#51 Le 06/09/2007, à 08:41
- SebLinux
Re : Postix - authentification smtp
Je fais ca et te tiens au courant
Merci
Hors ligne
#52 Le 06/09/2007, à 09:27
- SebLinux
Re : Postix - authentification smtp
Alors j'ai bien tout suivis mais j'ai un message d'erreur dans mon client de type :" impossible de se connecter au serveur 172.168.1.22 via STARTTLS car il n'a pas proposé STARTTLS dans la réponse au EHLO."
Comme domaine a la place de star....org j'ai mis domain.tld qui est dans ma base sql
Voila les log des mails
Sep 6 16:21:11 LSERV postfix/smtpd[6785]: cannot load Certificate Authority data
Sep 6 16:21:11 LSERV postfix/smtpd[6785]: warning: TLS library problem: 6785:error:02001002:system library:fopen:No such file or directory:bss_file.c:122:fopen('/etc/postfix/tls/cacert.pem','r'):
Sep 6 16:21:11 LSERV postfix/smtpd[6785]: warning: TLS library problem: 6785:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:125:
Sep 6 16:21:11 LSERV postfix/smtpd[6785]: warning: TLS library problem: 6785:error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib:by_file.c:274:
Sep 6 16:21:11 LSERV postfix/smtpd[6785]: connect from ACA8016E.ipt.aol.com[172.168.1.110]
Sep 6 16:21:11 LSERV postfix/cleanup[6788]: B8BA217454F: message-id=<20070906082111.B8BA217454F@LSERV.example.org>
Sep 6 16:21:11 LSERV postfix/smtpd[6785]: disconnect from ACA8016E.ipt.aol.com[172.168.1.110]
Sep 6 16:21:11 LSERV postfix/qmgr[5995]: B8BA217454F: from=<double-bounce@LSERV.example.org>, size=802, nrcpt=1 (queue active)
Sep 6 16:21:11 LSERV postfix/smtp[6790]: B8BA217454F: to=<postmaster@domaine.tld>, orig_to=<postmaster>, relay=none, delay=0.07, delays=0.06/0.01/0/0, dsn=5.4.4, status=bounced (Host or domain name not found. Name service error for name=domaine.tld type=A: Host not found)
Sep 6 16:21:11 LSERV postfix/bounce[6791]: warning: B8BA217454F: undeliverable postmaster notification discarded
Sep 6 16:21:11 LSERV postfix/qmgr[5995]: B8BA217454F: removed
Sep 6 16:22:04 LSERV postfix/smtpd[6785]: connect from ACA8016E.ipt.aol.com[172.168.1.110]
Sep 6 16:22:04 LSERV postfix/cleanup[6788]: DE78D17454F: message-id=<20070906082204.DE78D17454F@LSERV.example.org>
Sep 6 16:22:04 LSERV postfix/qmgr[5995]: DE78D17454F: from=<double-bounce@LSERV.example.org>, size=802, nrcpt=1 (queue active)
Sep 6 16:22:04 LSERV postfix/smtpd[6785]: disconnect from ACA8016E.ipt.aol.com[172.168.1.110]
Sep 6 16:22:04 LSERV postfix/smtp[6790]: DE78D17454F: to=<postmaster@domaine.tld>, orig_to=<postmaster>, relay=none, delay=0.01, delays=0.01/0/0/0, dsn=5.4.4, status=bounced (Host or domain name not found. Name service error for name=domaine.tld type=A: Host not found)
Sep 6 16:22:04 LSERV postfix/bounce[6791]: warning: DE78D17454F: undeliverable postmaster notification discarded
Sep 6 16:22:04 LSERV postfix/qmgr[5995]: DE78D17454F: removed
Sep 6 16:22:33 LSERV postfix/master[5983]: terminating on signal 15
Sep 6 16:22:33 LSERV postfix/master[6909]: daemon started -- version 2.3.8, configuration /etc/postfix
Sep 6 16:22:51 LSERV postfix/smtpd[6951]: cannot load Certificate Authority data
Sep 6 16:22:51 LSERV postfix/smtpd[6951]: warning: TLS library problem: 6951:error:02001002:system library:fopen:No such file or directory:bss_file.c:122:fopen('/etc/postfix/tls/cacert.pem','r'):
Sep 6 16:22:51 LSERV postfix/smtpd[6951]: warning: TLS library problem: 6951:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:125:
Sep 6 16:22:51 LSERV postfix/smtpd[6951]: warning: TLS library problem: 6951:error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib:by_file.c:274:
