Hallo zusammen, ich bin dabei ein Mailservers mit Postfix und Cyrus zu testen. Die User sollen in der sasldb sein und alles mit virtuellen Usern und Domains abgebildet werden. Als erstes habe ich das Problem das bei: - testsaslauthd -u test@bla.fasel -p test ein 0: NO "authentication failed" kommt - telnet localhost 25 nach dem ehlo kein AUTH... angezeigt wird Was ist eigentlich der Unterschied zwischen sasl_pwcheck_method und pwcheck_method ...? Probiert habe ich beides. Auch habe ich mit lokalen Usern probiert. Dabei hatte ich folgende Einträge anders: /etc/default/saslauthd MECHANISMS="shadow" /etc/postfix/sasl/smtpd.conf mech_list: PLAIN #sasl_auxprop_plugin: sasldb pwcheck_method: saslauthd #sasl_pwcheck_method: auxprop Hier die aktuellen Meldungen/Einträge: uname -a Linux mail.bla.fasel 4.9.0-6-amd64 #1 SMP Debian 4.9.88-1 (2018-04-29) x86_64 GNU/Linux aptitude show cyrus-imapd Paket: cyrus-imapd Version: 2.5.10-3 telnet: 250-mail.bla.fasel 250-PIPELINING 250-SIZE 10240000 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250-DSN 250 SMTPUTF8 /var/log/mail.warn: Aug 9 12:37:25 mail cyrus/master[27164]: process type:SERVICE name:imap path:/usr/lib/cyrus/bin/imapd age:51.100s pid:27880 exited, status 75 Aug 9 13:36:14 mail postfix/postfix-script[28636]: warning: symlink leaves directory: /etc/postfix/./sasl/smtpd.conf Aug 9 13:36:24 mail cyrus/master[28682]: unable to setsocketopt(IP_TOS) service lmtpunix/unix: Operation not supported postconf -n alias_database = hahs:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no compatibility_level = 2 disable_vrfy_command = yes inet_interfaces = all inet_protocols = ipv4 mydestination = $myhostname, localhost, localhost.localdomain myhostname = mail.bla.fasel mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.146.0/24 myorigin = /etc/hostname readme_directory = no recipient_delimiter = + relayhost = mailrelay.bla.fasel smtp_sasl_password_maps = /etc/sasldb2 smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) smtpd_helo_required = yes smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_relay_restrictions = permit_mynetworks reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_path = smtpd smtpd_sasl_type = cyrus smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes virtual_alias_maps = hash:/etc/postfix/virtual-alias virtual_gid_maps = static:5000 virtual_mailbox_domains = test.fasel virtual_minimum_uid = 1000 virtual_transport = lmtp:[1.2.3.4]:24 virtual_uid_maps = static:5000 saslfinger -s saslfinger - postfix Cyrus sasl configuration Do 9. Aug 13:55:24 CEST 2018 version: 1.0.4 mode: server-side SMTP AUTH -- basics -- Postfix: 3.1.8 System: Debian GNU/Linux 9 \n \l -- smtpd is linked to -- libsasl2.so.2 => /usr/lib/x86_64-linux-gnu/libsasl2.so.2 (0x00007fe3455a2000) -- active SMTP AUTH and TLS parameters for smtpd -- smtpd_sasl_auth_enable = yes smtpd_sasl_path = smtpd smtpd_sasl_type = cyrus smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes -- listing of /usr/lib/sasl2 -- insgesamt 16 drwxr-xr-x 2 root root 4096 Jul 9 10:12 . drwxr-xr-x 34 root root 4096 Jul 19 11:58 .. -rw-r--r-- 1 root root 4 Jul 9 10:12 berkeley_db.active -rw-r--r-- 1 root root 4 Mär 19 2017 berkeley_db.txt -- listing of /etc/sasl2 -- insgesamt 8 drwxr-xr-x 2 root root 4096 Aug 9 11:38 . drwxr-xr-x 72 root root 4096 Aug 9 13:54 .. -- listing of /etc/postfix/sasl -- insgesamt 24 drwxr-xr-x 2 root root 4096 Jul 25 17:16 . drwxr-xr-x 5 root root 4096 Aug 9 12:31 .. -rw-r--r-- 1 root sasl 12929 Aug 9 12:47 smtpd.conf -- content of /etc/postfix/sasl/smtpd.conf -- # Debian Cyrus imapd.conf # See imapd.conf(5) for more information and more options # Configuration directory configdirectory: /var/lib/cyrus # Directories for proc and lock files proc_path: /run/cyrus/proc mboxname_lockpath: /run/cyrus/lock # Which partition to use for default mailboxes defaultpartition: default partition-default: /var/spool/cyrus/mail # News setup partition-news: /var/spool/cyrus/news newsspool: /var/spool/news altnamespace: no unixhierarchysep: no lmtp_downcase_rcpt: yes admins: cyrus allowanonymouslogin: no popminpoll: 1 autocreate_quota: 0 umask: 077 sieveusehomedir: false sievedir: /var/spool/sieve httpmodules: caldav carddav hashimapspool: true allowplaintext: yes sasl_mech_list: PLAIN sasl_pwcheck_method: auxprop log_level: 7 sasl_auxprop_plugin: sasldb sasl_saslauthd_path: /var/run/saslauthd/mux autotransition:true tls_client_ca_dir: /etc/ssl/certs tls_session_timeout: 1440 lmtpsocket: /run/cyrus/socket/lmtp idlesocket: /run/cyrus/socket/idle notifysocket: /run/cyrus/socket/notify syslog_prefix: cyrus -- active services in /etc/postfix/master.cf -- # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (no) (never) (100) smtp inet n - y - - smtpd submission inet n - y - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_reject_unlisted_recipient=no -o smtpd_recipient_restrictions= -o smtpd_relay_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING pickup unix n - y 60 1 pickup cleanup unix n - y - 0 cleanup qmgr unix n - n 300 1 qmgr tlsmgr unix - - y 1000? 1 tlsmgr rewrite unix - - y - - trivial-rewrite bounce unix - - y - 0 bounce defer unix - - y - 0 bounce trace unix - - y - 0 bounce verify unix - - y - 1 verify flush unix n - y 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - y - - smtp relay unix - - y - - smtp showq unix n - y - - showq error unix - - y - - error retry unix - - y - - error discard unix - - y - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - y - - lmtp anvil unix - - y - 1 anvil scache unix - - y - 1 scache maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4 uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient scalemail-backend unix - n n - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} mailman unix - n n - - pipe flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user} -- mechanisms on localhost -- -- end of saslfinger output -- Hat jemand eine Idee was ich falsch gemacht habe? Dank und Gruß Mario |
- postfix, cyrus "authentication failed" Mario Brese
- Re: postfix, cyrus "authentication failed" Marc Patermann
- Re: postfix, cyrus "authentication failed&quo... Mario Brese
- Re: postfix, cyrus "authentication failed... Marc Patermann
- Re: postfix, cyrus "authentication fa... Mario Brese
- Re: postfix, cyrus "authenticati... Marc Patermann
- Re: postfix, cyrus "authenti... Mario Brese
- Re: postfix, cyrus "authentication failed&quo... Mario Brese