Archiv verlassen und diese Seite im Standarddesign anzeigen : Postfix + Mysql + Sasl + Smtpauth
N'abend,
ich hab einen Postfixserver mit Courier. Die Accounts sind in einer MySQL Datenbank gespeichert. Courier ist kein Thema, pop/ima läuft alles einwandfrei, aber ich bekomme Postfix einfach nicht dazu die Benutzerdaten mit denen aus der MySQL DB abzugleichen. Es hakt vermutlich irgendwo zwischen Sasl -> Pam -> MySQL :D
Jul 14 17:37:49 aaa postfix/smtpd[25490]: warning: p5083xxx.dip0.t-ipconnect.de[80.131.196.x]: SASL LOGIN authentication failed
Jul 14 17:37:51 aaa postfix/smtpd[25490]: lost connection after AUTH from p5083xxx.dip0.t-ipconnect.de[80.131.196.x]
Jul 14 17:37:51 aaa postfix/smtpd[25490]: disconnect from p5083xxx.dip0.t-ipconnect.de[80.131.196.x]
/etc/postfix/main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
myhostname = aaa
mydomain = aaa.de
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = $myhostname, localhost.$mydomain, localhost
relayhost =
mynetworks = 127.0.0.0/8, 212.112.x.y
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
# What recipient addresses do we accept email for.
# (permit_mynetworks: permit all mail from $mynetworks)
# (permit_sasl_authenticates: trust SMTP-AUTH users)
smtpd_recipient_restrictions =
permit_mynetworks
permit_sasl_authenticated
reject_unauth_destination
# Where are virtual mailboxes locate on the disk
virtual_mailbox_base = /home/vmail
# Where in the above directory are the user's mailboxes.
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf
# What virtual domains are there?
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_mailbox_domains.cf
# No virtual alias domains
# (which are used to forward virtual addresses to local users)
virtual_alias_domains =
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_alias_maps.cf
# What user/group ownerships are used when writing to the mailbox?
virtual_uid_maps = static:789
virtual_gid_maps = static:789
# SMTP AUTH (SASL)
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
# Be nice to brokenware like Outlook Express:
broken_sasl_auth_clients = yes
# Enable TLS encryption
smtpd_use_tls = yes
# Be nice to ancient Microsoft clients
broken_sasl_auth_clients = yes
# The location of the SSL certificate
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
# The location of the SSL private key
smtpd_tls_key_file = /etc/postfix/smtpd.key
# Send all email through Amavis (leave it out if you don't want amavis)
#content_filter = smtp-amavis:[127.0.0.1]:10024
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
program_directory = /usr/lib/postfix
Nun hab ich folgendes gemacht um Sasl über Pam mit der MySQL Datenbank zu verbinden:
/etc/postfix/sasl/smtpd.conf
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
/etc/default/saslauthd
START=yes
MECHANISMS="pam"
/etc/pam.d/smtpd
auth required pam_mysql.so user=mail passwd=xyz host=127.0.0.1 db=provider table=users usercolumn=email passwdcolumn=password crypt=1
account sufficient pam_mysql.so user=mail passwd=xyz host=127.0.0.1 db=provider table=users usercolumn=email passwdcolumn=password crypt=1
Trotzdem bekomme ich immer den authentication failed-Fehler von oben mit den Daten die einwandfrei bei pop und imap funktionieren :rolleyes:
binary trust
02.03.05, 14:45
hi,
ich hänge gerade an genau der selben stelle.
hast du das problem mittlerweile lösen können ?
wäre für ein paar tipps sehr sehr dankbar!
gruß
binary
Roger Wilco
02.03.05, 15:51
Schalte mal das Query-Logging von MySQL ein und schau, welche Abfragen bei der Authentifizierung abgesetzt werden.