Sep 6 16:22:51 LSERV postfix/smtpd[6951]: connect from ACA8016E.ipt.aol.com[172.168.1.110]
Sep 6 16:22:51 LSERV postfix/cleanup[6955]: 6114E17454F: message-id=<20070906082251.6114E17454F@LSERV.example.org>
Sep 6 16:22:51 LSERV postfix/smtpd[6951]: disconnect from ACA8016E.ipt.aol.com[172.168.1.110]
Sep 6 16:22:51 LSERV postfix/qmgr[6914]: 6114E17454F: from=<double-bounce@LSERV.example.org>, size=802, nrcpt=1 (queue active)
Sep 6 16:22:51 LSERV postfix/smtp[6957]: 6114E17454F: to=<postmaster@domaine.tld>, orig_to=<postmaster>, relay=none, delay=0.04, delays=0.03/0.01/0/0, dsn=5.4.4, status=bounced (Host or domain name not found. Name service error for name=domaine.tld type=A: Host not found)
Sep 6 16:22:51 LSERV postfix/bounce[6958]: warning: 6114E17454F: undeliverable postmaster notification discarded
Sep 6 16:22:51 LSERV postfix/qmgr[6914]: 6114E17454F: removed
Voici le telnet :
root@LSERV:/etc/postfix/tls# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 LSERV.example.org ESMTP Postfix (Ubuntu)
ehlo domain.tld
250-LSERV.example.org
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
... ? J'ai bien l'impression que je me rapproche mais ...
Hors ligne
#53 Le 06/09/2007, à 09:35
- toniotonio
Re : Postix - authentification smtp
tu as modifié ta conf TLS ?
ou tu as regénéré des certifs ?
Tutoriaux Postfix sur www.starbridge.org/spip
Messagerie Dédiée, Relais Mail Antispam/Antivirus, Infogérance 24/7: http://www.eole-its.com
Hors ligne
#54 Le 06/09/2007, à 09:42
- SebLinux
Re : Postix - authentification smtp
regenere des certif
Hors ligne
#55 Le 06/09/2007, à 09:43
- toniotonio
Re : Postix - authentification smtp
fallait pas
fais voir ta conf ? postconf -n
Tutoriaux Postfix sur www.starbridge.org/spip
Messagerie Dédiée, Relais Mail Antispam/Antivirus, Infogérance 24/7: http://www.eole-its.com
Hors ligne
#56 Le 06/09/2007, à 09:46
- SebLinux
Re : Postix - authentification smtp
root@LSERV:/etc/postfix/tls# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 LSERV.example.org ESMTP Postfix (Ubuntu)
ehlo domain.tld
250-LSERV.example.org
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
Hors ligne
#57 Le 06/09/2007, à 09:48
- toniotonio
Re : Postix - authentification smtp
postconf -n ?
Tutoriaux Postfix sur www.starbridge.org/spip
Messagerie Dédiée, Relais Mail Antispam/Antivirus, Infogérance 24/7: http://www.eole-its.com
Hors ligne
#58 Le 06/09/2007, à 09:49
- SebLinux
Re : Postix - authentification smtp
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = amavis:[127.0.0.1]:10024
mailbox_size_limit = 0
mydestination = localhost.localdomain, localhost
myhostname = LSERV.example.org
mynetworks = 127.0.0.0/8
myorigin = /etc/mailname
receive_override_options = no_address_mappings
recipient_delimiter = +
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_destination, reject_unauth_pipelining, reject_invalid_hostname, reject_rbl_client sbl-xbl.spamhaus.org
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/postfix/tls/cacert.pem
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/postfix/tls/smtpd.crt
smtpd_tls_key_file = /etc/postfix/tls/smtpd.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 51200000
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 5000
virtual_transport = virtual
virtual_uid_maps = static:5000
Hors ligne
#59 Le 06/09/2007, à 09:53
- toniotonio
Re : Postix - authentification smtp
j'espere que tu as conservé tes anciens certifs, sinon ne fait pas cette modif !
