = disconnect Apr 12 15:45:49 dhcppc7 postfix/smtpd[10811]: send attr ident = smtp:192.168.1.39 Apr 12 15:45:49 dhcppc7 postfix/smtpd[10811]: private/anvil: wanted attribute: status Apr 12 15:45:49 dhcppc7 postfix/smtpd[10811]: input attribute name: status Apr 12 15:45:49 dhcppc7 postfix/smtpd[10811]: input attribute value: 0 Apr 12 15:45:49 dhcppc7 postfix/smtpd[10811]: private/anvil: wanted attribute: (list terminator) Apr 12 15:45:49 dhcppc7 postfix/smtpd[10811]: input attribute name: (end) Apr 12 15:45:49 dhcppc7 postfix/smtpd[10811]: lost connection after AUTH from unknown[192.168.1.39] Apr 12 15:45:49 dhcppc7 postfix/smtpd[10811]: disconnect from unknown[192.168.1.39] Apr 12 15:45:49 dhcppc7 postfix/smtpd[10811]: master_notify: status 1 Apr 12 15:45:49 dhcppc7 postfix/smtpd[10811]: connection closed Apr 12 15:45:52 dhcppc7 postfix/smtpd[10811]: proxymap stream disconnect Apr 12 15:45:52 dhcppc7 postfix/smtpd[10811]: auto_clnt_close: disconnect private/tlsmgr stream Y al intentar enviar un correo hacia afuera (sea @gmail.com,@hotmail.com,etc): > tail -f /var/log/mail.log Apr 12 15:47:36 dhcppc7 postfix/smtpd[10811]: > unknown[192.168.1.39]: 220 mail.dominio.tld ESMTP Postfix (Debian/GNU) Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: < unknown[192.168.1.39]: HELO host Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: > unknown[192.168.1.39]: 250 mail.dominio.tld Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: < unknown[192.168.1.39]: MAIL FROM:<[email protected]> Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: extract_addr: input: <[email protected]> Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: smtpd_check_addr: [email protected] Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: ctable_locate: move existing entry key [email protected] Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: extract_addr: in: <[email protected]>, result: [email protected] Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: fsspace: .: block size 4096, blocks free 35313921 Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: smtpd_check_queue: blocks 4096 avail 35313921 min_free 0 msg_size_limit 30720000 Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: > unknown[192.168.1.39]: 250 2.1.0 Ok Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: < unknown[192.168.1.39]: RCPT TO:<[email protected]> Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: extract_addr: input: <[email protected]> Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: smtpd_check_addr: [email protected] Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: ctable_locate: move existing entry key [email protected] Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: extract_addr: in: <[email protected]>, result: [email protected] Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: >>> START Recipient address RESTRICTIONS <<< Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: generic_checks: name=permit_mynetworks Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: permit_mynetworks: unknown 192.168.1.39 Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: match_hostname: unknown ~? 192.168.0.0/24 Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: match_hostaddr: 192.168.1.39 ~? 192.168.0.0/24 Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: match_hostname: unknown ~? 127.0.0.0/8 Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: match_hostaddr: 192.168.1.39 ~? 127.0.0.0/8 Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: match_list_match: unknown: no match Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: match_list_match: 192.168.1.39: no match Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: generic_checks: name=permit_mynetworks status=0 Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: generic_checks: name=permit_sasl_authenticated Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: generic_checks: name=permit_sasl_authenticated status=0 Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: generic_checks: name=reject_non_fqdn_sender Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: reject_non_fqdn_address: [email protected] Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: generic_checks: name=reject_non_fqdn_sender status=0 Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: generic_checks: name=reject_non_fqdn_recipient Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: reject_non_fqdn_address: [email protected] Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: generic_checks: name=reject_non_fqdn_recipient status=0 Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: generic_checks: name=reject_unauth_destination Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: reject_unauth_destination: [email protected] Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: permit_auth_destination: [email protected] Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: ctable_locate: leave existing entry key [email protected] Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: NOQUEUE: reject: RCPT from unknown[192.168.1.39]: 554 5.