Postfix + smtp auth + tls

**Thrawn** · 22.07.04, 13:33

Hallo zusammen,
hoffe dass mir jemand von euch vielleicht nen guten Tipp geben kann.
Folgendes Problem: Wenn ich mit Postfix über den Relayserver von Freenet meine Mails schicken will klappt das auch alles. Sobald ich aber das ganze per TLS machen will, authet er sich nichtmehr gegenüber Freenet. Anstatt sich zu authen überspringt er das und geht gleich zum nächsten Punkt über.

System ist ein Debian Woody.

Hier mal ein paar Auszüge aus den Logs:

/var/log/mail.info

Jul 22 14:09:37 server postfix/smtp[11861]: TLS connection established to mx.freenet.de: TLSv1 with cipher DES-CBC3-SHA (168/168 bits)
Jul 22 14:09:37 server postfix/smtp[11861]: > mx.freenet.de[194.97.50.144]: EHLO server
Jul 22 14:09:37 server postfix/smtp[11861]: < mx.freenet.de[194.97.50.144]: 250-mx1.freenet.de Hello pd2e452eb.dip.t-dialin.net [227.217.139.232]
Jul 22 14:09:37 server postfix/smtp[11861]: < mx.freenet.de[194.97.50.144]: 250-SIZE 104857600
Jul 22 14:09:37 server postfix/smtp[11861]: < mx.freenet.de[194.97.50.144]: 250-ETRN
Jul 22 14:09:37 server postfix/smtp[11861]: < mx.freenet.de[194.97.50.144]: 250-PIPELINING
Jul 22 14:09:37 server postfix/smtp[11861]: < mx.freenet.de[194.97.50.144]: 250-AUTH LOGIN PLAIN CRAM-MD5
Jul 22 14:09:37 server postfix/smtp[11861]: < mx.freenet.de[194.97.50.144]: 250 HELP
Jul 22 14:09:37 server postfix/smtp[11861]: Using ESMTP PIPELINING, TCP send buffer size is 16384
Jul 22 14:09:37 server postfix/smtp[11861]: lookup test.homelinux.org type 15 flags 0
Jul 22 14:09:37 server postfix/smtp[11861]: dns_query: test.homelinux.org (MX): Host found but no data record of requested type
Jul 22 14:09:37 server postfix/smtp[11861]: lookup test.homelinux.org type 1 flags 0
Jul 22 14:09:37 server postfix/smtp[11861]: dns_query: test.homelinux.org (A): OK
Jul 22 14:09:37 server postfix/smtp[11861]: dns_get_answer: type A for test.homelinux.org
Jul 22 14:09:37 server postfix/smtp[11861]: > mx.freenet.de[194.97.50.144]: MAIL FROM:<mueller@test.homelinux.org> SIZE=496
Jul 22 14:09:37 server postfix/smtp[11861]: lookup web.de type 15 flags 0
Jul 22 14:09:38 server postfix/smtp[11861]: dns_query: web.de (MX): OK
Jul 22 14:09:38 server postfix/smtp[11861]: dns_get_answer: type MX for web.de
Jul 22 14:09:38 server postfix/smtp[11861]: dns_get_answer: type MX for web.de
Jul 22 14:09:38 server postfix/smtp[11861]: > mx.freenet.de[194.97.50.144]: RCPT TO:<neo_sr@web.de>
Jul 22 14:09:38 server postfix/smtp[11861]: > mx.freenet.de[194.97.50.144]: DATA
Jul 22 14:09:38 server postfix/smtp[11861]: < mx.freenet.de[194.97.50.144]: 250 OK
Jul 22 14:09:38 server postfix/smtp[11861]: < mx.freenet.de[194.97.50.144]: 550 authentication required
Jul 22 14:09:38 server postfix/smtp[11861]: connect to subsystem private/bounce
Jul 22 14:09:38 server postfix/smtp[11861]: send attr nrequest = 0
Jul 22 14:09:38 server postfix/smtp[11861]: send attr flags = 0
Jul 22 14:09:38 server postfix/smtp[11861]: send attr queue_id = C040E728FE
Jul 22 14:09:38 server postfix/smtp[11861]: send attr recipient = thrawnk@web.de
Jul 22 14:09:38 server postfix/smtp[11861]: send attr reason = host mx.freenet.de[194.97.50.144] said: 550 authentication required
Jul 22 14:09:38 server postfix/smtp[11861]: private/bounce socket: wanted attribute: status
Jul 22 14:09:38 server postfix/smtp[11861]: input attribute name: status
Jul 22 14:09:38 server postfix/smtp[11861]: input attribute value: 0
Jul 22 14:09:38 server postfix/smtp[11861]: private/bounce socket: wanted attribute: (list terminator)
Jul 22 14:09:38 server postfix/smtp[11861]: input attribute name: (end)
Jul 22 14:09:38 server postfix/smtp[11861]: C040E728FE: to=<thrawnk@web.de>, relay=mx.freenet.de[194.97.50.144], delay=2, status=bounced (host mx.freenet.de[194.97.50.144] said: 550 authentication required)
Jul 22 14:09:38 server postfix/smtp[11861]: < mx.freenet.de[194.97.50.144]: 503 valid RCPT command must precede DATA
Jul 22 14:09:38 server postfix/smtp[11861]: > mx.freenet.de[194.97.50.144]: RSET
Jul 22 14:09:38 server postfix/smtp[11861]: > mx.freenet.de[194.97.50.144]: QUIT
Jul 22 14:09:38 server postfix/smtp[11861]: < mx.freenet.de[194.97.50.144]: 250 Reset OK
Jul 22 14:09:38 server postfix/smtp[11861]: name_mask: resource
Jul 22 14:09:38 server postfix/smtp[11861]: name_mask: software
Jul 22 14:09:38 server postfix/smtp[11861]: deliver_request_final: send: "" 0
Jul 22 14:09:38 server postfix/smtp[11861]: send attr reason =
Jul 22 14:09:38 server postfix/smtp[11861]: send attr status = 0
Jul 22 14:09:38 server postfix/smtp[11861]: master_notify: status 1
Jul 22 14:09:38 server postfix/smtp[11861]: connection closed

