Blandorin
05.02.06, 14:36
Hallo :)
Auf meinem Server läuft Courier, und ich möchte nun das POP3-Modul so einrichten, dass ich mich mit meinen System-Daten einloggen kann und die entsprechenden eMail auslesen kann. Es soll also eine Authentifizierung über die shadow-Datei erfolgen.
Im Ordner /etc/courier befindet sich die Datei: pop3d mit folgendem Inhalt:
##VERSION: $Id: pop3d,v 1.4 2003/08/08 14:12:58 lisp Exp $
#
# pop3d created from pop3d.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# Copyright 1998 - 2002 Double Precision, Inc. See COPYING for
# distribution information.
#
# Courier POP3 daemon configuration
#
##NAME: PIDFILE:0
#
PIDFILE=/var/run/courier/pop3d.pid
##NAME: MAXDAEMONS:0
#
# Maximum number of POP3 servers started
#
MAXDAEMONS=40
##NAME: MAXPERIP:4
#
# Maximum number of connections to accept from the same IP address
MAXPERIP=4
##NAME: AUTHMODULES:0
#
################################################## #######################
##
## Authentication modules which attempt to validate userid/password
## combinations. See authpam(8) for more information. The default set
## is installed at configuration time. You may have to edit the following
## to remove unnecessary authentication modules. In particular, if
## authpam is included in the list below, you will have to remove authpwd
## and authshadow, since their functionality is included in the authpam
## module.
##
################################################## #######################
AUTHMODULES="authdaemon"
##NAME: AUTHMODULES_ORIG:0
#
# This setting is for use with webadmin
AUTHMODULES_ORIG="authdaemon"
##NAME: DEBUG_LOGIN:0
#
# Dump additional login diagnostics to syslog
#
# DEBUG_LOGIN=0 - turn off login debugging
# DEBUG_LOGIN=1 - turn on login debugging
# DEBUG_LOGIN=2 - turn on login debugging + log passwords too
DEBUG_LOGIN=2
##NAME: POP3AUTH:1
#
# To advertise the SASL capability, per RFC 2449, uncomment the POP3AUTH
# variable:
#
# POP3AUTH="LOGIN"
#
# If you have configured the CRAM-MD5 or CRAM-SHA1, set POP3AUTH to something
# like this:
#
# POP3AUTH="LOGIN CRAM-MD5 CRAM-SHA1"
POP3AUTH="authdaemon"
##NAME: POP3AUTH_ORIG:0
#
# For use by webadmin
POP3AUTH_ORIG="LOGIN CRAM-MD5 CRAM-SHA1"
##NAME: POP3AUTH_TLS:1
#
# To also advertise SASL PLAIN if SSL is enabled, uncomment the
# POP3AUTH_TLS environment variable:
#
# POP3AUTH_TLS="LOGIN PLAIN"
POP3AUTH_TLS=""
##NAME: POP3AUTH_TLS_ORIG:0
#
# For use by webadmin
POP3AUTH_TLS_ORIG="LOGIN PLAIN"
##NAME: PORT:1
#
# Port to listen on for connections. The default is port 110.
#
# Multiple port numbers can be separated by commas. When multiple port
# numbers are used it is possibly to select a specific IP address for a
# given port as "ip.port". For example, "127.0.0.1.900,192.68.0.1.900"
# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1
# The ADDRESS setting is a default for ports that do not have a specified
# IP address.
PORT=110
##NAME: ADDRESS:0
#
# IP address to listen on. 0 means all IP addresses.
ADDRESS=0
##NAME: TCPDOPTS:0
#
# Other couriertcpd(1) options. The following defaults should be fine.
#
TCPDOPTS="-nodnslookup -noidentlookup"
##NAME: POP3DSTART:0
#
# POP3DSTART is not referenced anywhere in the standard Courier programs
# or scripts. Rather, this is a convenient flag to be read by your system
# startup script in /etc/rc.d, like this:
#
# . ${sysconfdir}/pop3d
# case x$POP3DSTART in
# x[yY]*)
# /usr/lib/courier/pop3d.rc start
# ;;
# esac
#
# The default setting is going to be NO, until Courier is shipped by default
# with enough platforms so that people get annoyed with having to flip it to
# YES every time.
POP3DSTART=YES
Und in der authdaemonrc:
##VERSION: $Id: authdaemonrc,v 1.3 2003/08/08 14:12:58 lisp Exp $
#
# Copyright 2000-2001 Double Precision, Inc. See COPYING for
# distribution information.
#
# authdaemonrc created from authdaemonrc.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# This file configures authdaemond, the resident authentication daemon.