Ach, und der saslauthd läuft auch sicher? ;)
binary trust
02.03.05, 16:50
jepp zugriff auf mysql erfolgt,
der benutzername ist wie folgt aufgebaut user@domain.tld.
dummsinnigerweise sagt pam das der username nur user wäre!
und hier die logs:
SYSLOG:
Mar 2 17:17:35 localhost saslauthd[2626]: pam_mysql: select returned more than one result
Mar 2 17:17:35 localhost saslauthd[2626]: DEBUG: auth_pam: pam_authenticate failed: Authentication failure
Mar 2 17:17:35 localhost saslauthd[2626]: do_auth : auth failure: [user=maik] [service=smtp] [realm=creative.de] [mech=pam] [reason=PAM auth error]
MYSQL LOG:
050302 17:15:22 4 Connect postfix@localhost.localdomain on postfix
4 Init DB postfix
4 Query SELECT password FROM mailbox WHERE username='maik'
ausgabe von testsaslauthd:
testsaslauthd -u maik@creative.de -p test -f /var/spool/postfix/var/run/saslauthd/mux
0: NO "authentication failed"
/etc/postfix/sasl/smtpd.conf
pwcheck_method: saslauthd
#pwcheck_method: pam
#mech_list: plain login
log_level: 7
/etc/pam.d/smtp
auth requisite /lib/security/pam_mysql.so user=postfix passwd=postfix host=127.0.0.1 db=postfix table=mailbox usercolumn=username passwdcolumn=password logtable=log logmsgcolumn=msg logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time
am startscript des saslauthd hab ich eine kleine änderung vorgenohmen das der socket im chroot von postfix liegt ...
Roger Wilco
02.03.05, 16:53
der benutzername ist wie folgt aufgebaut user@domain.tld.
dummsinnigerweise sagt pam das der username nur user wäre!
man saslauthd -> Parameter "-r"
binary trust
02.03.05, 17:12
-r Combine the realm with the login (with an '@' sign in between). e.g. login: "foo" realm: "bar" will get passed as
login: "foo@bar". Note that the realm will still be passed, which may lead to unexpected behavior.
das bedeutet doch das er denn "bereich mit dem login kombiniert" .
was ist denn bei saslauthd ein bereich? ich hab nun mal im initscript denn -r parameter mitgegeben, hier die neue fehlermeldung:
Mar 2 18:00:02 localhost postfix/smtpd[3152]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
Mar 2 18:00:02 localhost postfix/smtpd[3152]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
Mar 2 18:00:02 localhost saslauthd[3148]: DEBUG: auth_pam: pam_authenticate failed: Authentication failure
Mar 2 18:00:03 localhost saslauthd[3148]: do_auth : auth failure: [user=maik@creative.de] [service=smtp] [realm=creative.de] [mech=pam] [reason=PAM auth error]
Mar 2 18:00:03 localhost postfix/smtpd[3152]: warning: unknown[10.2.3.133]: SASL LOGIN authentication failed
Mar 2 18:00:03 localhost postfix/smtpd[3152]: > unknown[10.2.3.133]: 535 Error: authentication failed
was mich ebenso irritiert ist das er immernoch auf die /etc/sasldb versucht zuzugreifen! laut meinen einstellungen sollte er diese ja eigentlich garnichtmehr prüfen ...
Roger Wilco
02.03.05, 18:29
was ist denn bei saslauthd ein bereich? ich hab nun mal im initscript denn -r parameter mitgegeben, hier die neue fehlermeldung:
Der realm ist einfach ausgedrückt die Domain, für die die Authentifizierung durchgeführt wird, also Teil nach dem @.
Wie du an dem Logauszug sehen kannst, benutzt saslauthd jetzt maik@creative.de als user, anstatt nur maik.
Die Sache mit der SASLDB wird aber durch irgendeine andere Einstellung verursacht. Wie hast du denn bspw. den Parameter "-r" zum Starten von saslauthd angehängt? Wird dadurch vielleicht irgendwie "-a pam" verhindert?
binary trust
02.03.05, 19:48
nö,
bin jetzt zwar daheim aber der parameter war soweit ich mich erinnern kann ihrgenwas mit "-r -m /var/spool/postfix/var/run/saslauthd" ....