efface
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/postfix/tls/smtpd.crt
smtpd_tls_key_file = /etc/postfix/tls/smtpd.key
smtpd_tls_CAfile = /etc/postfix/tls/cacert.pem
et ajoute (ce sont tes anciens certifs):
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
Tutoriaux Postfix sur www.starbridge.org/spip
Messagerie Dédiée, Relais Mail Antispam/Antivirus, Infogérance 24/7: http://www.eole-its.com
Hors ligne
#60 Le 06/09/2007, à 10:08
- SebLinux
Re : Postix - authentification smtp
quand je fais ca j'ai bien un nouveau certificat qui m'est demandé mais le mot de passe ne passe pas
Sep 6 17:07:10 LSERV postfix/qmgr[8126]: 8ECAA17454F: removed
Sep 6 17:07:12 LSERV postfix/master[8122]: terminating on signal 15
Sep 6 17:07:13 LSERV postfix/master[8242]: daemon started -- version 2.3.8, configuration /etc/postfix
Sep 6 17:07:15 LSERV postfix/smtpd[8249]: connect from ACA8016E.ipt.aol.com[172.168.1.110]
Sep 6 17:07:15 LSERV postfix/smtpd[8249]: setting up TLS connection from ACA8016E.ipt.aol.com[172.168.1.110]
Sep 6 17:07:17 LSERV postfix/smtpd[8249]: TLS connection established from ACA8016E.ipt.aol.com[172.168.1.110]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Sep 6 17:07:17 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 17:07:17 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: Password verification failed
Sep 6 17:07:17 LSERV postfix/smtpd[8249]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep 6 17:07:17 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 17:07:17 LSERV postfix/smtpd[8249]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep 6 17:07:20 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 17:07:20 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: Password verification failed
Sep 6 17:07:20 LSERV postfix/smtpd[8249]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep 6 17:07:20 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 17:07:20 LSERV postfix/smtpd[8249]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep 6 17:07:21 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 17:07:21 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: Password verification failed
Sep 6 17:07:21 LSERV postfix/smtpd[8249]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep 6 17:07:21 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 17:07:21 LSERV postfix/smtpd[8249]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep 6 17:07:22 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 17:07:22 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: Password verification failed
Sep 6 17:07:22 LSERV postfix/smtpd[8249]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep 6 17:07:22 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 17:07:22 LSERV postfix/smtpd[8249]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep 6 17:07:24 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 17:07:24 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: Password verification failed
Sep 6 17:07:24 LSERV postfix/smtpd[8249]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep 6 17:07:24 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 17:07:24 LSERV postfix/smtpd[8249]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Hors ligne
#61 Le 06/09/2007, à 10:15
- toniotonio
Re : Postix - authentification smtp
ok a nouveau:
fais voir ta conf complete:
le contenu des fichiers:
/etc/default/saslauthd
/etc/pam.d/smtp
/etc/postfix/sasl/smtpd.conf
le resultat des commandes:
postconf -n
ls -la /var/spool/postfix/var/run/saslauthd/
getent group | grep postfix
ps waux | grep saslauthd
Tutoriaux Postfix sur www.starbridge.org/spip
Messagerie Dédiée, Relais Mail Antispam/Antivirus, Infogérance 24/7: http://www.eole-its.com
Hors ligne
#62 Le 06/09/2007, à 10:35
- SebLinux
Re : Postix - authentification smtp
le contenu des fichiers:
