[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Ein kleines Postfix Cyrus-SASL - MySQL Problem
[Thread Prev] | [Thread Next]
- Subject: Ein kleines Postfix Cyrus-SASL - MySQL Problem
- From: Christian Eichert <eichertc@xxxxxxxxx>
- Date: Thu, 27 Sep 2012 15:53:56 +0200
- To: uugrn@xxxxxxxxxxxxxxx
Hallo Liste
ich konfiguriere gerade einen Email Server mit POSTFIX + SSL +
Cyrus-SASL mit MySQL Authentifizierung
IMAPs Login per Courier IMAP ( SSL + CRAM-MD5 ) + Courier Authlib ->
MySQL funktioniert einwandfrei
mein Problem ist die SMTP Seite
SSL Zertifikat funktioniert Postfix nimmt den username ( der identisch
mit der email ist ) an und entschluesselt ihn richtig.
nur dann weiss er nicht was damit anfangen soll und sucht eine
Datenbank die es nicht gibt /etc/sasldb2 statt ihn an Cyrus abzugeben
bricht er ab.
wie bringe ich ihm mit dass er die MYQSL Datenbank abfragen soll und
wen das Passwort richtig ist die Mail versenden.
KANN MIR JEMAND BITTE WEITER HELFEN?
Sep 27 13:14:04 mail postfix/smtpd[11652]: >
sender.domain.com[xxx.xxx.xxx.xxx]: 220 empfaenger.domain.de ESMTP
Postfix (Debian/GNU)
Sep 27 13:14:04 mail postfix/smtpd[11652]: <
sender.domain.com[xxx.xxx.xxx.xxx]: EHLO [192.168.0.104]
Sep 27 13:14:04 mail postfix/smtpd[11652]: >
sender.domain.com[xxx.xxx.xxx.xxx]: 250-empfaenger.domain.de
Sep 27 13:14:04 mail postfix/smtpd[11652]: >
sender.domain.com[xxx.xxx.xxx.xxx]: 250-empfaenger.domain.de
Sep 27 13:14:04 mail postfix/smtpd[11652]: >
sender.domain.com[xxx.xxx.xxx.xxx]: 250-PIPELINING
Sep 27 13:14:04 mail postfix/smtpd[11652]: >
sender.domain.com[xxx.xxx.xxx.xxx]: 250-SIZE 10240000
Sep 27 13:14:04 mail postfix/smtpd[11652]: >
sender.domain.com[xxx.xxx.xxx.xxx]: 250-VRFY
Sep 27 13:14:04 mail postfix/smtpd[11652]: >
sender.domain.com[xxx.xxx.xxx.xxx]: 250-ETRN
Sep 27 13:14:04 mail postfix/smtpd[11652]: >
sender.domain.com[xxx.xxx.xxx.xxx]: 250-PIPELINING
Sep 27 13:14:04 mail postfix/smtpd[11652]: >
sender.domain.com[xxx.xxx.xxx.xxx]: 250-SIZE 10240000
Sep 27 13:14:04 mail postfix/smtpd[11652]: >
sender.domain.com[xxx.xxx.xxx.xxx]: 250-VRFY
Sep 27 13:14:04 mail postfix/smtpd[11652]: >
sender.domain.com[xxx.xxx.xxx.xxx]: 250-ETRN
Sep 27 13:14:04 mail postfix/smtpd[11652]: >
sender.domain.com[xxx.xxx.xxx.xxx]: 250-AUTH PLAIN LOGIN DIGEST-MD5
NTLM CRAM-MD5
Sep 27 13:14:04 mail postfix/smtpd[11652]: match_list_match:
sender.domain.com: no match
Sep 27 13:14:04 mail postfix/smtpd[11652]: match_list_match:
xxx.xxx.xxx.xxx: no match
Sep 27 13:14:04 mail postfix/smtpd[11652]: match_list_match:
sender.domain.com: no match
Sep 27 13:14:04 mail postfix/smtpd[11652]: match_list_match:
xxx.xxx.xxx.xxx: no match
Sep 27 13:14:04 mail postfix/smtpd[11652]: >
sender.domain.com[xxx.xxx.xxx.xxx]: 250-AUTH=PLAIN LOGIN DIGEST-MD5
NTLM CRAM-MD5
Sep 27 13:14:04 mail postfix/smtpd[11652]: >
sender.domain.com[xxx.xxx.xxx.xxx]: 250-AUTH=PLAIN LOGIN DIGEST-MD5
NTLM CRAM-MD5
Sep 27 13:14:04 mail postfix/smtpd[11652]: >
sender.domain.com[xxx.xxx.xxx.xxx]: 250-ENHANCEDSTATUSCODES
Sep 27 13:14:04 mail postfix/smtpd[11652]: >
sender.domain.com[xxx.xxx.xxx.xxx]: 250-ENHANCEDSTATUSCODES