binary trust
03.03.05, 12:35
ich poste mal meine ganzen konfigurationsdateien sowie logmeldungen
/etc/postfix/sasl/smtpd.conf
pwcheck_method: saslauthd
log_level: 7
/etc/pam.d/smtp
auth requisite /lib/security/pam_mysql.so user=postfix passwd=postfix host=127.0.0.1 db=postfix table=mailbox usercolumn=username passwdcolumn=password logtable=log logmsgcolumn=msg logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time
änderung an /etc/init.de/saslauthd
PWDIR=/var/run/saslauthd
PARAMS="-r -m /var/spool/postfix/var/run/saslauthd"
PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"
#PIDFILE="/var/run/${NAME}/saslauthd.pid"
/etc/default/saslauthd
START=yes
MECHANISMS="pam"
fehlerlog
Mar 3 13:29:23 localhost postfix/smtpd[2899]: watchdog_pat: 0x8085b10
Mar 3 13:29:23 localhost postfix/smtpd[2899]: < unknown[10.2.3.133]: EHLO [10.2.3.133]
Mar 3 13:29:23 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 250-mail.creative.de
Mar 3 13:29:23 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 250-PIPELINING
Mar 3 13:29:23 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 250-SIZE 10240000
Mar 3 13:29:23 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 250-VRFY
Mar 3 13:29:23 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 250-ETRN
Mar 3 13:29:23 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 250-STARTTLS
Mar 3 13:29:23 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 250-AUTH NTLM LOGIN PLAIN DIGEST-MD5 CRAM-MD5
Mar 3 13:29:23 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 250-AUTH=NTLM LOGIN PLAIN DIGEST-MD5 CRAM-MD5
Mar 3 13:29:23 localhost postfix/smtpd[2899]: match_list_match: unknown: no match
Mar 3 13:29:23 localhost postfix/smtpd[2899]: match_list_match: 10.2.3.133: no match
Mar 3 13:29:23 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 250 8BITMIME
Mar 3 13:29:23 localhost postfix/smtpd[2899]: watchdog_pat: 0x8085b10
Mar 3 13:29:25 localhost postfix/smtpd[2899]: < unknown[10.2.3.133]: AUTH CRAM-MD5
Mar 3 13:29:25 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: sasl_method CRAM-MD5
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: uncoded challenge: <2164730Mar 3 13:29:23 localhost postfix/smtpd[2899]: watchdog_pat: 0x8085b10
Mar 3 13:29:23 localhost postfix/smtpd[2899]: < unknown[10.2.3.133]: EHLO [10.2.3.133]
Mar 3 13:29:23 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 250-mail.creative.de
Mar 3 13:29:23 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 250-PIPELINING
Mar 3 13:29:23 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 250-SIZE 10240000
Mar 3 13:29:23 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 250-VRFY
Mar 3 13:29:23 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 250-ETRN
Mar 3 13:29:23 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 250-STARTTLS
Mar 3 13:29:23 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 250-AUTH NTLM LOGIN PLAIN DIGEST-MD5 CRAM-MD5
Mar 3 13:29:23 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 250-AUTH=NTLM LOGIN PLAIN DIGEST-MD5 CRAM-MD5
Mar 3 13:29:23 localhost postfix/smtpd[2899]: match_list_match: unknown: no match
Mar 3 13:29:23 localhost postfix/smtpd[2899]: match_list_match: 10.2.3.133: no match
Mar 3 13:29:23 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 250 8BITMIME
Mar 3 13:29:23 localhost postfix/smtpd[2899]: watchdog_pat: 0x8085b10
Mar 3 13:29:25 localhost postfix/smtpd[2899]: < unknown[10.2.3.133]: AUTH CRAM-MD5
Mar 3 13:29:25 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: sasl_method CRAM-MD5
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: uncoded challenge: <2164730956.2556775@mail.creative.de>
Mar 3 13:29:26 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 334 PDIxNjQ3MzA5NTYuMjU1Njc3NUBtYWlsLmNyZWF0aXZlLmRlPg ==
Mar 3 13:29:26 localhost postfix/smtpd[2899]: < unknown[10.2.3.133]: bWFpa0BjcmVhdGl2ZS5kZSAyODNhNWY5Yjc1ZDA4NzAzNDg1NG U1NDNmODY5YzVkMQ==
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: decoded response: maik@creative.de 283a5f9b75d087034854e543f869c5d1
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No suchfile or directory
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No suchfile or directory
