Inzwischen klappt die Zustellung per lmtp wieder. Die Lösung bestand allerdings darin die alte Postfix-Version 2.8.8 einzuspielen. Nun gilt es herauszufinden, was sich zwischen Version 2.8.8 und 2.9.3 geändert hat. Hat jemand eine Idee?
Gruß Jörg. Am 23.02.2013 20:07, schrieb Joerg Streckfuss: > Hallo liebe Leute, > > nachdem ich meinen Mailserver von OpenBSD 5.1 auf 5.2 aktualisiert habe, > möchte der local Daemon keine Mails an den Cyrus-IMAP abliefern. Postfix > beschwert sich dann mit der folgenden Fehlermeldung: > > <snip> > postman postfix/smtpd[26245]: warning: SASL authentication failure: no > user in db > postman postfix/smtpd[26245]: NOQUEUE: > client=xxx.xxx.xxx.xxx.net[xxx.xxx.xxx.xxx], sasl_method=PLAIN, > [email protected] > ... > postman postfix/local[2037]: warning: error looking up passwd info for > foobar: Operation not permitted > ... > postman postfix/local[2037]: 8BF9B51480F: > to=<[email protected]>, orig_to=<[email protected]>, > relay=local, delay=0.07, > delays=0.05/0.01/0/0.01, dsn=4.0.0, status=deferred (user lookup error) > ... > <snap> > > Die Meldung "SASL authentication failure: no user in db" vom smtpd kann > ich nicht so recht einordnen. Denn der folgende Test ist erfolgreich: > > <snip> > # openssl s_client -connect <meinmailserver>:25 -starttls smtp > verify error:num=18:self signed certificate > ... > --- > 250 8BITMIME > AUTH PLAIN DASGEHEIMEPASSWORT > 235 2.7.0 Authentication successful > <snap> > > Meine Konfiguration sieht wie folgt aussieht. Klienten authentifizieren > sich per sasl2db. Die scheint wie oben zu sehen auch zu klappen. Mails > werden per lmtp (unix socket) an den cyrus-imap abgeliefert. Und hier > scheint es dann zu klemmen. Der Socket befindet sich in > /var/spool/postfix/public/ und hat die korrekten Rechte root:_postdrop. > Da ich an der Konfiguration nichts geändert habe, außer eben ein Update > von Postfix 2.8.8 auf Postfix 2.9.3, cyrus-imap-2.4.13 auf > cyrus-imapd-2.4.16p0 sowie cyrus-sasl-2.2.25p2 auf cyrus-sasl-2.1.25p3 > vermute ich eine Inkompatibilität zwischen den neuen Versionen. > Gibt es eine Möglichkeit wie ich lmtp zwischen Postfix und Cyrus > sinnvoll testen kann, bzw. weiß vielleicht jemand woran es hapern könnte? > > Vielen Dank im Voraus, > > Gruß Jörg > > Anbei Details zu meiner Konfiguration > > OpenBSD-5.2 > postfix-2.9.3-sasl2 > cyrus-imapd-2.4.16p0 Cyrus IMAP serverr > cyrus-sasl-2.1.25p3 > > main.cf: > <snip> > queue_directory = /var/spool/postfix > command_directory = /usr/local/sbin > daemon_directory = /usr/local/libexec/postfix > mail_owner = _postfix > myhostname = hostname.domain > inet_interfaces = 127.0.0.1, xxx.xxx.xxx.xxx > inet_protocols = ipv4 > unknown_local_recipient_reject_code = 550 > mydomain = streckfuss.org > mynetworks = 127.0.0.0/8 > mydestination = $myhostname, localhost.$mydomain > smtpd_banner = $myhostname ESMTP > alias_maps = hash:/etc/mail/aliases > debug_peer_level = 2 > debugger_command = > PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin > xxgdb $daemon_directory/$process_name $process_id & sleep 5 > sendmail_path = /usr/local/sbin/sendmail > newaliases_path = /usr/local/sbin/newaliases > mailq_path = /usr/local/sbin/mailq > setgid_group = _postdrop > html_directory = /usr/local/share/doc/postfix/html > manpage_directory = /usr/local/man > sample_directory = /etc/postfix > readme_directory = /usr/local/share/doc/postfix/readme > > # SSL/TLS server > tls_random_source = dev:/dev/arandom > #smtpd_tls_security_level = may > smtpd_tls_loglevel = 2 > smtpd_tls_received_header = yes > smtpd_use_tls = yes > smtpd_tls_key_file = /etc/ssl/private/tlskeyfile > smtpd_tls_cert_file = /etc/ssl/private/tlscertfile > smtpd_tls_CAfile = /etc/ssl/private/tlscafile > # SSL/TLS client > smtp_use_tls = yes > smtp_tls_key_file = /etc/ssl/private/tlskeyfile > smtp_tls_cert_file = /etc/ssl/private/tlscertfile > > # SASL > smtpd_sasl_security_options = noanonymous > smtpd_sasl_authenticated_header = yes > smtpd_sasl_auth_enable = yes > smtpd_sasl_path = smtpd > smtpd_sasl_local_domain = $mydomain > smtpd_sasl_type = cyrus > > # restrictions > smtpd_recipient_restrictions = permit_sasl_authenticated, > permit_mynetworks, > reject_unauth_destination, > reject_non_fqdn_recipient, > reject_unknown_recipient_domain, > reject_rbl_client sbl-xbl.spamhaus.org > > # discard dsn support because amavis doesn't know this command > # we have to wait for version 2.4 > smtpd_discard_ehlo_keywords = silent-discard, dsn > > # virtual domains > virtual_alias_maps = hash:/etc/postfix/domain1.txt, > hash:/etc/postfix/domain2e.txt > virtual_uid_maps = static:1001 > virtual_gid_maps = static:1001 > mailbox_transport = lmtp:unix:public/lmtp > masquerade_exceptions = root > <snap> > > master.cf: > <snip> > smtp inet n - y - 16 smtpd > -o smtpd_proxy_filter=127.0.0.1:10024 > -o smtpd_client_connection_count_limit=4 > #This is the after-filter smtpd, it receives mail from amavisd to port 10025 > 127.0.0.1:10025 inet n - y - - smtpd > submission inet n - y - - smtpd > -o smtpd_enforce_tls=yes > # -o smtpd_sasl_auth_enable=yes > -o smtpd_client_restrictions=permit_sasl_authenticated,reject > smtps inet n - y - - smtpd > -o smtpd_tls_wrappermode=yes > # -o smtpd_sasl_auth_enable=yes > -o smtpd_client_restrictions=permit_sasl_authenticated,reject > #628 inet n - y - - qmqpd > pickup fifo n - y 60 1 pickup > cleanup unix n - y - 0 cleanup > qmgr fifo n - y 300 1 qmgr > #qmgr fifo n - y 300 1 oqmgr > tlsmgr unix - - y 1000? 1 tlsmgr > rewrite unix - - y - - trivial-rewrite > bounce unix - - y - 0 bounce > defer unix - - y - 0 bounce > trace unix - - y - 0 bounce > verify unix - - y - 1 verify > flush unix n - y 1000? 0 flush > proxymap unix - - n - - proxymap > smtp unix - - y - - smtp > # When relaying mail as backup MX, disable fallback_relay to avoid MX loops > relay unix - - y - - smtp > # -o fallback_relay= > # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 > showq unix n - y - - showq > error unix - - y - - error > discard unix - - y - - discard > local unix - n n - - local > virtual unix - n n - - virtual > lmtp unix - - y - - lmtp > anvil unix - - y - 1 anvil > scache unix - - y - 1 scache > # > # ==================================================================== > # Interfaces to non-Postfix software. Be sure to examine the manual > # pages of the non-Postfix software to find out what options it wants. > # > # Many of the following services use the Postfix pipe(8) delivery > # agent. See the pipe(8) man page for information about ${recipient} > # and other message envelope options. > # ==================================================================== > # > # maildrop. See the Postfix MAILDROP_README file for details. > # Also specify in main.cf: maildrop_destination_recipient_limit=1 > # > maildrop unix - n n - - pipe > flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient} > # > # The Cyrus deliver program has changed incompatibly, multiple times. > # > old-cyrus unix - n n - - pipe > flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} > # Cyrus 2.1.5 (Amos Gouaux) > # Also specify in main.cf: cyrus_destination_recipient_limit=1 > cyrus unix - n n - - pipe > user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} > ${user} > # > # See the Postfix UUCP_README file for configuration details. > # > uucp unix - n n - - pipe > flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail > ($recipient) > # > # Other external delivery methods. > # > ifmail unix - n n - - pipe > flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) > bsmtp unix - n n - - pipe > flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop > $recipient > retry unix - - n - - error > proxywrite unix - - n - 1 proxymap > #smtp inet n - n - 1 postscreen > #smtpd pass - - n - - smtpd > #dnsblog unix - - n - 0 dnsblog > #tlsproxy unix - - n - 0 tlsproxy > <snap> > _______________________________________________ > postfix-users mailing list > [email protected] > http://de.postfix.org/cgi-bin/mailman/listinfo/postfix-users _______________________________________________ postfix-users mailing list [email protected] http://de.postfix.org/cgi-bin/mailman/listinfo/postfix-users