Sep 27 13:14:04 mail postfix/smtpd[11652]: >
sender.domain.com[xxx.xxx.xxx.xxx]: 250-8BITMIME
Sep 27 13:14:04 mail postfix/smtpd[11652]: >
sender.domain.com[xxx.xxx.xxx.xxx]: 250 DSN
Sep 27 13:14:17 mail postfix/smtpd[11652]: <
sender.domain.com[xxx.xxx.xxx.xxx]: AUTH CRAM-MD5
Sep 27 13:14:17 mail postfix/smtpd[11652]: xsasl_cyrus_server_first:
sasl_method CRAM-MD5
Sep 27 13:14:17 mail postfix/smtpd[11652]:
xsasl_cyrus_server_auth_response: uncoded server challenge:
<4235163841.6574457@xxxxxxxxxxxxxxxxxxxx>
Sep 27 13:14:17 mail postfix/smtpd[11652]: >
sender.domain.com[xxx.xxx.xxx.xxx]: 334
PDQyMzUxNjM4NDEuNjU3NDQ1N0BtaW5pLnpwMS5uZXQ+
Sep 27 13:14:17 mail postfix/smtpd[11652]: <
sender.domain.com[xxx.xxx.xxx.xxx]:
Y2hyaXN0aWFuQHpwMS5uZXQgNDU0ZWZiODFiYTFkMzc3MWIxNjJkMjMwMjI2NmM1ZDQ=
Sep 27 13:14:17 mail postfix/smtpd[11652]: xsasl_cyrus_server_next:
decoded response: christian@xxxxxxxxxxxxxxx
454efb81ba1d3771b162d2302266c5d4
Sep 27 13:14:17 mail postfix/smtpd[11652]: warning: SASL
authentication problem: unable to open Berkeley db /etc/sasldb2:
Permission denied
Sep 27 13:14:17 mail postfix/smtpd[11652]: warning: SASL
authentication problem: unable to open Berkeley db /etc/sasldb2:
Permission denied
Sep 27 13:14:17 mail postfix/smtpd[11652]: warning: SASL
authentication failure: no secret in database
Sep 27 13:14:17 mail postfix/smtpd[11652]: warning:
sender.domain.com[xxx.xxx.xxx.xxx]: SASL CRAM-MD5 authentication
failed: authentication failure
Sep 27 13:14:17 mail postfix/smtpd[11652]: >
sender.domain.com[xxx.xxx.xxx.xxx]: 535 5.7.8 Error: authentication
failed: authentication failure
Sep 27 13:14:17 mail postfix/smtpd[11652]: xsasl_cyrus_server_next:
decoded response: christian@xxxxxxx 454efb81ba1d3771b162d2302266c5d4
Sep 27 13:14:17 mail postfix/smtpd[11652]: warning: SASL
authentication problem: unable to open Berkeley db /etc/sasldb2:
Permission denied
Sep 27 13:14:17 mail postfix/smtpd[11652]: warning: SASL
authentication problem: unable to open Berkeley db /etc/sasldb2:
Permission denied
Sep 27 13:14:17 mail postfix/smtpd[11652]: warning: SASL
authentication failure: no secret in database
Sep 27 13:14:17 mail postfix/smtpd[11652]: warning:
sender.domain.com[xxx.xxx.xxx.xxx]: SASL CRAM-MD5 authentication
failed: authentication failure
Sep 27 13:14:17 mail postfix/smtpd[11652]: >
sender.domain.com[xxx.xxx.xxx.xxx]: 535 5.7.8 Error: authentication
failed: authentication failure
Sep 27 13:14:19 mail postfix/smtpd[11652]: <
sender.domain.com[xxx.xxx.xxx.xxx]: QUIT
/etc/postfix/sasl/smtp.conf
=====================
### Global parameters
log_level: 5
### pwcheck_method: saslauthd
#saslauthd_path: /var/run/saslauthd/mux
pwcheck_method: auxprop
mech_list: PLAIN LOGIN CRAM-MD5
### auxiliary plugin parameters
auxprop_plugin:sql
sql_engine: mysql
sql_hostname: localhost
sql_hostnames :localhost
sql_user: postfix
sql_passwd: DpOdjmwxQNpbcku1pfLnvD5q4GKzhscG
sql_password: DpOdjmwxQNpbcku1pfLnvD5q4GKzhscG
sql_database: postfixdb
# sql_select: select password from users where email='%u@%r'
# sql_select: SELECT '%p' from virtual_users where username = '%u' and
auth = '1'