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: SASL authentication failure: no secret in database
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: unknown[10.2.3.133]: SASL CRAM-MD5 authentication failed
Mar 3 13:29:26 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 535 Error: authentication failed
Mar 3 13:29:26 localhost postfix/smtpd[2899]: watchdog_pat: 0x8085b10
Mar 3 13:29:26 localhost postfix/smtpd[2899]: < unknown[10.2.3.133]: AUTH NTLM TlRMTVNTUAABAAAAB4IIAAAAAAAAAAAAAAAAAAAAAAA=
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: sasl_method NTLM, init_response TlRMTVNTUAABAAAAB4IIAAAAAAAAAAAAAAAAAAAAAAA=
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: decoded initial response NTLMSSP
Mar 3 13:29:26 localhost postfix/smtpd[2899]: NTLM server step 1
Mar 3 13:29:26 localhost postfix/smtpd[2899]: client flags: ffff8207
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: uncoded challenge: NTLMSSP
Mar 3 13:29:26 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 334 TlRMTVNTUAACAAAAIAAgADAAAAAFggIAopKFATntNAEAAAAAAA AAAAAAAAAAAAAATQBBAEkATAAuAEMAUgBFAEEAVABJAFYARQAu AEQARQA=
Mar 3 13:29:26 localhost postfix/smtpd[2899]: < unknown[10.2.3.133]: TlRMTVNTUAADAAAAGAAYAGwAAAAYABgAhAAAAAAAAABAAAAAIA AgAEAAAAAMAAwAYAAAAAAAAAAAAAAABYIAAG0AYQBpAGsAQABj AHIAZQBhAHQAaQB2AGUALgBkAGUAZABlAGIAaQBhAG4A94Idck ZEKRFvQOouyM6ouVAWcpe715Cuf/NmbF4KoDirjuJUAgZhYZBgv6OVaCCC
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: decoded response: NTLMSSP
Mar 3 13:29:26 localhost postfix/smtpd[2899]: NTLM server step 2
Mar 3 13:29:26 localhost postfix/smtpd[2899]: client user: maik@creative.de
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No suchfile or directory
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No suchfile or directory
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: SASL authentication failure: no secret in database
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: unknown[10.2.3.133]: SASL NTLM authentication failed
Mar 3 13:29:26 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 535 Error: authentication failed
Mar 3 13:29:26 localhost postfix/smtpd[2899]: watchdog_pat: 0x8085b10
Mar 3 13:29:26 localhost postfix/smtpd[2899]: < unknown[10.2.3.133]: AUTH PLAIN AG1haWtAY3JlYXRpdmUuZGUAdGVzdA==
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: sasl_method PLAIN, init_response AG1haWtAY3JlYXRpdmUuZGUAdGVzdA==
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: decoded initial response
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No suchfile or directory
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No suchfile or directory
Mar 3 13:29:26 localhost saslauthd[2634]: DEBUG: auth_pam: pam_authenticate failed: Authentication failure
Mar 3 13:29:26 localhost saslauthd[2634]: do_auth : auth failure: [user=maik@creative.de] [service=smtp] [realm=creative.de][mech=pam] [reason=PAM auth error]
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: SASL authentication failure: Password verification failed
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: unknown[10.2.3.133]: SASL PLAIN authentication failed
Mar 3 13:29:26 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 535 Error: authentication failed
Mar 3 13:29:26 localhost postfix/smtpd[2899]: watchdog_pat: 0x8085b10
Mar 3 13:29:26 localhost postfix/smtpd[2899]: < unknown[10.2.3.133]: AUTH LOGIN
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: sasl_method LOGIN
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: uncoded challenge: Username:
Mar 3 13:29:26 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 334 VXNlcm5hbWU6
Mar 3 13:29:26 localhost postfix/smtpd[2899]: < unknown[10.2.3.133]: bWFpa0BjcmVhdGl2ZS5kZQ==
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: decoded response: maik@creative.de
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: uncoded challenge: Password:
Mar 3 13:29:26 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 334 UGFzc3dvcmQ6
Mar 3 13:29:26 localhost postfix/smtpd[2899]: < unknown[10.2.3.133]: dGVzdA==
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: decoded response: test
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No suchfile or directory