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<host> Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: generic_checks: name=reject_unauth_destination status=2 Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: > unknown[192.168.1.39]: 554 5.7.1 <[email protected]>: Relay access denied Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: smtp_get: EOF Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: match_hostname: unknown ~? 192.168.0.0/24 Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: match_hostaddr: 192.168.1.39 ~? 192.168.0.0/24 Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: match_hostname: unknown ~? 127.0.0.0/8 Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: match_hostaddr: 192.168.1.39 ~? 127.0.0.0/8 Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: match_list_match: unknown: no match Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: match_list_match: 192.168.1.39: no match Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: send attr request = disconnect Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: send attr ident = smtp:192.168.1.39 Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: private/anvil: wanted attribute: status Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: input attribute name: status Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: input attribute value: 0 Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: private/anvil: wanted attribute: (list terminator) Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: input attribute name: (end) Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: lost connection after RCPT from unknown[192.168.1.39] Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: disconnect from unknown[192.168.1.39] Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: master_notify: status 1 Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: connection closed Apr 12 15:47:37 dhcppc7 postfix/smtpd[10811]: rewrite stream disconnect ########################################################### Y esto si intento un telnet desde localhost: >telnet 127.0.0.1 25 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. 220 mail.dominio.tld ESMTP Postfix (Debian/GNU) EHLO mail.dominio.tld 250-mail.dominio.tld 250-PIPELINING 250-SIZE 30720000 250-VRFY 250-ETRN 250-STARTTLS 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN AUTH PLAIN AHVzZXJAZG9tYWluLnRsZABzZWNyZXQ= 535 5.7.8 Error: authentication failed: no mechanism available QUIT 221 2.0.0 Bye Connection closed by foreign host. ########################################################### >cat /var/log/mail.log Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: connection established Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: master_notify: status 0 Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: name_mask: resource Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: name_mask: software Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: xsasl_cyrus_server_create: SASL service=smtp, realm=mail.dominio.tld Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: name_mask: noanonymous Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: connect from localhost[127.0.0.1] Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: match_list_match: localhost: no match Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: match_list_match: 127.0.0.1: no match Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: match_list_match: localhost: no match Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: match_list_match: 127.0.0.1: no match Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: match_hostname: localhost ~? 192.168.0.0/24 Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: match_hostaddr: 127.0.0.1 ~? 192.168.0.0/24 Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: match_hostname: localhost ~? 127.0.0.0/8 Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: match_hostaddr: 127.0.0.1 ~? 127.0.0.0/8 Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: > localhost[127.0.0.1]: 220 mail.dominio.tld ESMTP Postfix (Debian/GNU) Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: < localhost[127.0.0.1]: ehlo mail.dominio.tld Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: > localhost[127.0.0.1]: 250-mail.dominio.tld Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: > localhost[127.0.0.1]: 250-PIPELINING Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: > localhost[127.0.0.1]: 250-SIZE 30720000 Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: > localhost[127.0.0.1]: 250-VRFY Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: > localhost[127.0.0.1]: 250-ETRN Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: > localhost[127.0.0.1]: 250-STARTTLS Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: > localhost[127.0.0.1]: 250-AUTH LOGIN PLAIN Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: match_list_match: localhost: no match Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: match_list_match: 127.0.0.1: no match Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: > localhost[127.0.0.1]: 