#
# Comments in this file are ignored. Although this file is intended to
# be sourced as a shell script, authdaemond parses it manually, so
# the acceptable syntax is a bit limited. Multiline variable contents,
# with the \ continuation character, are not allowed. Everything must
# fit on one line. Do not use any additional whitespace for indentation,
# or anything else.
##NAME: authmodulelist:0
#
# The authentication modules that are linked into authdaemond. The
# default list is installed. You may selectively disable modules simply
# by removing them from the following list. The available modules you
# can use are: authcustom authcram authuserdb authldap authpgsql authmysql authpam
authmodulelist="authmysql"
##NAME: authmodulelistorig:1
#
# This setting is used by Courier's webadmin module, and should be left
# alone
authmodulelistorig="authcustom authcram authuserdb authldap authpgsql authmysql authpam"
##NAME: daemons:0
#
# The number of daemon processes that are started. authdaemon is typically
# installed where authentication modules are relatively expensive: such
# as authldap, or authmysql, so it's better to have a number of them running.
# PLEASE NOTE: Some platforms may experience a problem if there's more than
# one daemon. Specifically, SystemV derived platforms that use TLI with
# socket emulation. I'm suspicious of TLI's ability to handle multiple
# processes accepting connections on the same filesystem domain socket.
#
# You may need to increase daemons if as your system load increases. Symptoms
# include sporadic authentication failures. If you start getting
# authentication failures, increase daemons. However, the default of 5
# SHOULD be sufficient. Bumping up daemon count is only a short-term
# solution. The permanent solution is to add more resources: RAM, faster
# disks, faster CPUs...
daemons=5
##NAME: version:0
#
# When you have multiple versions of authdaemond.* installed, authdaemond
# just picks the first one it finds. Set "version" to override that.
# For example: version=authdaemond.plain
version=""
##NAME: authdaemonvar:0
#
# authdaemonvar is here, but is not used directly by authdaemond. It's
# used by various configuration and build scripts, so don't touch it!
authdaemonvar=/var/run/courier/authdaemon
server311:/etc/courier# pico authdaemon
server311:/etc/courier# pico authdaemonrc
server311:/etc/courier# cat authdaemonrc
##VERSION: $Id: authdaemonrc,v 1.3 2003/08/08 14:12:58 lisp Exp $
#
# Copyright 2000-2001 Double Precision, Inc. See COPYING for
# distribution information.
#
# authdaemonrc created from authdaemonrc.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# This file configures authdaemond, the resident authentication daemon.
#
# Comments in this file are ignored. Although this file is intended to
# be sourced as a shell script, authdaemond parses it manually, so
# the acceptable syntax is a bit limited. Multiline variable contents,
# with the \ continuation character, are not allowed. Everything must
# fit on one line. Do not use any additional whitespace for indentation,
# or anything else.
##NAME: authmodulelist:0
#
# The authentication modules that are linked into authdaemond. The
# default list is installed. You may selectively disable modules simply
# by removing them from the following list. The available modules you
# can use are: authcustom authcram authuserdb authldap authpgsql authmysql authpam
authmodulelist="authshadow"
##NAME: authmodulelistorig:1
#
# This setting is used by Courier's webadmin module, and should be left
# alone
authmodulelistorig="authcustom authcram authuserdb authldap authpgsql authmysql authpam"
