Hallo zusammen.

Ich habe da ein kleines Problem mit meinem Postfix (v. 2.1.1).

Und zwar habe ich vor den Postfix mit dem saslauthd per rimap laufen zu lassen. Habe nun Cyrus_sasl2 per yast installiert und die main.cf entsprechen auf sasl angepasst. Doch leider bekomme ich in den logs folgenden Eintrag:
warning: smtpd_sasl_auth_enable is true, but SASL support is not compiled in

Also Postfix mit sasl kompilieren... weis jemand welche sourcen ich da genau benötige und wie der syntax der make anweisung aussieht ?
Ein make upgrade müsste hier ja auch funktionieren, oder ?

Vielen Dank.

weis denn niemand Rat ??

Saslauthd-Unterstützung ist beim SuSE-Postfix (Zumindest ab 9.0 - schaut so aus, als würdest Du SuSE benutzen) mit drin. Du musst nur noch ggf. die verschiedenen SASL-Auth-Module mit installieren (CRAM-MD5, Login, Plain usw).

Bitte grundsätzlich mehr infos posten (Distri, Version, ggf. Konfigfiles ohne Kommentare)

Aha ! Erst mal vielen Dank für die Antwort.

Also ich nutze in der Tat Suse 9.1 mit Postfix 2.1.1.
Die Pakete waren nicht installiert, nun sind sie es -> leider keine Veränderung.

Hier mal ein Auszug aus dem log:


connect from unknown[149.239.191.1]
Jul 1 13:29:10 nemesis postfix/smtpd[24116]: warning: restriction `permit_sasl_authenticated' ignored: no SASL supportJul 1 13:29:10 nemesis postfix/smtpd[24116]: B42D140E4: client=unknown[149.239.191.1]
Jul 1 13:29:21 nemesis postfix/cleanup[24122]: B42D140E4: message-id=<20040701112844.B42D140E4@XXX>
Jul 1 13:29:21 nemesis postfix/qmgr[23977]: B42D140E4: from=<test@test.de>, size=361, nrcpt=1 (queue active)
Jul 1 13:29:21 nemesis postfix/smtpd[24126]: warning: smtpd_sasl_auth_enable is true, but SASL support is not compiled in
Jul 1 13:29:21 nemesis postfix/smtpd[24126]: connect from localhost[127.0.0.1]
Jul 1 13:29:21 nemesis postfix/smtpd[24126]: warning: restriction `permit_sasl_authenticated' ignored: no SASL support
Jul 1 13:29:21 nemesis postfix/smtpd[24126]: 69A1640EE: client=localhost[127.0.0.1]
Jul 1 13:29:21 nemesis postfix/cleanup[24122]: 69A1640EE: message-id=<20040701112844.B42D140E4@X>
Jul 1 13:29:21 nemesis postfix/smtpd[24126]: disconnect from localhost[127.0.0.1]
Jul 1 13:29:21 nemesis postfix/qmgr[23977]: 69A1640EE: from=<test@test.de>, size=907, nrcpt=1 (queue active)
Jul 1 13:29:21 nemesis postfix/smtp[24124]: B42D140E4: to=<X@X>, orig_to=<test@X>, relay=127.0.0.1[127.0.0.1], delay=37, status=sent (250 2.6.0 Ok, id=03607-09, from MTA: 250 Ok: queued as 69A1640EE)
Jul 1 13:29:21 nemesis postfix/qmgr[23977]: B42D140E4: removed
Jul 1 13:29:21 nemesis postfix/local[24128]: 69A1640EE: to=<X@mX>, relay=local, delay=0, status=sent (delivered to mailbox)
Jul 1 13:29:21 nemesis postfix/qmgr[23977]: 69A1640EE: removed
Jul 1 13:29:23 nemesis postfix/smtpd[24116]: disconnect from unknown[149.239.191.1]


Wie man sieht ist das Problem immer noch nicht behoben.