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No suchfile or directory
Mar 3 13:29:26 localhost saslauthd[2635]: DEBUG: auth_pam: pam_authenticate failed: Authentication failure
Mar 3 13:29:26 localhost saslauthd[2635]: do_auth : auth failure: [user=maik@creative.de] [service=smtp] [realm=creative.de][mech=pam] [reason=PAM auth error]
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: unknown[10.2.3.133]: SASL LOGIN authentication failed
Mar 3 13:29:26 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 535 Error: authentication failed
Mar 3 13:29:26 localhost postfix/smtpd[2899]: watchdog_pat: 0x8085b10
Mar 3 13:29:29 localhost postfix/smtpd[2899]: smtp_get: EOF
Mar 3 13:29:29 localhost postfix/smtpd[2899]: lost connection after AUTH from unknown[10.2.3.133]
Mar 3 13:29:29 localhost postfix/smtpd[2899]: disconnect from unknown[10.2.3.133]
Mar 3 13:29:29 localhost postfix/smtpd[2899]: master_notify: status 1
Mar 3 13:29:29 localhost postfix/smtpd[2899]: connection closed
956.2556775@mail.creative.de>
Mar 3 13:29:26 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 334 PDIxNjQ3MzA5NTYuMjU1Njc3NUBtYWlsLmNyZWF0aXZlLmRlPg ==
Mar 3 13:29:26 localhost postfix/smtpd[2899]: < unknown[10.2.3.133]: bWFpa0BjcmVhdGl2ZS5kZSAyODNhNWY5Yjc1ZDA4NzAzNDg1NG U1NDNmODY5YzVkMQ==
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: decoded response: maik@creative.de 283a5f9b75d087034854e543f869c5d1
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No suchfile or directory
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No suchfile or directory
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: SASL authentication failure: no secret in database
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: unknown[10.2.3.133]: SASL CRAM-MD5 authentication failed
Mar 3 13:29:26 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 535 Error: authentication failed
Mar 3 13:29:26 localhost postfix/smtpd[2899]: watchdog_pat: 0x8085b10
Mar 3 13:29:26 localhost postfix/smtpd[2899]: < unknown[10.2.3.133]: AUTH NTLM TlRMTVNTUAABAAAAB4IIAAAAAAAAAAAAAAAAAAAAAAA=
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: sasl_method NTLM, init_response TlRMTVNTUAABAAAAB4IIAAAAAAAAAAAAAAAAAAAAAAA=
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: decoded initial response NTLMSSP
Mar 3 13:29:26 localhost postfix/smtpd[2899]: NTLM server step 1
Mar 3 13:29:26 localhost postfix/smtpd[2899]: client flags: ffff8207
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: uncoded challenge: NTLMSSP
Mar 3 13:29:26 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 334 TlRMTVNTUAACAAAAIAAgADAAAAAFggIAopKFATntNAEAAAAAAA AAAAAAAAAAAAAATQBBAEkATAAuAEMAUgBFAEEAVABJAFYARQAu AEQARQA=
Mar 3 13:29:26 localhost postfix/smtpd[2899]: < unknown[10.2.3.133]: TlRMTVNTUAADAAAAGAAYAGwAAAAYABgAhAAAAAAAAABAAAAAIA AgAEAAAAAMAAwAYAAAAAAAAAAAAAAABYIAAG0AYQBpAGsAQABj AHIAZQBhAHQAaQB2AGUALgBkAGUAZABlAGIAaQBhAG4A94Idck ZEKRFvQOouyM6ouVAWcpe715Cuf/NmbF4KoDirjuJUAgZhYZBgv6OVaCCC
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: decoded response: NTLMSSP
Mar 3 13:29:26 localhost postfix/smtpd[2899]: NTLM server step 2
Mar 3 13:29:26 localhost postfix/smtpd[2899]: client user: maik@creative.de
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No suchfile or directory
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No suchfile or directory
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: SASL authentication failure: no secret in database
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: unknown[10.2.3.133]: SASL NTLM authentication failed
Mar 3 13:29:26 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 535 Error: authentication failed
Mar 3 13:29:26 localhost postfix/smtpd[2899]: watchdog_pat: 0x8085b10
Mar 3 13:29:26 localhost postfix/smtpd[2899]: < unknown[10.2.3.133]: AUTH PLAIN AG1haWtAY3JlYXRpdmUuZGUAdGVzdA==
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: sasl_method PLAIN, init_response AG1haWtAY3JlYXRpdmUuZGUAdGVzdA==
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: decoded initial response
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No suchfile or directory
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No suchfile or directory