##NAME: daemons:0
#
# The number of daemon processes that are started. authdaemon is typically
# installed where authentication modules are relatively expensive: such
# as authldap, or authmysql, so it's better to have a number of them running.
# PLEASE NOTE: Some platforms may experience a problem if there's more than
# one daemon. Specifically, SystemV derived platforms that use TLI with
# socket emulation. I'm suspicious of TLI's ability to handle multiple
# processes accepting connections on the same filesystem domain socket.
#
# You may need to increase daemons if as your system load increases. Symptoms
# include sporadic authentication failures. If you start getting
# authentication failures, increase daemons. However, the default of 5
# SHOULD be sufficient. Bumping up daemon count is only a short-term
# solution. The permanent solution is to add more resources: RAM, faster
# disks, faster CPUs...
daemons=5
##NAME: version:0
#
# When you have multiple versions of authdaemond.* installed, authdaemond
# just picks the first one it finds. Set "version" to override that.
# For example: version=authdaemond.plain
version=""
##NAME: authdaemonvar:0
#
# authdaemonvar is here, but is not used directly by authdaemond. It's
# used by various configuration and build scripts, so don't touch it!
authdaemonvar=/var/run/courier/authdaemon
Naja, es funktioniert leider nicht.. Die Logs sagen mir nichts:
Feb 5 15:32:11 server311 courierpop3login: Connection, ip=[::ffff:84.136.214.159]
Feb 5 15:32:13 server311 courierpop3login: LOGIN: DEBUG: ip=[::ffff:84.136.214.159], command=USER
Feb 5 15:32:16 server311 courierpop3login: LOGIN: DEBUG: ip=[::ffff:84.136.214.159], command=PASS
Feb 5 15:32:16 server311 courierpop3login: LOGIN: DEBUG: ip=[::ffff:84.136.214.159], username=user
Feb 5 15:32:16 server311 courierpop3login: LOGIN: DEBUG: ip=[::ffff:84.136.214.159], password=xxxx
Feb 5 15:32:16 server311 courierpop3login: authdaemon: starting client module
Feb 5 15:32:17 server311 courierpop3login: authdaemon: REJECT
Feb 5 15:32:22 server311 courierpop3login: LOGIN FAILED, ip=[::ffff:84.136.214.159]
Ich hab da jetzt schon einige Stunden rumprobiert. :( Wäre super, wenn ihr mir helfen könntet.
Gruß und Danke im Vorraus,
Blandorin
Auf meinem Server läuft Courier, und ich möchte nun das POP3-Modul so einrichten, dass ich mich mit meinen System-Daten einloggen kann und die entsprechenden eMail auslesen kann. Es soll also eine Authentifizierung über die shadow-Datei erfolgen.
Im Ordner /etc/courier befindet sich die Datei: pop3d mit folgendem Inhalt:
##VERSION: $Id: pop3d,v 1.4 2003/08/08 14:12:58 lisp Exp $
#
# pop3d created from pop3d.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# Copyright 1998 - 2002 Double Precision, Inc. See COPYING for