Ein Auszug aus der main.cf


smtp_sasl_auth_enable = no
smtpd_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous, noplaintext
smtpd_sasl_auth_only = no
smtpd_sasl_local_domain = X
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions =
check_sender_access hash:/etc/postfix/access,
check_recipient_access hash:/etc/postfix/access,
permit_sasl_authenticated,
permit_mynetworks,
reject_unauth_destination,
#permit_maps_rbl,
permit_mx_backup,
check_relay_domains


Bin für weitere Ideen sehr dankbar !!

Hmm, bei mir auf 'ner SuSE 9.1 funzt es einwandfrei

Poste mal bitte die Ausgabe von:

less /etc/sysconfig/saslauthd
less /etc/sysconfig/postfix
less /usr/lib/sasl2/smtpd.conf
rpm -qa | grep sasl
ps aux | grep saslauthd

Ok hier ists:


nemesis:/ # less /etc/sysconfig/saslauthd
## Path: System/Security/SASL
## Type: list(getpwent,kerberos5,pam,rimap,shadow,ldap)
## Default: pam
## ServiceRestart: saslauthd
#
# Authentication mechanism to use by saslauthd.
# See man 8 saslauthd for available mechanisms.
#
SASLAUTHD_AUTHMECH="rimap -O domain.de"


## Path: Network/Mail/Postfix
## Description: Basic configuration of the postfix MTA
## Type: string
## Default: ""
## Config: postfix
#
# Should we use a mailrelay?
# NOTE: ALL mail that is not considered to be my destination
# (POSTFIX_LOCALDOMAINS), will be sent to this host.
# If this host is not your MX, then you have to use [square brackets]
# around the hostname, e.g. [relay.example.com]
# You may also specify an alternate port number, e.g.
# relay.example.com:26 or [relay.example.com]:26 to prevent MX lookups.
#
POSTFIX_RELAYHOST=""

## Type: string
## Default: ""
## Config: postfix
#
# Comma separated list of domains that must have their subdomain
# structure stripped off.
# NOTE: If set, FROM_HEADER will also be appended to this list
#
POSTFIX_MASQUERADE_DOMAIN=""

## Type: string
## Default: ""
## Config: postfix
#
# Comma separated list of host-/domainnames for which postfix
# should accept mail for.
# localhost and the own hostname is the default if POSTFIX_LOCALDOMAINS
# is set empty.
# Examples:
# POSTFIX_LOCALDOMAINS="\$myhostname, \$mydomain, localhost.\$mydomain"
# if you want to use postfix internal variable substitutes or
# POSTFIX_LOCALDOMAINS="example.com, host.example.com, localhost.example.com"
#
POSTFIX_LOCALDOMAINS=""

## Type: yesno
## Default: no
## Config: postfix
## ServiceRestart: postfix
#
# A null client is a machine that can only send mail. It receives no
# mail from the network, and it does not deliver any mail locally.
# A null client typically uses POP or NFS for mailbox access.
# NOTE: This overrides the following variable: POSTFIX_LOCALDOMAINS
#
POSTFIX_NULLCLIENT="no"

## Type: yesno
## Default: no
## Config: postfix
#
# if set to yes, mail that will be delivered via smtp will stay
# in the queue unless someone issues "sendmail -q" or equivalent.
#
POSTFIX_DIALUP="no"

## Type: yesno
## Default: no
## Config: postfix
#
# Some people use Postfix to deliver mail across a LAN that is disconnected
# most of the time. Under such conditions, mail delivery can suffer from
# delays while the Postfix SMTP client performs sender and recipient
# domain DNS lookups in order to be standards-compliant. To prevent these
# delays, set this to yes.
#
POSTFIX_NODNS="no"

## Type: yesno
## Default: no
## Config: postfix
#
# Start postfix services chrooted, that are able to run chrooted?
# Note: if you want SuSEconfig to maintain the chroot jail, you
# also have to set POSTFIX_UPDATE_CHROOT_JAIL to yes
#
POSTFIX_CHROOT="yes"

## Type: yesno
## Default: no
## Config: postfix
#
# Set this to yes, if SuSEconfig should setup the chroot jail itself
#
POSTFIX_UPDATE_CHROOT_JAIL="yes"

