problem mit postfix + saslauthd

Dieses Thema im Forum "Internet, lokale Netzwerke und Wireless Lan" wurde erstellt von darkelf, 16.04.2005.

  1. #1 darkelf, 16.04.2005
    darkelf

    darkelf Grünschnabel

    Dabei seit:
    08.02.2005
    Beiträge:
    8
    Zustimmungen:
    0
    Hallo

    Ich verwende postfix auf einem root-server für eine domain. Die Clients sollen sich gegen die /etc/shadow authorisieren um emails zu verschicken. Da postfix keine rechte auf die Datei /etc/shadow hat erfolgt der zugriff über das Programm saslauthd (gemäß diverser Howtos). Folgende Fehlermeldung habe ich in /var/log/mail
    Code:
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: > <<clientname[client-ip]>>: 220 smtp.<<meine-domain>> ESMTP Postfix
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: < <<clientname[client-ip]>>: EHLO dragon
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: > <<clientname[client-ip]>>: 250-smtp.<<meine-domain>>
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: > <<clientname[client-ip]>>: 250-PIPELINING
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: > <<clientname[client-ip]>>: 250-SIZE 10240000
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: > <<clientname[client-ip]>>: 250-VRFY
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: > <<clientname[client-ip]>>: 250-ETRN
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: > <<clientname[client-ip]>>: 250-AUTH OTP DIGEST-MD5 CRAM-MD5 LOGIN PLAIN
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: match_list_match: <<clientname>>: no match
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: match_list_match: <<client-ip>>: no match
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: > <<clientname[client-ip]>>: 250-AUTH=OTP DIGEST-MD5 CRAM-MD5 LOGIN PLAIN
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: > <<clientname[client-ip]>>: 250 8BITMIME
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: < <<clientname[client-ip]>>: AUTH LOGIN
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: smtpd_sasl_authenticate: sasl_method LOGIN
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: smtpd_sasl_authenticate: uncoded challenge: Username:
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: > <<clientname[client-ip]>>: 334 xxxxxxxxxxxxxx
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: < <<clientname[client-ip]>>: xxxxxxxxxxxxxxx
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: smtpd_sasl_authenticate: decoded response: xxxxxxxxx
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: smtpd_sasl_authenticate: uncoded challenge: Password:
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: > <<clientname[client-ip]>>: 334 xxxxxxxxxxx
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: < <<clientname[client-ip]>>: xxxxxxxxxxxx
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: smtpd_sasl_authenticate: decoded response: xxxxxxxxxxx
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: warning: <<clientname[client-ip]>>: SASL LOGIN authentication failed
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: > <<clientname[client-ip]>>: 535 Error: authentication failed
    Apr 16 12:32:05 h81916 postfix/smtpd[10911]: smtp_get: EOF
    
    "cannot connect to saslauthd server: Permission denied" --> welche permissions sind gemeint?
    "smtp_get: EOF" --> End Of File ???
    Vielleicht hat ja jemand ne Idee woran das liegen könnte.

    Folgende Konfiguration habe ich
    cyrus-sasl 2.1.20
    Postfix 2.2.2

    Code:
    h81916:/usr/src # postconf -n
    broken_sasl_auth_clients = yes
    command_directory = /usr/sbin
    config_directory = /etc/postfix
    daemon_directory = /usr/libexec/postfix
    debug_peer_level = 2
    html_directory = no
    inet_interfaces = all
    mail_owner = postfix
    mailq_path = /usr/bin/mailq
    manpage_directory = /usr/local/man
    mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
    mydomain = <<meine-domain.de>>
    myhostname = smtp.<<meine-domain.de>>
    myorigin = $mydomain
    newaliases_path = /usr/bin/newaliases
    queue_directory = /var/spool/postfix
    readme_directory = no
    sample_directory = /etc/postfix
    sendmail_path = /usr/sbin/sendmail
    setgid_group = postdrop
    smtpd_recipient_restrictions = permit_sasl_authenticated,reject
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    unknown_local_recipient_reject_code = 550
    
    Code:
    h81916:/usr/src # saslfinger -s
    saslfinger - postfix Cyrus sasl configuration Sa Apr 16 12:55:59 CEST 2005
    version: 0.9.9.1
    mode: server-side SMTP AUTH
    
    -- basics --
    Postfix: 2.2.2
    System:
    Welcome to SuSE Linux 9.1 (i586) - Kernel \r (\l).
    