/etc/default/saslauthd
#
# Settings for saslauthd daemon
#
# Should saslauthd run automatically on startup? (default: no)
START=yes
# Which authentication mechanisms should saslauthd use? (default: pam)
#
# Available options in this Debian package:
# getpwent -- use the getpwent() library function
# kerberos5 -- use Kerberos 5
# pam -- use PAM
# rimap -- use a remote IMAP server
# shadow -- use the local shadow password file
# sasldb -- use the local sasldb database file
# ldap -- use LDAP (configuration is in /etc/saslauthd.conf)
#
# Only one option may be used at a time. See the saslauthd man page
# for more information.
#
# Example: MECHANISMS="pam"
MECHANISMS="pam"
# Additional options for this mechanism. (default: none)
# See the saslauthd man page for information about mech-specific options.
MECH_OPTIONS=""
# How many saslauthd processes should we run? (default: 5)
# A value of 0 will fork a new process for each connection.
THREADS=5
#PARAMS="-m /var/spool/postfix/var/run/saslauthd -r"
# Other options (default: -c)
# See the saslauthd man page for information about these options.
#
# Example for postfix users: "-c -m /var/spool/postfix/var/run/saslauthd"
# Note: See /usr/share/doc/sasl2-bin/README.Debian
OPTIONS="-c -r -m /var/spool/postfix/var/run/saslauthd"
/etc/pam.d/smtp
auth required pam_mysql.so user=root passwd=sebseb host=127.0.0.1 db=postfix table=mailbox usercolumn=username passwdcolumn=password crypt=1 md5=1
/etc/postfix/sasl/smtpd.conf
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
log_level: 5
le resultat des commandes:
postconf -n
root@LSERV:/etc/postfix# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = amavis:[127.0.0.1]:10024
mailbox_size_limit = 0
mydestination = localhost.localdomain, localhost
myhostname = LSERV.example.org
mynetworks = 127.0.0.0/8
myorigin = /etc/mailname
receive_override_options = no_address_mappings
recipient_delimiter = +
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_destination, reject_unauth_pipelining, reject_invalid_hostname, reject_rbl_client sbl-xbl.spamhaus.org
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 51200000
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 5000
virtual_transport = virtual
virtual_uid_maps = static:5000
ls -la /var/spool/postfix/var/run/saslauthd/
total 940
drwx--x--- 2 root sasl 4096 2007-09-06 16:22 .
drwxr-xr-x 5 root sasl 4096 2007-09-06 15:47 ..
-rw------- 1 root root 0 2007-09-06 16:22 cache.flock
-rw------- 1 root root 945152 2007-09-06 16:22 cache.mmap
srwxrwxrwx 1 root root 0 2007-09-06 16:22 mux
-rw------- 1 root root 0 2007-09-06 16:22 mux.accept
-rw------- 1 root root 5 2007-09-06 16:22 saslauthd.pid
getent group | grep postfix
total 940
drwx--x--- 2 root sasl 4096 2007-09-06 16:22 .
drwxr-xr-x 5 root sasl 4096 2007-09-06 15:47 ..
-rw------- 1 root root 0 2007-09-06 16:22 cache.flock
-rw------- 1 root root 945152 2007-09-06 16:22 cache.mmap
srwxrwxrwx 1 root root 0 2007-09-06 16:22 mux
-rw------- 1 root root 0 2007-09-06 16:22 mux.accept
-rw------- 1 root root 5 2007-09-06 16:22 saslauthd.pid
root@LSERV:/etc/postfix# getent group | grep postfix
sasl:x:45:postfix
postfix:x:119:
ps waux | grep sas
root@LSERV:/etc/postfix# ps waux | grep sas
root 6942 0.0 0.0 7396 752 ? Ss 16:22 0:00 /usr/sbin/saslauthd -a pam -c -r -m /var/spool/postfix/var/run/saslauthd -n 5
root 6943 0.0 0.0 7396 472 ? S 16:22 0:00 /usr/sbin/saslauthd -a pam -c -r -m /var/spool/postfix/var/run/saslauthd -n 5
root 6944 0.0 0.0 7396 360 ? S 16:22 0:00 /usr/sbin/saslauthd -a pam -c -r -m /var/spool/postfix/var/run/saslauthd -n 5
root 6946 0.0 0.0 7396 360 ? S 16:22 0:00 /usr/sbin/saslauthd -a pam -c -r -m /var/spool/postfix/var/run/saslauthd -n 5
root 6947 0.0 0.0 7396 360 ? S 16:22 0:00 /usr/sbin/saslauthd -a pam -c -r -m /var/spool/postfix/var/run/saslauthd -n 5
root 8645 0.0 0.0 2884 776 pts/0 S+ 17:34 0:00 grep sas
root@LSERV:/etc/postfix#
voila !!!