main.cf

command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
program_directory = /usr/lib/postfix

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
setgid_group = postdrop
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no
myhostname = server
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = server, localhost.localdomain, localhost, test.homelinux.org
relayhost = mx.freenet.de
mynetworks = 127.0.0.0/8 192.168.100.145/24 192.168.100.146/24
mailbox_command =
mailbox_size_limit = 0
recipient_delimiter = +

#Beschränkungen
smtpd_recipent_restrictions =
permit_auth_destination
reject_unauth_destination
reject_invalid_hostname
reject_no_fqdn_hostname
reject_non_fqdn_recipent
reject_non_fqdn_sender

smtpd_data_restrictions =
reject_unauth_pipelining

smtpd_helo_required = yes

maps_rbl_domains = relays.ordb.org
smtpd_client_restrictions = reject_maps_rbl

#TLS
smtp_use_tls = yes
smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.pem
smtp_sasl_tls_security_options = $smtp_sasl_security_options
smtp_sasl_tls_verified_security_options = $smtp_sasl_tls_security_options
smtp_tls_enforce_peername = no
smtp_tls_per_site = hash:/etc/postfix/tls_per_site
smtp_tls_note_starttls_offer = yes

smtpd_use_tls = yes
smptd_tls_auth_only = yes
smtpd_tls_key_file = /etc/ssl/certs/ldapkey.pem
smtpd_tls_cert_file = /etc/ssl/certs/ldapcert.pem
smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem
smtp_sasl_tls_security_options = $smtpd_sasl_security_options
tls_random_source = dev:/dev/urandom

#SASL
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous, noplaintext
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options =
broken_sasl_auth_clients = yes

#mbox durch maildir ersetzen
home_mailbox = Maildir/

**Thrawn** · 22.07.04, 14:12

Für alle die es vielleicht interesiert. Ich hab das Problem gelöst.
Anscheinend führt Postfix nach einem erfolgreichen STARTTLS kein AUTH mehr durch.

Hab hier die Lösung des Entwicklers gefunden:

http://www.aet.tu-cottbus.de/piperma...02/000344.html

MfG Thrawn

Thema: Postfix + smtp auth + tls

Themen-Optionen

Thema bewerten

Anzeige

Postfix + smtp auth + tls

Ähnliche Themen

Postfix - Mail wird nicht gesendet

Problem mit Postfix

Postfix- Mails verschwinden

Macht POSTFIX den ganzen Server lahm?

postfix smtp auth

Lesezeichen

Lesezeichen

Berechtigungen