Mar 3 13:29:26 localhost saslauthd[2634]: DEBUG: auth_pam: pam_authenticate failed: Authentication failure
Mar 3 13:29:26 localhost saslauthd[2634]: do_auth : auth failure: [user=maik@creative.de] [service=smtp] [realm=creative.de][mech=pam] [reason=PAM auth error]
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: SASL authentication failure: Password verification failed
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: unknown[10.2.3.133]: SASL PLAIN authentication failed
Mar 3 13:29:26 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 535 Error: authentication failed
Mar 3 13:29:26 localhost postfix/smtpd[2899]: watchdog_pat: 0x8085b10
Mar 3 13:29:26 localhost postfix/smtpd[2899]: < unknown[10.2.3.133]: AUTH LOGIN
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: sasl_method LOGIN
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: uncoded challenge: Username:
Mar 3 13:29:26 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 334 VXNlcm5hbWU6
Mar 3 13:29:26 localhost postfix/smtpd[2899]: < unknown[10.2.3.133]: bWFpa0BjcmVhdGl2ZS5kZQ==
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: decoded response: maik@creative.de
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: uncoded challenge: Password:
Mar 3 13:29:26 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 334 UGFzc3dvcmQ6
Mar 3 13:29:26 localhost postfix/smtpd[2899]: < unknown[10.2.3.133]: dGVzdA==
Mar 3 13:29:26 localhost postfix/smtpd[2899]: smtpd_sasl_authenticate: decoded response: test
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No suchfile or directory
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No suchfile or directory
Mar 3 13:29:26 localhost saslauthd[2635]: DEBUG: auth_pam: pam_authenticate failed: Authentication failure
Mar 3 13:29:26 localhost saslauthd[2635]: do_auth : auth failure: [user=maik@creative.de] [service=smtp] [realm=creative.de][mech=pam] [reason=PAM auth error]
Mar 3 13:29:26 localhost postfix/smtpd[2899]: warning: unknown[10.2.3.133]: SASL LOGIN authentication failed
Mar 3 13:29:26 localhost postfix/smtpd[2899]: > unknown[10.2.3.133]: 535 Error: authentication failed
Mar 3 13:29:26 localhost postfix/smtpd[2899]: watchdog_pat: 0x8085b10
Mar 3 13:29:29 localhost postfix/smtpd[2899]: smtp_get: EOF
Mar 3 13:29:29 localhost postfix/smtpd[2899]: lost connection after AUTH from unknown[10.2.3.133]
Mar 3 13:29:29 localhost postfix/smtpd[2899]: disconnect from unknown[10.2.3.133]
Mar 3 13:29:29 localhost postfix/smtpd[2899]: master_notify: status 1
Mar 3 13:29:29 localhost postfix/smtpd[2899]: connection closed
was ich nicht versehe warum saslauth immernoch versucht auf die sasldb zuzugreifen! desweiteren gibt es diese datei sogar, müsste zwar leer sein aber existieren sollte sie ... postfix läuft im chroot aber der saslauthd sollte damit ja nichts zu tuhen haben, oder?
der mysqld.log sagt
050303 13:29:26 8 Connect postfix@localhost.localdomain on postfix
8 Init DB postfix
8 Query SELECT password FROM mailbox WHERE username='maik@creative.de'
direkte mysql eingabe
mysql> select password from mailbox where username="maik@creative.de";
+------------------------------------+
| password |
+------------------------------------+
| $1$92be7031$QJmc4A9zgN/u87/6AtC7V1 |
+------------------------------------+
1 row in set (0.00 sec)
ich weis einfach nichtmehr weiter !
Roger Wilco
03.03.05, 13:56
Du hast verschlüsselte Passwörter in der Datenbank, bietest aber Authentifizierungsmechanismen wie NTLM, CRAM-MD5 oder DIGEST-MD5 an. Das ist nicht möglich. Beschränke das auf LOGIN und PLAIN.
binary trust
03.03.05, 17:21
jepp hab ich geändert,
hab auch gesehen das ich vor lauter testen in der /etc/pam.d/smtp hinter password crypt=1 vergessen hatte. es läuft dennoch nicht :(
jepp hab ich geändert,
hab auch gesehen das ich vor lauter testen in der /etc/pam.d/smtp hinter password crypt=1 vergessen hatte. es läuft dennoch nicht :(
Moin,
ich plage mich jetzt ein halbes jahr später damit rum - hast du eine antwort gefunden ?!? vielleicht hättest ja lust es zu posten?!?
jpk
Powered by vBulletin® Version 4.2.5 Copyright ©2024 Adduco Digital e.K. und vBulletin Solutions, Inc. Alle Rechte vorbehalten.