## Type: yesno
## Default: no
## Config: postfix
#
# Some of the postfix services require a fifo to operate correctly at least
# when the system load is high. Recurring fifo access will prevent the
# disk to fall asleep, so you might want to use a unix domain socket
# instead, if you are using a laptop.
#
POSTFIX_LAPTOP="no"

## Type: yesno
## Default: yes
## Config: postfix
#
# Should SuSEconfig update the different .db maps in /etc/postfix?
#
POSTFIX_UPDATE_MAPS="yes"

## Type: string
## Default: ""
## Config: postfix
#
# A comma seperated list of hosts that blacklist client IP addresses
# Note: This only has effect, if POSTFIX_BASIC_SPAM_PREVENTION is set
# to either "medium" or "hard". If left empty, no RBL checks will take place.
#
# Example: POSTFIX_RBL_HOSTS="rbl1.example.com, rbl2.example.com"
#
POSTFIX_RBL_HOSTS=""

## Type: string(off,medium,hard)
## Default: off
## Config: postfix
#
# POSTFIX_BASIC_SPAM_PREVENTION possible values:
# off : postfix default configuration
# medium : medium UCE policy checks
# hard : hard UCE policy checks
#
# Setting this to medium or hard will activate some basic UCE controls
# supported by postfix. This may lead to mails which are undeliverable
# to your mailserver! USE THAT ON YOUR OWN RISC!!!
# See http://www.postfix.org/uce.html for more details !
#
POSTFIX_BASIC_SPAM_PREVENTION="off"

## Type: list(procmail,cyrus,local)
## Default: local
## Config: postfix
#
# POSTFIX_MDA possible values:
# procmail: use procmail to deliver mail locally
# cyrus : use lmtp to deliver to cyrus-imapd
# local : use postfix local MDA
#
POSTFIX_MDA="local"

## Type: yesno
## Default: no
## Config: postfix
#
# Configure postfix to enable users to auth against postfix
# to be able to relay mail independent of being within
# the local network/domain.
# You may want to edit /usr/lib/sasl2/smtpd.conf to fit
# your needs.
# See /usr/share/doc/packages/postfix/README_FILES/SASL_README
# for more details.
#
POSTFIX_SMTP_AUTH_SERVER="no"

## Type: yesno
## Default: no
## Config: postfix
#
# Enable SMTP-AUTH for the postfix smtp client
# you have to edit /etc/postfix/sasl_passwd and call
# SuSEconfig -module postfix afterwards
#
POSTFIX_SMTP_AUTH="no"

## Type: string
## Default: ""
## Config: postfix
#
# POSTFIX_SMTP_AUTH_OPTIONS possible values:
# comma separated list of one or more of
#
# noplaintext: disallow methods that use plaintext passwords
# noactive: disallow methods subject to active (non-dictionary) attack
# nodictionary: disallow methods subject to passive (dictionary) attack
# noanonymous: disallow methods that allow anonymous authentication
#
POSTFIX_SMTP_AUTH_OPTIONS=""

## Type: yesno
## Default: no
## Config: postfix
#
# Do you want to use STARTTLS or SMTP over SSL
#
POSTFIX_SMTP_TLS_SERVER="no"

## Type: yesno
## Default: no
## Config: postfix
#
# Do you want to enable postfix smtp client to use TLS
#
POSTFIX_SMTP_TLS_CLIENT="no"

## Type: string
## Default: "/etc/postfix/ssl"
## Config: postfix
#
# path to the directory where the CA can be found
#
POSTFIX_SSL_PATH="/etc/postfix/ssl"

## Type: string
## Default: "cacert.pem"
## Config: postfix
#
# name of the CA file (below POSTFIX_SSL_PATH)
#
POSTFIX_TLS_CAFILE="cacert.pem"

## Type: string
## Default: "certs/postfixcert.pem"
## Config: postfix
#
# name of the file containing the certificate (below POSTFIX_SSL_PATH)
#
POSTFIX_TLS_CERTFILE="certs/postfixcert.pem"

## Type: string
## Default: "certs/postfixkey.pem"
## Config: postfix
#
# name of the file containing the key (below POSTFIX_SSL_PATH)
#
POSTFIX_TLS_KEYFILE="certs/postfixkey.pem"