250-AUTH=LOGIN PLAIN Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: > localhost[127.0.0.1]: 250-ENHANCEDSTATUSCODES Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: > localhost[127.0.0.1]: 250-8BITMIME Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: > localhost[127.0.0.1]: 250 DSN Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: < localhost[127.0.0.1]: AUTH PLAIN AHVzZXJAZG9tYWluLnRsZABzZWNyZXQ= Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: xsasl_cyrus_server_first: sasl_method PLAIN, init_response AHVzZXJAZG9tYWluLnRsZABzZWNyZXQ= Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: xsasl_cyrus_server_first: decoded initial response Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: warning: SASL authentication problem: unknown password verifier Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: warning: SASL authentication failure: Password verification failed Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: warning: localhost[127.0.0.1]: SASL PLAIN authentication failed: no mechanism available Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: > localhost[127.0.0.1]: 535 5.7.8 Error: authentication failed: no mechanism available Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: < localhost[127.0.0.1]: QUIT Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: > localhost[127.0.0.1]: 221 2.0.0 Bye Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: smtp_flush: EOF Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: match_hostname: localhost ~? 192.168.0.0/24 Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: match_hostaddr: 127.0.0.1 ~? 192.168.0.0/24 Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: match_hostname: localhost ~? 127.0.0.0/8 Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: match_hostaddr: 127.0.0.1 ~? 127.0.0.0/8 Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: lost connection after QUIT from localhost[127.0.0.1] Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: disconnect from localhost[127.0.0.1] Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: master_notify: status 1 Apr 12 16:08:45 dhcppc7 postfix/smtpd[10822]: connection closed ########################################################### Por el otro lado las cuentas son manejadas de manera perfecta por Dovecot. Mismo es que puedo enviar correo entre las cuentas virtuales, sin importar el dominio. Pero en ese caso creo que se está utilizando Dovecot para enviarlo, o procmail, y no Postfix. Estos son mis archivos de configuración: >cat /etc/postfix/main.cf smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no append_dot_mydomain = no readme_directory = /usr/share/doc/postfix # TLS parameters smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache # General myhostname = mail.dominio.tld mydomain = dominio.tld alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = $mydomain mydestination = $myhostname, $mydomain, localhost.localdomain, localhost relayhost = mynetworks = 192.168.0.0/24, 127.0.0.0/8 mailbox_command = procmail -a "$EXTENSION" message_size_limit = 30720000 recipient_delimiter = + inet_interfaces = all html_directory = /usr/share/doc/postfix/html # Virtual virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf virtual_gid_maps = static:500 virtual_mailbox_base = /home/vmail virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf virtual_mailbox_limit = 51200000 virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf virtual_minimum_uid = 500 virtual_transport = dovecot virtual_uid_maps = static:500 virtual_create_maildirsize = yes virtual_mailbox_extended = yes virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf virtual_mailbox_limit_override = yes virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later. virtual_overquota_bounce = yes proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps # SSL2 broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_destination, reject_unauth_pipelining, reject_invalid_hostname smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_security_options = noanonymous #smtpd_sasl_path = /var/run/dovecot/auth-client #smtpd_sasl_type = dovecot smtp_sasl_password_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf dovecot_destination_recipient_limit = 1 ########################################################### >cat /etc/postfix/master.cf [...] smtp inet n - - - - smtpd [...] dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient} ########################################################### >cat /etc/postfix/mysql_virtual_alias_maps.cf user = mail password = ku2654x7evmj hosts = localhost dbname = mail query = SELECT goto FROM alias WHERE address='%s' AND active = 1 ########################################################### >cat /etc/postfix/mysql_virtual_domains_maps.cf user = mail password = ku2654x7evmj hosts = localhost dbname = mail query = SELECT domain FROM domain WHERE domain='%s' ########################################################### >cat /etc/postfix/mysql_virtual_mailbox_limit_maps.cf user = mail password = ku2654x7evmj hosts = localhost dbname = mail