sql_select: SELECT password from mailbox where username = '%u' and auth = '1'
sql_usessl: no
/etc/postfix/main.cf
=======================
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
myhostname = sender.domain.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = sender.domain.com, localhost.domain.com, localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 512000000
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
#virtual_mailbox_maps =
proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf,mysql:/etc/postfix/mysql_alias.cf
virtual_minimum_uid = 5000
virtual_transport = virtual
virtual_uid_maps = static:5000
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
#######################
# GRAYLISTING
#
#check_policy_service = inet:127.0.0.1:10023
#######################
# AMAVIS
content_filter = amavis:[127.0.0.1]:10024
#sonst funktioniert das virtualalias nicht
#receive_override_options = no_address_mappings
###################
# SASL AUTH
smtpd_sasl_auth_enable = yes
smtpd_use_tls = yes
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/sender.domain.com/sender.domain.com.crt
smtpd_tls_key_file = /etc/ssl/sender.domain.com/sender.domain.com.key
smtp_tls_CAfile = /etc/ssl/sender.domain.com/sender.domain.com.pem
smtpd_sasl_application_name = smtpd
smtpd_sasl_path = smtpd
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions =
permit_mynetworks
permit_sasl_authenticated
# check_client_access hash:/var/lib/pop-before-smtp/hosts
reject_non_fqdn_hostname
reject_non_fqdn_sender
reject_non_fqdn_recipient
reject_unauth_destination
reject_unauth_pipelining
reject_invalid_hostname
reject_rbl_client list.dsbl.org
reject_rbl_client bl.spamcop.net
reject_rbl_client zen.spamhaus.org
reject_rbl_client sbl-xbl.spamhaus.org
reject_rbl_client whois.rfc-ignorant.org
reject_rbl_client ix.dnsbl.manitu.org
check_policy_service inet:127.0.0.1:10023
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd
submission inet n - n - - smtpd
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
smtps inet n - n - - smtpd -v
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
#628 inet n - - - - qmqpd
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - - 300 1 oqmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - - - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - - - - smtp
-o smtp_fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - - - - showq
error unix - - - - - error
retry unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus unix - n n - - pipe
# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
# Old example of delivery via Cyrus.
#
#old-cyrus unix - n n - - pipe
# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
#
######################
# by eichet AMAVIS
amavis unix - - - - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
127.0.0.1:10025 inet n - - - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
--
UUGRN e.V. http://www.uugrn.org/
http://mailman.uugrn.org/mailman/listinfo/uugrn
Wiki: https://wiki.uugrn.org/UUGRN:Mailingliste
Archiv: http://lists.uugrn.org/