#
# The following options are used by SuSEconfig.postix and mkpostfixcert
# to create a CA and certificates
# POSTFIX_SSL_COUNTRY must be a two letter code defined by ISO 3166
#
## Type: string
## Default: "XX"
POSTFIX_SSL_COUNTRY="XX"

## Type: string
## Default: "Some state"
POSTFIX_SSL_STATE="Some state"

## Type: string
## Default: "Some locality"
POSTFIX_SSL_LOCALITY="Some locality"

## Type: string
## Default: "Some Organization"
POSTFIX_SSL_ORGANIZATION="Some Organization"

## Type: string
## Default: "Some Organizational Unit"
POSTFIX_SSL_ORGANIZATIONAL_UNIT="Some Organizational Unit"

## Type: string
## Default: "A common name"
POSTFIX_SSL_COMMON_NAME="A common name"

## Type: string
## Default: "postmaster"
POSTFIX_SSL_EMAIL_ADDRESS="postmaster"

#
# POSTFIX_ADD_*
# You may add any existing postfix parameter here. Just execute the
# postconf command to get a complete list. You then have to uppercase
# the parameter and prepend POSTFIX_ADD_.
# Example:
# Let's say you want to add the postfix parameter mailbox_size_limit.
# Then just add
# POSTFIX_ADD_MAILBOX_SIZE_LIMIT=0
# POSTFIX_ADD_MESSAGE_SIZE_LIMIT=30000000

## Type: string
## Default: 0
POSTFIX_ADD_MAILBOX_SIZE_LIMIT="0"

## Type: string
## Default: 10240000
POSTFIX_ADD_MESSAGE_SIZE_LIMIT="10240000"


nemesis:/ # less /usr/lib/sasl2/smtpd.conf
pwcheck_method: saslauthd
mech_list: plain login
/usr/lib/sasl2/smtpd.conf lines 1-2/2 (END)


nemesis:/ # rpm -qa | grep sasl
cyrus-sasl-crammd5-2.1.18-29
cyrus-sasl-digestmd5-2.1.18-29
cyrus-sasl-otp-2.1.18-29
cyrus-sasl-2.1.18-29
cyrus-sasl-devel-2.1.18-29
cyrus-sasl-gssapi-2.1.18-29
cyrus-sasl-plain-2.1.18-29


nemesis:/ # ps aux | grep saslauthd
root 3195 0.0 0.2 4184 1336 ? Ss Jun28 0:00 /usr/sbin/saslauthd -a rimap -O mail.domain.de
root 3226 0.0 0.2 4184 1336 ? S Jun28 0:00 /usr/sbin/saslauthd -a rimap -O mail.domain.de
root 3227 0.0 0.2 4184 1336 ? S Jun28 0:00 /usr/sbin/saslauthd -a rimap -O mail.domain.de
root 3228 0.0 0.2 4184 1336 ? S Jun28 0:00 /usr/sbin/saslauthd -a rimap -O mail.domain.de
root 3229 0.0 0.2 4184 1336 ? S Jun28 0:00 /usr/sbin/saslauthd -a rimap -O mail.domain.de
root 24749 0.0 0.1 1728 636 pts/5 R+ 14:39 0:00 grep saslauthd

Das Problem will einfach kein Ende nehmen....

Das Problem will einfach kein Ende nehmen....

Hast du mal probiert,

POSTFIX_SMTP_AUTH_SERVER="no"

auf yes zu stellen ?

Gruß
Terran

den neuesten postfix kannst du auf einer suse distri ganz einfach updaten (mit sasl):


make makefiles CCARGS="-DUSE_SASL_AUTH -I/usr/include"
AUXLIBS="-L/usr/lib -lsasl"

make

und danach ./postfix-install

schon geht das alles....

jedenfalls bei mir ;-)

So nach langer Auszeit bin ich wieder am Problem !

Das mit dem make upgrade dachte ich mir auch schon.
Kann ich den ein upgrade mit einer neueren (2.1.4) postfix version auf eine alte (2.0.19) ziehen?

Gruß
Dominic