query = SELECT quota FROM mailbox WHERE username='%s' ########################################################### >cat /etc/postfix/mysql_virtual_mailbox_maps.cf user = mail password = ku2654x7evmj hosts = localhost dbname = mail query = SELECT CONCAT('%d','/','%u','/') FROM mailbox WHERE username='%s' AND active = 1 ########################################################### >cat /etc/postfix/sasl/smtpd.conf pwcheck_method: saslauthd auxprop mech_list: PLAIN LOGIN minimum_layer: 0 allow_plaintext: true auxprop_plugin: sql sql_engine: mysql sql_hostnames: 127.0.0.1 sql_user: mail sql_passwd: ku2654x7evmj sql_database: mail sql_select: select password from mailbox where username = '%u'@'%r' ########################################################### >cat /etc/default/saslauthd START=yes DESC="SASL Authentication Daemon" NAME="saslauthd" MECHANISMS="pam" MECH_OPTIONS="" THREADS=5 OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r" ########################################################### >cat /etc/pam.d/smtp auth required pam_nologin.so auth required pam_mysql.so user=mail passwd=ku2654x7evmj host=localhost db=mail table=mailbox usercolumn=username passwdcolumn=password crypt=1 account sufficient pam_mysql.so user=mail passwd=ku2654x7evmj host=localhost db=mail table=mailbox usercolumn=username passwdcolumn=password crypt=1 account required pam_unix.so ########################################################### >cat /etc/dovecot/dovecot.conf protocols = imap imaps disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " mail_location = maildir:/home/vmail/%d/%n/Maildir listen = * login_process_size = 64 verbose_proctitle = yes first_valid_uid = 500 first_valid_gid = 500 #umask = 0077 mbox_read_locks = fcntl mbox_write_locks = fcntl ssl_disable = no ssl_cert_file = /etc/ssl/certs/dovecot.pem ssl_key_file = /etc/ssl/private/dovecot.pem protocol imap { imap_client_workarounds = delay-newmail outlook-idle netscape-eoh tb-extra-mailbox-sep mail_plugins = autocreate quota imap_quota } protocol lda { postmaster_address = [email protected] sendmail_path = /usr/local/sbin/sendmail } auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ auth_debug = yes auth_verbose = yes auth default { passdb sql { args = /etc/dovecot/dovecot-mysql.conf } userdb sql { args = /etc/dovecot/dovecot-mysql.conf } socket listen { master { path = /var/run/dovecot/auth-master mode = 0600 user = vmail group = vmail } client { path = /var/run/dovecot/auth-client mode = 0660 user = postfix group = postfix } } user = root } plugin { autocreate = INBOX autocreate2 = Drafts autocreate3 = Sent autocreate4 = Trash autocreate5 = Junk autosubscribe = INBOX autosubscribe2 = Trash } ########################################################### >cat /etc/dovecot/dovecot-mysql.conf driver = mysql default_pass_scheme = CRYPT connect = host=localhost dbname=mail user=mail password=ku2654x7evmj password_query = SELECT password FROM mailbox WHERE username = '%u' AND active = '1' user_query = SELECT maildir, 500 AS uid, 500 AS gid FROM mailbox WHERE username = '%u' AND active = '1' ########################################################### Volcado de la base de datos "mail": CREATE TABLE IF NOT EXISTS alias ( address varchar(255) NOT NULL default '', goto text NOT NULL, domain varchar(255) NOT NULL default '', created datetime NOT NULL default '0000-00-00 00:00:00', modified datetime NOT NULL default '0000-00-00 00:00:00', active tinyint(1) NOT NULL default '1', PRIMARY KEY (address) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COMMENT='Postfix Admin - Virtual Aliases'; CREATE TABLE IF NOT EXISTS domain ( domain varchar(255) NOT NULL default '', description varchar(255) NOT NULL default '', aliases int(10) NOT NULL default '0', mailboxes int(10) NOT NULL default '0', maxquota int(10) NOT NULL default '0', transport varchar(255) default NULL, backupmx tinyint(1) NOT NULL default '0', created datetime NOT NULL default '0000-00-00 00:00:00', modified datetime NOT NULL default '0000-00-00 00:00:00', active tinyint(1) NOT NULL default '1', PRIMARY KEY (domain) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COMMENT='Postfix Admin - Virtual Domains'; CREATE TABLE IF NOT EXISTS mailbox ( username varchar(255) NOT NULL default '', password varchar(255) NOT NULL default '', name varchar(255) NOT NULL default '', maildir varchar(255) NOT NULL default '', quota int(10) NOT NULL default '0', domain varchar(255) NOT NULL default '', created datetime NOT NULL default '0000-00-00 00:00:00', modified datetime NOT NULL default '0000-00-00 00:00:00', active tinyint(1) NOT NULL default '1', PRIMARY KEY (username) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COMMENT='Postfix Admin - Virtual Mailboxes'; INSERT INTO alias (address, goto, domain, created, modified, active) VALUES ('[email protected]', '[email protected]', '', '0000-00-00 00:00:00', '0000-00-00 00:00:00', 1); INSERT INTO domain (domain, description, aliases, mailboxes, maxquota, transport, backupmx, created, modified, active) VALUES ('domain.tld', 'Test Domain', 0, 0, 0, NULL, 0, '0000-00-00 