# distribution information.
#
# Courier POP3 daemon configuration
#
##NAME: PIDFILE:0
#
PIDFILE=/var/run/courier/pop3d.pid
##NAME: MAXDAEMONS:0
#
# Maximum number of POP3 servers started
#
MAXDAEMONS=40
##NAME: MAXPERIP:4
#
# Maximum number of connections to accept from the same IP address
MAXPERIP=4
##NAME: AUTHMODULES:0
#
################################################## #######################
##
## Authentication modules which attempt to validate userid/password
## combinations. See authpam(8) for more information. The default set
## is installed at configuration time. You may have to edit the following
## to remove unnecessary authentication modules. In particular, if
## authpam is included in the list below, you will have to remove authpwd
## and authshadow, since their functionality is included in the authpam
## module.
##
################################################## #######################
AUTHMODULES="authdaemon"
##NAME: AUTHMODULES_ORIG:0
#
# This setting is for use with webadmin
AUTHMODULES_ORIG="authdaemon"
##NAME: DEBUG_LOGIN:0
#
# Dump additional login diagnostics to syslog
#
# DEBUG_LOGIN=0 - turn off login debugging
# DEBUG_LOGIN=1 - turn on login debugging
# DEBUG_LOGIN=2 - turn on login debugging + log passwords too
DEBUG_LOGIN=2
##NAME: POP3AUTH:1
#
# To advertise the SASL capability, per RFC 2449, uncomment the POP3AUTH
# variable:
#
# POP3AUTH="LOGIN"
#
# If you have configured the CRAM-MD5 or CRAM-SHA1, set POP3AUTH to something
# like this:
#
# POP3AUTH="LOGIN CRAM-MD5 CRAM-SHA1"
POP3AUTH="authdaemon"
##NAME: POP3AUTH_ORIG:0
#
# For use by webadmin
POP3AUTH_ORIG="LOGIN CRAM-MD5 CRAM-SHA1"
##NAME: POP3AUTH_TLS:1
#
# To also advertise SASL PLAIN if SSL is enabled, uncomment the
# POP3AUTH_TLS environment variable:
#
# POP3AUTH_TLS="LOGIN PLAIN"
POP3AUTH_TLS=""
##NAME: POP3AUTH_TLS_ORIG:0
#
# For use by webadmin
POP3AUTH_TLS_ORIG="LOGIN PLAIN"
##NAME: PORT:1
#
# Port to listen on for connections. The default is port 110.
#
# Multiple port numbers can be separated by commas. When multiple port
# numbers are used it is possibly to select a specific IP address for a
# given port as "ip.port". For example, "127.0.0.1.900,192.68.0.1.900"
# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1
# The ADDRESS setting is a default for ports that do not have a specified
# IP address.
PORT=110
##NAME: ADDRESS:0
#
# IP address to listen on. 0 means all IP addresses.
ADDRESS=0
##NAME: TCPDOPTS:0
#
# Other couriertcpd(1) options. The following defaults should be fine.
#
TCPDOPTS="-nodnslookup -noidentlookup"
##NAME: POP3DSTART:0
#
# POP3DSTART is not referenced anywhere in the standard Courier programs
# or scripts. Rather, this is a convenient flag to be read by your system
# startup script in /etc/rc.d, like this:
#
# . ${sysconfdir}/pop3d
# case x$POP3DSTART in
# x[yY]*)
# /usr/lib/courier/pop3d.rc start
# ;;
# esac
#
# The default setting is going to be NO, until Courier is shipped by default
# with enough platforms so that people get annoyed with having to flip it to
# YES every time.
POP3DSTART=YES
Und in der authdaemonrc:
##VERSION: $Id: authdaemonrc,v 1.3 2003/08/08 14:12:58 lisp Exp $
#
# Copyright 2000-2001 Double Precision, Inc. See COPYING for
# distribution information.
#
# authdaemonrc created from authdaemonrc.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# This file configures authdaemond, the resident authentication daemon.
#
# Comments in this file are ignored. Although this file is intended to
# be sourced as a shell script, authdaemond parses it manually, so
# the acceptable syntax is a bit limited. Multiline variable contents,
# with the \ continuation character, are not allowed. Everything must
# fit on one line. Do not use any additional whitespace for indentation,
# or anything else.
##NAME: authmodulelist:0
#
# The authentication modules that are linked into authdaemond. The
# default list is installed. You may selectively disable modules simply
# by removing them from the following list. The available modules you
# can use are: authcustom authcram authuserdb authldap authpgsql authmysql authpam
authmodulelist="authmysql"
##NAME: authmodulelistorig:1
#
# This setting is used by Courier's webadmin module, and should be left
# alone
authmodulelistorig="authcustom authcram authuserdb authldap authpgsql authmysql authpam"