    -- smtpd is linked to --
            libsasl2.so.2 => /usr/local/lib/libsasl2.so.2 (0x4001d000)
    
    -- active SMTP AUTH and TLS parameters for smtpd --
    broken_sasl_auth_clients = yes
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    
    
    -- listing of /usr/lib/sasl2 --
    insgesamt 1696
    drwxr-xr-x  2 root root   4096 2005-04-16 11:36 .
    drwxr-xr-x  5 root root   4096 2005-04-15 17:33 ..
    -rwxr-xr-x  1 root root    686 2005-04-15 17:32 libanonymous.la
    -rwxr-xr-x  1 root root  50833 2005-04-15 17:32 libanonymous.so
    -rwxr-xr-x  1 root root  50833 2005-04-15 17:32 libanonymous.so.2
    -rwxr-xr-x  1 root root  50833 2005-04-15 17:32 libanonymous.so.2.0.20
    -rwxr-xr-x  1 root root    674 2005-04-15 17:32 libcrammd5.la
    -rwxr-xr-x  1 root root  56364 2005-04-15 17:32 libcrammd5.so
    -rwxr-xr-x  1 root root  56364 2005-04-15 17:32 libcrammd5.so.2
    -rwxr-xr-x  1 root root  56364 2005-04-15 17:32 libcrammd5.so.2.0.20
    -rwxr-xr-x  1 root root    704 2005-04-15 17:32 libdigestmd5.la
    -rwxr-xr-x  1 root root 112569 2005-04-15 17:32 libdigestmd5.so
    -rwxr-xr-x  1 root root 112569 2005-04-15 17:32 libdigestmd5.so.2
    -rwxr-xr-x  1 root root 112569 2005-04-15 17:32 libdigestmd5.so.2.0.20
    -rwxr-xr-x  1 root root    670 2005-04-15 17:32 liblogin.la
    -rwxr-xr-x  1 root root  51949 2005-04-15 17:32 liblogin.so
    -rwxr-xr-x  1 root root  51949 2005-04-15 17:32 liblogin.so.2
    -rwxr-xr-x  1 root root  51949 2005-04-15 17:32 liblogin.so.2.0.20
    -rwxr-xr-x  1 root root    659 2005-04-15 17:32 libotp.la
    -rwxr-xr-x  1 root root 110884 2005-04-15 17:32 libotp.so
    -rwxr-xr-x  1 root root 110884 2005-04-15 17:32 libotp.so.2
    -rwxr-xr-x  1 root root 110884 2005-04-15 17:32 libotp.so.2.0.20
    -rwxr-xr-x  1 root root    670 2005-04-15 17:32 libplain.la
    -rwxr-xr-x  1 root root  52043 2005-04-15 17:32 libplain.so
    -rwxr-xr-x  1 root root  52043 2005-04-15 17:32 libplain.so.2
    -rwxr-xr-x  1 root root  52043 2005-04-15 17:32 libplain.so.2.0.20
    -rwxr-xr-x  1 root root    698 2005-04-15 17:32 libsasldb.la
    -rwxr-xr-x  1 root root  88811 2005-04-15 17:32 libsasldb.so
    -rwxr-xr-x  1 root root  88811 2005-04-15 17:32 libsasldb.so.2
    -rwxr-xr-x  1 root root  88811 2005-04-15 17:32 libsasldb.so.2.0.20
    -rw-------  1 root root     73 2005-04-16 11:36 smtpd.conf
    