Hors ligne
#63 Le 06/09/2007, à 10:54
- toniotonio
Re : Postix - authentification smtp
il te manque une ligne dans le /etc/pam/smtp:
dans le tuto c'est:
auth required pam_mysql.so user=postfix passwd=yourpass host=127.0.0.1 db=postfix table=mailbox usercolumn=username passwdcolumn=password crypt=1 md5=1
account sufficient pam_mysql.so user=postfix passwd=yourpass host=127.0.0.1 db=postfix table=mailbox usercolumn=username passwdcolumn=password crypt=1 md5=1
valide bien egalemnet les champs de ce fichier avec ceux de ta base sql (tout doit correspondre evidemment)
remarque: tu utilises le root de sql ce qui est une tres tres mauvaise pratique.
enleve dans le main.cf:
smtpd_use_tls = yes
(c'est l'ancien parametre, le nouveau etant deja specifié dans ta conf: smtpd_tls_security_level = may)
et une question: en quoi sont encryptés les passwords des users dans la base SQL ?
Tutoriaux Postfix sur www.starbridge.org/spip
Messagerie Dédiée, Relais Mail Antispam/Antivirus, Infogérance 24/7: http://www.eole-its.com
Hors ligne
#64 Le 06/09/2007, à 11:06
- SebLinux
Re : Postix - authentification smtp
pam.d :J'avais deliberement enlever la ligne pour coller a ton tuto
Root : je sais mais je suis en période de test et d'apprentissage ce qui me permet de mieux me familiarisé et d'eviter un bog suplémantaire mais ca va changer !
Les mots de passe sont encrypter avec la fonction encrypt de php
<?
$guid=crypt("seb");
echo $guid;
?>
Hors ligne
#65 Le 06/09/2007, à 11:32
- toniotonio
Re : Postix - authentification smtp
il ya bien les 2 lignes dans le tuto mais l'ascenseur cachait la derniere.
ok essaie de faire un test et postes les logs
Dernière modification par toniotonio (Le 06/09/2007, à 11:33)
Tutoriaux Postfix sur www.starbridge.org/spip
Messagerie Dédiée, Relais Mail Antispam/Antivirus, Infogérance 24/7: http://www.eole-its.com
Hors ligne
#66 Le 06/09/2007, à 11:58
- SebLinux
Re : Postix - authentification smtp
Toujours pareil le mot de passe est refusé :
Sep 6 18:57:21 LSERV postfix/smtpd[10824]: connect from ACA8016E.ipt.aol.com[172.168.1.110]
Sep 6 18:57:21 LSERV postfix/smtpd[10824]: setting up TLS connection from ACA8016E.ipt.aol.com[172.168.1.110]
Sep 6 18:57:21 LSERV postfix/smtpd[10824]: TLS connection established from ACA8016E.ipt.aol.com[172.168.1.110]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Sep 6 18:57:23 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 18:57:23 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: Password verification failed
Sep 6 18:57:23 LSERV postfix/smtpd[10824]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep 6 18:57:23 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 18:57:23 LSERV postfix/smtpd[10824]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep 6 18:57:24 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 18:57:24 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: Password verification failed
Sep 6 18:57:24 LSERV postfix/smtpd[10824]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep 6 18:57:24 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 18:57:24 LSERV postfix/smtpd[10824]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep 6 18:57:25 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 18:57:25 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: Password verification failed