##NAME: daemons:0
#
# The number of daemon processes that are started. authdaemon is typically
# installed where authentication modules are relatively expensive: such
# as authldap, or authmysql, so it's better to have a number of them running.
# PLEASE NOTE: Some platforms may experience a problem if there's more than
# one daemon. Specifically, SystemV derived platforms that use TLI with
# socket emulation. I'm suspicious of TLI's ability to handle multiple
# processes accepting connections on the same filesystem domain socket.
#
# You may need to increase daemons if as your system load increases. Symptoms
# include sporadic authentication failures. If you start getting
# authentication failures, increase daemons. However, the default of 5
# SHOULD be sufficient. Bumping up daemon count is only a short-term
# solution. The permanent solution is to add more resources: RAM, faster
# disks, faster CPUs...
daemons=5
##NAME: version:0
#
# When you have multiple versions of authdaemond.* installed, authdaemond
# just picks the first one it finds. Set "version" to override that.
# For example: version=authdaemond.plain
version=""
##NAME: authdaemonvar:0
#
# authdaemonvar is here, but is not used directly by authdaemond. It's
# used by various configuration and build scripts, so don't touch it!
authdaemonvar=/var/run/courier/authdaemon
server311:/etc/courier# pico authdaemon
server311:/etc/courier# pico authdaemonrc
server311:/etc/courier# cat authdaemonrc
##VERSION: $Id: authdaemonrc,v 1.3 2003/08/08 14:12:58 lisp Exp $
#
# Copyright 2000-2001 Double Precision, Inc. See COPYING for
# distribution information.
#
# authdaemonrc created from authdaemonrc.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# This file configures authdaemond, the resident authentication daemon.
#
# Comments in this file are ignored. Although this file is intended to
# be sourced as a shell script, authdaemond parses it manually, so
# the acceptable syntax is a bit limited. Multiline variable contents,
# with the \ continuation character, are not allowed. Everything must
# fit on one line. Do not use any additional whitespace for indentation,
# or anything else.
##NAME: authmodulelist:0
#
# The authentication modules that are linked into authdaemond. The
# default list is installed. You may selectively disable modules simply
# by removing them from the following list. The available modules you
# can use are: authcustom authcram authuserdb authldap authpgsql authmysql authpam
authmodulelist="authshadow"
##NAME: authmodulelistorig:1
#
# This setting is used by Courier's webadmin module, and should be left
# alone
authmodulelistorig="authcustom authcram authuserdb authldap authpgsql authmysql authpam"
##NAME: daemons:0
#
# The number of daemon processes that are started. authdaemon is typically
# installed where authentication modules are relatively expensive: such
# as authldap, or authmysql, so it's better to have a number of them running.
# PLEASE NOTE: Some platforms may experience a problem if there's more than
# one daemon. Specifically, SystemV derived platforms that use TLI with
# socket emulation. I'm suspicious of TLI's ability to handle multiple
# processes accepting connections on the same filesystem domain socket.
#
# You may need to increase daemons if as your system load increases. Symptoms
# include sporadic authentication failures. If you start getting
# authentication failures, increase daemons. However, the default of 5
# SHOULD be sufficient. Bumping up daemon count is only a short-term
# solution. The permanent solution is to add more resources: RAM, faster
# disks, faster CPUs...
daemons=5
##NAME: version:0
#
# When you have multiple versions of authdaemond.* installed, authdaemond
# just picks the first one it finds. Set "version" to override that.
# For example: version=authdaemond.plain
version=""
##NAME: authdaemonvar:0
#
# authdaemonvar is here, but is not used directly by authdaemond. It's
# used by various configuration and build scripts, so don't touch it!
authdaemonvar=/var/run/courier/authdaemon
Naja, es funktioniert leider nicht.. Die Logs sagen mir nichts:
Feb 5 15:32:11 server311 courierpop3login: Connection, ip=[::ffff:84.136.214.159]
Feb 5 15:32:13 server311 courierpop3login: LOGIN: DEBUG: ip=[::ffff:84.136.214.159], command=USER
Feb 5 15:32:16 server311 courierpop3login: LOGIN: DEBUG: ip=[::ffff:84.136.214.159], command=PASS
Feb 5 15:32:16 server311 courierpop3login: LOGIN: DEBUG: ip=[::ffff:84.136.214.159], username=user
Feb 5 15:32:16 server311 courierpop3login: LOGIN: DEBUG: ip=[::ffff:84.136.214.159], password=xxxx
Feb 5 15:32:16 server311 courierpop3login: authdaemon: starting client module
Feb 5 15:32:17 server311 courierpop3login: authdaemon: REJECT
Feb 5 15:32:22 server311 courierpop3login: LOGIN FAILED, ip=[::ffff:84.136.214.159]
Ich hab da jetzt schon einige Stunden rumprobiert. :( Wäre super, wenn ihr mir helfen könntet.
Gruß und Danke im Vorraus,
Blandorin