    -- listing of /usr/local/lib/sasl2 --
    insgesamt 1696
    drwxr-xr-x  2 root root   4096 2005-04-16 11:36 .
    drwxr-xr-x  5 root root   4096 2005-04-15 17:33 ..
    -rwxr-xr-x  1 root root    686 2005-04-15 17:32 libanonymous.la
    -rwxr-xr-x  1 root root  50833 2005-04-15 17:32 libanonymous.so
    -rwxr-xr-x  1 root root  50833 2005-04-15 17:32 libanonymous.so.2
    -rwxr-xr-x  1 root root  50833 2005-04-15 17:32 libanonymous.so.2.0.20
    -rwxr-xr-x  1 root root    674 2005-04-15 17:32 libcrammd5.la
    -rwxr-xr-x  1 root root  56364 2005-04-15 17:32 libcrammd5.so
    -rwxr-xr-x  1 root root  56364 2005-04-15 17:32 libcrammd5.so.2
    -rwxr-xr-x  1 root root  56364 2005-04-15 17:32 libcrammd5.so.2.0.20
    -rwxr-xr-x  1 root root    704 2005-04-15 17:32 libdigestmd5.la
    -rwxr-xr-x  1 root root 112569 2005-04-15 17:32 libdigestmd5.so
    -rwxr-xr-x  1 root root 112569 2005-04-15 17:32 libdigestmd5.so.2
    -rwxr-xr-x  1 root root 112569 2005-04-15 17:32 libdigestmd5.so.2.0.20
    -rwxr-xr-x  1 root root    670 2005-04-15 17:32 liblogin.la
    -rwxr-xr-x  1 root root  51949 2005-04-15 17:32 liblogin.so
    -rwxr-xr-x  1 root root  51949 2005-04-15 17:32 liblogin.so.2
    -rwxr-xr-x  1 root root  51949 2005-04-15 17:32 liblogin.so.2.0.20
    -rwxr-xr-x  1 root root    659 2005-04-15 17:32 libotp.la
    -rwxr-xr-x  1 root root 110884 2005-04-15 17:32 libotp.so
    -rwxr-xr-x  1 root root 110884 2005-04-15 17:32 libotp.so.2
    -rwxr-xr-x  1 root root 110884 2005-04-15 17:32 libotp.so.2.0.20
    -rwxr-xr-x  1 root root    670 2005-04-15 17:32 libplain.la
    -rwxr-xr-x  1 root root  52043 2005-04-15 17:32 libplain.so
    -rwxr-xr-x  1 root root  52043 2005-04-15 17:32 libplain.so.2
    -rwxr-xr-x  1 root root  52043 2005-04-15 17:32 libplain.so.2.0.20
    -rwxr-xr-x  1 root root    698 2005-04-15 17:32 libsasldb.la
    -rwxr-xr-x  1 root root  88811 2005-04-15 17:32 libsasldb.so
    -rwxr-xr-x  1 root root  88811 2005-04-15 17:32 libsasldb.so.2
    -rwxr-xr-x  1 root root  88811 2005-04-15 17:32 libsasldb.so.2.0.20
    -rw-------  1 root root     73 2005-04-16 11:36 smtpd.conf
    
    
    
    
    -- content of /usr/lib/sasl2/smtpd.conf --
    pwcheck_method:saslauthd
    saslauthd_path:/var/state/saslauthd
    log_level:7
    
    -- content of /usr/local/lib/sasl2/smtpd.conf --
    pwcheck_method:saslauthd
    saslauthd_path:/var/state/saslauthd
    log_level:7
    
    
    -- active services in /etc/postfix/master.cf --
    # service type  private unpriv  chroot  wakeup  maxproc command + args
    #               (yes)   (yes)   (yes)   (never) (100)
    smtp      inet  n       -       n       -       -       smtpd -v
            -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    pickup    fifo  n       -       n       60      1       pickup
    cleanup   unix  n       -       n       -       0       cleanup
    qmgr      fifo  n       -       n       300     1       qmgr
    tlsmgr    unix  -       -       n       1000?   1       tlsmgr
    rewrite   unix  -       -       n       -       -       trivial-rewrite
    bounce    unix  -       -       n       -       0       bounce
    defer     unix  -       -       n       -       0       bounce
    trace     unix  -       -       n       -       0       bounce
    verify    unix  -       -       n       -       1       verify
    flush     unix  n       -       n       1000?   0       flush
    proxymap  unix  -       -       n       -       -       proxymap
    smtp      unix  -       -       n       -       -       smtp
    relay     unix  -       -       n       -       -       smtp
            -o fallback_relay=
    showq     unix  n       -       n       -       -       showq
    error     unix  -       -       n       -       -       error
    discard   unix  -       -       n       -       -       discard
    local     unix  -       n       n       -       -       local
    virtual   unix  -       n       n       -       -       virtual
    lmtp      unix  -       -       n       -       -       lmtp
    anvil     unix  -       -       n       -       1       anvil
    scache    unix  -       -       n       -       1       scache
    maildrop  unix  -       n       n       -       -       pipe
      flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
    old-cyrus unix  -       n       n       -       -       pipe
      flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
    cyrus     unix  -       n       n       -       -       pipe
      user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
    uucp      unix  -       n       n       -       -       pipe
      flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
    ifmail    unix  -       n       n       -       -       pipe
      flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
    bsmtp     unix  -       n       n       -       -       pipe
      flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
    