Sep 6 18:57:25 LSERV postfix/smtpd[10824]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep 6 18:57:25 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 18:57:25 LSERV postfix/smtpd[10824]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep 6 18:57:26 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 18:57:26 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: Password verification failed
Sep 6 18:57:26 LSERV postfix/smtpd[10824]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep 6 18:57:26 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 18:57:26 LSERV postfix/smtpd[10824]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep 6 18:57:28 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 18:57:28 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: Password verification failed
Sep 6 18:57:28 LSERV postfix/smtpd[10824]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep 6 18:57:28 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 18:57:28 LSERV postfix/smtpd[10824]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep 6 18:57:31 LSERV postfix/smtpd[10824]: disconnect from ACA8016E.ipt.aol.com[172.168.1.110]
Hors ligne
#67 Le 06/09/2007, à 12:03
- toniotonio
Re : Postix - authentification smtp
essaye de redemarrer le serveur saslauthd et postfix
installe saslfinger :
wget http://postfix.state-of-mind.de/patrick.koetter/saslfinger/saslfinger-1.0.2.tar.gz
tar xvzf saslfinger-1.0.2.tar.gz
cd saslfinger-1.0.2
./install.sh
puis tu le lances et tu postes la sortie:
saslfinger -s
Tutoriaux Postfix sur www.starbridge.org/spip
Messagerie Dédiée, Relais Mail Antispam/Antivirus, Infogérance 24/7: http://www.eole-its.com
Hors ligne
#68 Le 06/09/2007, à 12:19
- SebLinux
Re : Postix - authentification smtp
root@LSERV:/etc/postfix/saslfinger-1.0.2# saslfinger -s
saslfinger - postfix Cyrus sasl configuration Thu Sep 6 19:18:38 HKT 2007
version: 1.0.2
mode: server-side SMTP AUTH
-- basics --
Postfix: 2.3.8
System: Ubuntu 7.04 \n \l
-- smtpd is linked to --
libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7d6d000)
-- active SMTP AUTH and TLS parameters for smtpd --
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
-- listing of /usr/lib/sasl2 --
total 852
drwxr-xr-x 2 root root 4096 2007-08-28 15:44 .
drwxr-xr-x 186 root root 69632 2007-08-31 14:55 ..
-rw-r--r-- 1 root root 13640 2007-01-09 18:33 libanonymous.a
-rw-r--r-- 1 root root 855 2007-01-09 18:33 libanonymous.la
-rw-r--r-- 1 root root 13240 2007-01-09 18:33 libanonymous.so
-rw-r--r-- 1 root root 13240 2007-01-09 18:33 libanonymous.so.2
-rw-r--r-- 1 root root 13240 2007-01-09 18:33 libanonymous.so.2.0.22
-rw-r--r-- 1 root root 15942 2007-01-09 18:33 libcrammd5.a
-rw-r--r-- 1 root root 841 2007-01-09 18:33 libcrammd5.la
-rw-r--r-- 1 root root 15704 2007-01-09 18:33 libcrammd5.so
-rw-r--r-- 1 root root 15704 2007-01-09 18:33 libcrammd5.so.2
-rw-r--r-- 1 root root 15704 2007-01-09 18:33 libcrammd5.so.2.0.22
-rw-r--r-- 1 root root 47348 2007-01-09 18:33 libdigestmd5.a
-rw-r--r-- 1 root root 864 2007-01-09 18:33 libdigestmd5.la
-rw-r--r-- 1 root root 43884 2007-01-09 18:33 libdigestmd5.so
-rw-r--r-- 1 root root 43884 2007-01-09 18:33 libdigestmd5.so.2
-rw-r--r-- 1 root root 43884 2007-01-09 18:33 libdigestmd5.so.2.0.22
-rw-r--r-- 1 root root 13650 2007-01-09 18:33 liblogin.a
-rw-r--r-- 1 root root 835 2007-01-09 18:33 liblogin.la
-rw-r--r-- 1 root root 14036 2007-01-09 18:33 liblogin.so
-rw-r--r-- 1 root root 14036 2007-01-09 18:33 liblogin.so.2
-rw-r--r-- 1 root root 14036 2007-01-09 18:33 liblogin.so.2.0.22
-rw-r--r-- 1 root root 30516 2007-01-09 18:33 libntlm.a
-rw-r--r-- 1 root root 829 2007-01-09 18:33 libntlm.la
-rw-r--r-- 1 root root 29876 2007-01-09 18:33 libntlm.so