00:00:00', '0000-00-00 00:00:00', 1); INSERT INTO mailbox (username, password, name, maildir, quota, domain, created, modified, active) VALUES ('[email protected]', '$1$caea3837$gPafod/Do/8Jj5M9HehhM.', 'Mailbox User', '[email protected]/', 0, '', '0000-00-00 00:00:00', '0000-00-00 00:00:00', 1), ('[email protected]', '$1$caea3837$gPafod/Do/8Jj5M9HehhM.', 'Mailbox User2', '[email protected]/', 0, '', '0000-00-00 00:00:00', '0000-00-00 00:00:00', 1); Nota: la clave "password" es "secret" y está encriptada en MD5 ########################################################### Finalmente estos son los procedimiento que utilisé para instalar el servidor en Debian Lenny: # SETEAR VARIABLES DE SISTEMA # ···························································· echo 'mail.dominio.tld' > /etc/hostname echo 'mail.dominio.tld' > /etc/mailname mv /etc/hosts /etc/hosts.bk cat > /etc/hosts <<EOF 127.0.0.1 mail.dominio.tld dominio.tld localhost 127.0.1.1 mail.dominio.tld mx localhost # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters ff02::3 ip6-allhosts EOF # ACTUALIZAR SISTEMA # ···························································· apt-get update -y apt-get upgrade -y # INSTALAR APACHE + MYSQL + PHP + SASL # ···························································· export DEBIAN_FRONTEND=noninteractive apt-get install -y apache2 libapache2-mod-php5 libapache2-mod-auth-plain \ php5 php5-cli php5-mysql php5-gd php5-imap \ mysql-client mysql-server \ libsasl2-2 libsasl2-modules libsasl2-modules-sql \ sasl2-bin libpam-mysql openssl \ nmap unset DEBIAN_FRONTEND a2enmod php5 a2enmod ssl a2enmod rewrite # CONFIGURAR MYSQL (HABILITAR ACCESO REMOTO) # ···························································· mysqladmin -u root password rootpass sed -i 's/= 127.0.0.1/= 0.0.0.0/g' /etc/mysql/my.cnf sed -i 's/= \/usr\/share\/mysql\/english/= \/usr\/share\/mysql\/spanish/g' /etc/mysql/my.cnf /etc/init.d/apache2 restart /etc/init.d/mysql restart # USUARIO DE MYSQL # ···························································· mysql -u root -p'rootpass'<<EOFMYSQL GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'rootpass' WITH GRANT OPTION; FLUSH PRIVILEGES; EOFMYSQL mysql -u root -p'rootpass'<<EOFMYSQL CREATE USER mail IDENTIFIED BY 'ku2654x7evmj'; CREATE DATABASE mail; GRANT ALL PRIVILEGES ON mail.* TO 'mail'@'localhost' IDENTIFIED BY 'ku2654x7evmj' WITH GRANT OPTION; ALTER DATABASE mail CHARACTER SET utf8 COLLATE utf8_general_ci; EOFMYSQL # REMOVER EXIM # ···························································· /etc/init.d/exim4 stop update-rc.d -f exim4 remove apt-get remove -y --purge exim4 exim4-daemon-light exim4-base exim4-config # CREAR DIRECTORIO VMAIL # ···························································· groupadd -g 500 vmail useradd -g vmail -u 500 vmail -d /home/vmail -m mkdir /home/vmail chown -R vmail:vmail /home/vmail chmod -R 771 /home/vmail # INSTALAR POSTFIX + DOVECOT # ···························································· dpkg -i /tmp/postfix/postfix_2.5.5-1.1_amd64.deb dpkg -i /tmp/postfix/postfix-mysql_2.5.5-1.1_amd64.deb apt-get install -y \ dovecot-common dovecot-imapd dovecot-pop3d # INSTALAR POSTFIXADMIN (PARA USAR MÁS ADELANTE) # ···························································· #cd /tmp/postfixadmin #tar -xzvf /tmp/postfixadmin/postfixadmin_2.3.tar.gz #mv /tmp/postfixadmin/postfixadmin-2.3 /var/www/postfixadmin #mv /var/www/postfixadmin/config.inc.php /var/www/postfixadmin/config.inc.php.bk #cp /tmp/postfixadmin/config.inc.php /var/www/postfixadmin/config.inc.php # CREAR CERTIFICADOS # ···························································· #cd /etc/postfix #openssl req -new -outform PEM -out smtpd.cert -newkey rsa:2048 -nodes -keyout smtpd.key -keyform PEM -days 365 -x509 #chmod o= /etc/postfix/smtpd.key # PERMISOS DE ARCHIVOS # ···························································· chmod 777 /etc/postfix/sasl/smtpd.conf chmod 640 /etc/postfix/mysql* chgrp postfix /etc/postfix/mysql* chmod o= /etc/pam.d/smtp chmod o= /etc/postfix/sasl/smtpd.conf adduser postfix sasl # CONFIGURACION DE SASL # ···························································· cat >> /etc/init.d/saslauthd <<EOF PARAMS="-m /var/spool/postfix/var/run/saslauthd/" EOF mkdir -p /var/spool/postfix/var/run/saslauthd rm -r /var/run/saslauthd/ cd /var/run ln -s /var/spool/postfix/var/run/saslauthd chgrp sasl /var/spool/postfix/var/run/saslauthd chown postfix:sasl /var/run/saslauthd dpkg-statoverride --force --update --add root sasl 755 /var/spool/postfix/var/run/saslauthd # REINICIAR SERVICIOS # ···························································· /etc/init.d/postfix restart /etc/init.d/dovecot restart /etc/init.d/saslauthd restart Nota: Postfix fue parcheado previamente con VDA (http://vda.sourceforge.net/) para la versión 2.5.5 y luego compilado. Un saludo de antemano. Cualquier recomendación es bienvenida. -- Para desuscribirte tenés que visitar la página https://listas.linux.org.ar/mailman/listinfo/lugar-gral/ Usuarios Software Libre Argentina (USLA)
