Re: Problem with SASL2 and postfix on freebsd
From: cell (bettan_at_nerim.net)
Date: 08/05/05
- Previous message: cell: "Re: Problems with SASL2 and postfix on freebsd"
- In reply to: Paul Schmehl: "Re: Problem with SASL2 and postfix on freebsd"
- Next in thread: Paul Schmehl: "Re: Problem with SASL2 and postfix on freebsd"
- Reply: Paul Schmehl: "Re: Problem with SASL2 and postfix on freebsd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: "Paul Schmehl" <pauls@utdallas.edu> Date: Fri, 5 Aug 2005 17:25:42 +0200
In master.cf i have that :
#
# Postfix master process configuration file. For details on the format
# of the file, see the Postfix master(5) manual page.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd
-o content_filter=spamassassin
#submission inet n - n - - smtpd
# -o smtpd_etrn_restrictions=reject
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps inet n - n - - smtpd
# -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
#submission inet n - n - - smtpd
# -o smtpd_etrn_restrictions=reject
# -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
#628 inet n - n - - qmqpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - n - - smtp
-o fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix - n n - - pipe
flags=Ru user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
#
# The Cyrus deliver program has changed incompatibly, multiple times.
#
#old-cyrus unix - n n - - pipe
# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
cyrus unix - n n - - pipe
user=cyrus argv=/usr/local/sbin/saslauthd
#argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
($recipient)
#
# Other external delivery methods.
#
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop
$recipient
# AV scan filter (used by content_filter)
scan unix - - n - 16 smtp
-o smtp_send_xforward_command=yes
# For injecting mail back into postfix from the filter
localhost:10026 inet n - n - 16 smtpd
-o content_filter=
-o
receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks_style=host
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
#SpamAssassin
spamassassin unix - n n - - pipe
user=vmail argv=/usr/local/bin/spamc -f -e
/usr/local/sbin/sendmail -oi -f ${sender} ${recipient}
----- Original Message -----
From: "Paul Schmehl" <pauls@utdallas.edu>
To: "cell" <bettan@nerim.net>; <freebsd-questions@freebsd.org>
Sent: Friday, August 05, 2005 4:52 PM
Subject: Re: Problem with SASL2 and postfix on freebsd
> --On Friday, August 05, 2005 11:51:22 +0200 cell <bettan@nerim.net> wrote:
>
>> Hello , i'm on freebsd 5.4 and i use cyrus-sasl-2.1.21 ,
>> cyrus-sasl-saslauthd-2.1.21 and postfix-2.2.5,1 but i have a problem with
>> sasl2.When i do "telnet localhost 25" , i have that :
>>
>> Trying 127.0.0.1...
>> Connected to localhost.linux-win.org.
>> Escape character is '^]'.
>> 220 gw-bsd.linux-win.org ESMTP Postfix 2.2.5 (FreeBSD)
>> ehlo example.pl
>> 250-gw-bsd.linux-win.org
>> 250-PIPELINING
>> 250-SIZE 10000000
>> 250-VRFY
>> 250-ETRN
>> 250-STARTTLS
>> 250 8BITMIME
>>
>>
>> and i don't see "AUTH DIGEST-MD5 PLAIN CRAM-MD5" and "AUTH PLAIN".In my
>> main.cf , i have that :
>>
>> smtpd_recipient_restrictions =
>> permit_mynetworks,permit_sasl_authenticated,
>> reject_unauth_pipelining,reject_unauth_destination,reject_invalid_hostnam
>> e,reject_unknown_recipient_domain smtpd_sender_restrictions =
>> permit_sasl_authenticated , hash:/usr/local/etc/postfix/access,
>> reject_unknown_sender_domain, reject_invalid_hostname
>> smtpd_sasl_auth_enable = yes
>> smtpd_sasl_security_options = noanonymous
>> smtpd_sasl_local_domain =
>> broken_sasl_auth_clients = no
>>
>> In /usr/local/lib/sasl2 i have that :
>>
>> pwcheck_method: saslauthd
>> auxprop_plugin: sql
>> sql_engine: mysql
>> sql_hostnames: 127.0.0.1
>> sql_user: maildb
>> sql_passwd: *****
>> sql_database: maildb
>> sql_select: select clear from users where id='%u@%r'
>>
>>
>> and in /etc/pam.d/smtp i have that :
>>
>> auth optional pam_mysql.so host=127.0.0.1 db=maildb
>> user=maildb \ passwd=***** sql table=users usercolumn=id
>> passwdcolumn=clear crypt=y account required pam_mysql.so
>> host=127.0.0.1 db=maildb user=maildb \ passwd=***** sql table=users
>> usercolumn=id passwdcolumn=clear crypt=y
>>
>> I don't understand why postfix doesn't use sasl.Anyone knows this problem
>> ?
>
> What's in master.cf? Do you have the commands for saslauth?
> smtps inet n - n - - smtpd
> -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
>
> (I'm using smtps, but smtp uses the auth command as well.)
>
> smtp inet n - n - - smtpd -o
> smtpd_sasl_auth_enable=yes
>
> Paul Schmehl (pauls@utdallas.edu)
> Adjunct Information Security Officer
> University of Texas at Dallas
> AVIEN Founding Member
> http://www.utdallas.edu/ir/security/
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe@freebsd.org"
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
- Previous message: cell: "Re: Problems with SASL2 and postfix on freebsd"
- In reply to: Paul Schmehl: "Re: Problem with SASL2 and postfix on freebsd"
- Next in thread: Paul Schmehl: "Re: Problem with SASL2 and postfix on freebsd"
- Reply: Paul Schmehl: "Re: Problem with SASL2 and postfix on freebsd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