-rw-r--r-- 1 root root 29876 2007-01-09 18:33 libntlm.so.2
-rw-r--r-- 1 root root 29876 2007-01-09 18:33 libntlm.so.2.0.22
-rw-r--r-- 1 root root 13938 2007-01-09 18:33 libplain.a
-rw-r--r-- 1 root root 835 2007-01-09 18:33 libplain.la
-rw-r--r-- 1 root root 14036 2007-01-09 18:33 libplain.so
-rw-r--r-- 1 root root 14036 2007-01-09 18:33 libplain.so.2
-rw-r--r-- 1 root root 14036 2007-01-09 18:33 libplain.so.2.0.22
-rw-r--r-- 1 root root 22150 2007-01-09 18:33 libsasldb.a
-rw-r--r-- 1 root root 856 2007-01-09 18:33 libsasldb.la
-rw-r--r-- 1 root root 18372 2007-01-09 18:33 libsasldb.so
-rw-r--r-- 1 root root 18372 2007-01-09 18:33 libsasldb.so.2
-rw-r--r-- 1 root root 18372 2007-01-09 18:33 libsasldb.so.2.0.22
-rw-r--r-- 1 root root 23812 2007-01-09 18:33 libsql.a
-rw-r--r-- 1 root root 964 2007-01-09 18:33 libsql.la
-rw-r--r-- 1 root root 23352 2007-01-09 18:33 libsql.so
-rw-r--r-- 1 root root 23352 2007-01-09 18:33 libsql.so.2
-rw-r--r-- 1 root root 23352 2007-01-09 18:33 libsql.so.2.0.22
-- content of /etc/postfix/sasl/smtpd.conf --
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
log_level: 5
-- active services in /etc/postfix/master.cf --
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
smtp inet n - n - - smtpd
smtps inet n y - - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject
pickup fifo n - - 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp
-o fallback_relay=
showq unix n - - - - showq
error unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
amavis unix - - - - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
127.0.0.1:10025 inet n - - - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_bind_address=127.0.0.1
-- mechanisms on localhost --
-- end of saslfinger output --
root@LSERV:/etc/postfix/saslfinger-1.0.2#
Hors ligne
#69 Le 06/09/2007, à 12:23
- toniotonio
Re : Postix - authentification smtp
dpkg -l | grep sasl
Dernière modification par toniotonio (Le 06/09/2007, à 12:24)
Tutoriaux Postfix sur www.starbridge.org/spip
Messagerie Dédiée, Relais Mail Antispam/Antivirus, Infogérance 24/7: http://www.eole-its.com
Hors ligne
#70 Le 06/09/2007, à 12:26
- SebLinux
Re : Postix - authentification smtp
root@LSERV:/etc/postfix/saslfinger-1.0.2# dpkg -l | grep sasl
ii libgsasl7 0.2.12-1build1 GNU SASL library
ii libsasl2 2.1.22.dfsg1-8ubuntu2 Authentication abstraction library
ii libsasl2-2 2.1.22.dfsg1-8ubuntu2 Authentication abstraction library
ii libsasl2-modules 2.1.22.dfsg1-8ubuntu2 Pluggable Authentication Modules for SASL
ii libsasl2-modules-sql 2.1.22.dfsg1-8ubuntu2 Pluggable Authentication Modules for SASL (SQL)
ii sasl2-bin 2.1.22.dfsg1-8ubuntu2 Administration programs for SASL users database
root@LSERV:/etc/postfix/saslfinger-1.0.2#
Hors ligne
#71 Le 06/09/2007, à 12:29
- toniotonio
Re : Postix - authentification smtp
bon sur ubuntu je sais pas si il y a une difference avec la debian
mais moi je virerai
libgsasl7
libsasl2-modules-sql
donc
aptitude purge libsasl2-modules-sql libgsasl7
Dernière modification par toniotonio (Le 06/09/2007, à 12:30)
Tutoriaux Postfix sur www.starbridge.org/spip
Messagerie Dédiée, Relais Mail Antispam/Antivirus, Infogérance 24/7: http://www.eole-its.com
Hors ligne
#72 Le 06/09/2007, à 12:42
- SebLinux
Re : Postix - authentification smtp
Sep 6 19:40:48 LSERV postfix/smtpd[6624]: connect from ACA8016E.ipt.aol.com[172.168.1.110]
Sep 6 19:40:48 LSERV postfix/smtpd[6624]: setting up TLS connection from ACA8016E.ipt.aol.com[172.168.1.110]