    -- mechanisms on localhost --
    250-AUTH OTP DIGEST-MD5 CRAM-MD5 LOGIN PLAIN
    250-AUTH=OTP DIGEST-MD5 CRAM-MD5 LOGIN PLAIN
    
    
    -- end of saslfinger output --
    
    Code:
    h81916:/usr/src # ps aux | grep saslauthd
    root      9676  0.0  0.1  1652  528 ?        Ss   11:50   0:00 /usr/sbin/saslauthd -a shadow -m /var/state/saslauthd
    root      9677  0.0  0.1  1840  872 ?        S    11:50   0:00 /usr/sbin/saslauthd -a shadow -m /var/state/saslauthd
    root      9678  0.0  0.1  1652  528 ?        S    11:50   0:00 /usr/sbin/saslauthd -a shadow -m /var/state/saslauthd
    root      9679  0.0  0.1  1652  528 ?        S    11:50   0:00 /usr/sbin/saslauthd -a shadow -m /var/state/saslauthd
    root      9680  0.0  0.1  1652  528 ?        S    11:50   0:00 /usr/sbin/saslauthd -a shadow -m /var/state/saslauthd
    root     11147  0.0  0.1  1788  696 pts/3    R+   13:10   0:00 grep saslauthd
    
    Code:
    h81916:/var/state/saslauthd # l
    insgesamt 12
    drwxr-xr-x  2 root root 4096 2005-04-16 11:38 ./
    drwxr-xr-x  3 root root 4096 2005-03-31 14:43 ../
    srwxrwxrwx  1 root root    0 2005-04-16 11:38 mux=
    -rw-------  1 root root    0 2005-04-16 11:38 mux.accept
    -rw-------  1 root root    5 2005-04-16 11:38 saslauthd.pid
    
     
  2. Anzeige

    Schau dir mal diese Kategorie an. Dort findest du bestimmt etwas.
    Registrieren bzw. einloggen, um diese und auch andere Anzeigen zu deaktivieren
  3. #2 darkelf, 18.04.2005
    darkelf

    darkelf Grünschnabel

    Dabei seit:
    08.02.2005
    Beiträge:
    8
    Zustimmungen:
    0
    Hab den Fehler selber gefunden.

    Die Datei /usr/lib/sasl2/smtpd.conf
    Code:
    pwcheck_method:saslauthd
    saslauthd_path:/var/state/saslauthd
    log_level:7
    muss heißen
    Code:
    pwcheck_method:saslauthd
    saslauthd_path:/var/state/saslauthd/mux
    dann klappts.
     
Thema:

problem mit postfix + saslauthd

Die Seite wird geladen...

problem mit postfix + saslauthd - Ähnliche Themen

  1. dovecot und postfix Konfiguration Problem

    dovecot und postfix Konfiguration Problem: Hallo, ich bekomme es einfacht hin, Dovecot und postfix richtig zu konfigurieren, damit die beiden zusammenarbeiten. Meine Configs sehen aktuell...
  2. Postfix: Problem CA-Zertifikat zu konfigurieren

    Postfix: Problem CA-Zertifikat zu konfigurieren: [gelöst] Postfix: Problem CA-Zertifikat zu konfigurieren Hallo zusammen, habe auf meinem Server ein von Geotrust signiertes Zertifikat...
  3. postfix spam problem

    postfix spam problem: Hallo, habe ein massives Problem mit postfix. Über einen Debian 5.0 Server werden sporadisch, noch nicht massiv, Spammails versendet. Ich soll...
  4. Postfix-Problem

    Postfix-Problem: [Gelöst] Postfix-Problem Guten abend leute, vielleicht hat da jemand eine idee. Und zwar habe ich mir eine SDSL-Standleitung schalten lassen...
  5. Postfix, Dovecot Mail-Directory Problem

    Postfix, Dovecot Mail-Directory Problem: Hallo, ich hab folgendes Problem: Ich hab einen Mailserver aufgesetzt (Dovecot & Postfix), er läuft zumindest mal (ob pop3/imap funktioniert,...