Sep 6 19:40:48 LSERV postfix/smtpd[6624]: TLS connection established from ACA8016E.ipt.aol.com[172.168.1.110]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Sep 6 19:40:49 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 19:40:49 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: Password verification failed
Sep 6 19:40:49 LSERV postfix/smtpd[6624]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep 6 19:40:49 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 19:40:49 LSERV postfix/smtpd[6624]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep 6 19:40:50 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 19:40:50 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: Password verification failed
Sep 6 19:40:50 LSERV postfix/smtpd[6624]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep 6 19:40:50 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 19:40:50 LSERV postfix/smtpd[6624]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep 6 19:40:51 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 19:40:51 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: Password verification failed
Sep 6 19:40:51 LSERV postfix/smtpd[6624]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep 6 19:40:51 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 19:40:51 LSERV postfix/smtpd[6624]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep 6 19:40:52 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 19:40:52 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: Password verification failed
Sep 6 19:40:52 LSERV postfix/smtpd[6624]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep 6 19:40:52 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 19:40:52 LSERV postfix/smtpd[6624]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep 6 19:40:53 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 19:40:53 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: Password verification failed
Sep 6 19:40:53 LSERV postfix/smtpd[6624]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep 6 19:40:53 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep 6 19:40:53 LSERV postfix/smtpd[6624]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Hors ligne
#73 Le 06/09/2007, à 12:45
- toniotonio
Re : Postix - authentification smtp
tu as redemarré saslauthd et postfix ?
si cela ne marche pas desinstalle tous les composants sasl (aptitude purge) puis reinstalle uniquement les paquets necessaires:
aptitude install libsasl2-2 libsasl2-modules sasl2-bin
puis redemarre postfix et postes :
dpkg -l | grep sasl
ps waux | grep sasl
ls -la /var/spool/postfix/var/run/saslauthd
Dernière modification par toniotonio (Le 06/09/2007, à 12:46)
Tutoriaux Postfix sur www.starbridge.org/spip
Messagerie Dédiée, Relais Mail Antispam/Antivirus, Infogérance 24/7: http://www.eole-its.com
Hors ligne
#74 Le 06/09/2007, à 12:46
- SebLinux
Re : Postix - authentification smtp
Tu sais quoi je pense que je vais reprendre ton tuto et ton formater et recommencer ...
non ?
Et si j'ai de nouveau pb j'espere pouvoir recompter sur toi ...
Tu m'as deja beaucoup aider et au moins la prochaine fois se seras sur les bases de ton travail que l'on parlera ...
Est ce que tu as un tuto avec la mise en place d'un webmail a la suite de postfix (simple genre pas horde) ?
Hors ligne
#75 Le 06/09/2007, à 12:48
- SebLinux
Re : Postix - authentification smtp
quand j'ai fais aptitude j'ai cette erreur tu connais ?
Errors were encountered while processing:
clvm
redhat-cluster-suite
system-config-cluster
Hors ligne