Contenu | Rechercher | Menus

Annonce

Si vous avez des soucis pour rester connecté, déconnectez-vous puis reconnectez-vous depuis ce lien en cochant la case
Me connecter automatiquement lors de mes prochaines visites.

À propos de l'équipe du forum.

#51 Le 06/09/2007, à 08:41

SebLinux

Re : Postix - authentification smtp

Je fais ca et te tiens au courant

Merci

Hors ligne

#52 Le 06/09/2007, à 09:27

SebLinux

Re : Postix - authentification smtp

Alors j'ai bien tout suivis mais j'ai un message d'erreur dans mon client de type :" impossible de se connecter au serveur 172.168.1.22 via STARTTLS car il n'a pas proposé STARTTLS dans la réponse au EHLO."

Comme domaine a la place de star....org j'ai mis domain.tld qui est dans ma base sql

Voila les log des mails

Sep  6 16:21:11 LSERV postfix/smtpd[6785]: cannot load Certificate Authority data
Sep  6 16:21:11 LSERV postfix/smtpd[6785]: warning: TLS library problem: 6785:error:02001002:system library:fopen:No such file or directory:bss_file.c:122:fopen('/etc/postfix/tls/cacert.pem','r'):
Sep  6 16:21:11 LSERV postfix/smtpd[6785]: warning: TLS library problem: 6785:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:125:
Sep  6 16:21:11 LSERV postfix/smtpd[6785]: warning: TLS library problem: 6785:error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib:by_file.c:274:
Sep  6 16:21:11 LSERV postfix/smtpd[6785]: connect from ACA8016E.ipt.aol.com[172.168.1.110]
Sep  6 16:21:11 LSERV postfix/cleanup[6788]: B8BA217454F: message-id=<20070906082111.B8BA217454F@LSERV.example.org>
Sep  6 16:21:11 LSERV postfix/smtpd[6785]: disconnect from ACA8016E.ipt.aol.com[172.168.1.110]
Sep  6 16:21:11 LSERV postfix/qmgr[5995]: B8BA217454F: from=<double-bounce@LSERV.example.org>, size=802, nrcpt=1 (queue active)
Sep  6 16:21:11 LSERV postfix/smtp[6790]: B8BA217454F: to=<postmaster@domaine.tld>, orig_to=<postmaster>, relay=none, delay=0.07, delays=0.06/0.01/0/0, dsn=5.4.4, status=bounced (Host or domain name not found. Name service error for name=domaine.tld type=A: Host not found)
Sep  6 16:21:11 LSERV postfix/bounce[6791]: warning: B8BA217454F: undeliverable postmaster notification discarded
Sep  6 16:21:11 LSERV postfix/qmgr[5995]: B8BA217454F: removed
Sep  6 16:22:04 LSERV postfix/smtpd[6785]: connect from ACA8016E.ipt.aol.com[172.168.1.110]
Sep  6 16:22:04 LSERV postfix/cleanup[6788]: DE78D17454F: message-id=<20070906082204.DE78D17454F@LSERV.example.org>
Sep  6 16:22:04 LSERV postfix/qmgr[5995]: DE78D17454F: from=<double-bounce@LSERV.example.org>, size=802, nrcpt=1 (queue active)
Sep  6 16:22:04 LSERV postfix/smtpd[6785]: disconnect from ACA8016E.ipt.aol.com[172.168.1.110]
Sep  6 16:22:04 LSERV postfix/smtp[6790]: DE78D17454F: to=<postmaster@domaine.tld>, orig_to=<postmaster>, relay=none, delay=0.01, delays=0.01/0/0/0, dsn=5.4.4, status=bounced (Host or domain name not found. Name service error for name=domaine.tld type=A: Host not found)
Sep  6 16:22:04 LSERV postfix/bounce[6791]: warning: DE78D17454F: undeliverable postmaster notification discarded
Sep  6 16:22:04 LSERV postfix/qmgr[5995]: DE78D17454F: removed
Sep  6 16:22:33 LSERV postfix/master[5983]: terminating on signal 15
Sep  6 16:22:33 LSERV postfix/master[6909]: daemon started -- version 2.3.8, configuration /etc/postfix
Sep  6 16:22:51 LSERV postfix/smtpd[6951]: cannot load Certificate Authority data
Sep  6 16:22:51 LSERV postfix/smtpd[6951]: warning: TLS library problem: 6951:error:02001002:system library:fopen:No such file or directory:bss_file.c:122:fopen('/etc/postfix/tls/cacert.pem','r'):
Sep  6 16:22:51 LSERV postfix/smtpd[6951]: warning: TLS library problem: 6951:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:125:
Sep  6 16:22:51 LSERV postfix/smtpd[6951]: warning: TLS library problem: 6951:error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib:by_file.c:274:
Sep  6 16:22:51 LSERV postfix/smtpd[6951]: connect from ACA8016E.ipt.aol.com[172.168.1.110]
Sep  6 16:22:51 LSERV postfix/cleanup[6955]: 6114E17454F: message-id=<20070906082251.6114E17454F@LSERV.example.org>
Sep  6 16:22:51 LSERV postfix/smtpd[6951]: disconnect from ACA8016E.ipt.aol.com[172.168.1.110]
Sep  6 16:22:51 LSERV postfix/qmgr[6914]: 6114E17454F: from=<double-bounce@LSERV.example.org>, size=802, nrcpt=1 (queue active)
Sep  6 16:22:51 LSERV postfix/smtp[6957]: 6114E17454F: to=<postmaster@domaine.tld>, orig_to=<postmaster>, relay=none, delay=0.04, delays=0.03/0.01/0/0, dsn=5.4.4, status=bounced (Host or domain name not found. Name service error for name=domaine.tld type=A: Host not found)
Sep  6 16:22:51 LSERV postfix/bounce[6958]: warning: 6114E17454F: undeliverable postmaster notification discarded
Sep  6 16:22:51 LSERV postfix/qmgr[6914]: 6114E17454F: removed

Voici le telnet :

root@LSERV:/etc/postfix/tls# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 LSERV.example.org ESMTP Postfix (Ubuntu)
ehlo domain.tld
250-LSERV.example.org
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

... ? J'ai bien l'impression que je me rapproche mais ...

Hors ligne

#53 Le 06/09/2007, à 09:35

toniotonio

Re : Postix - authentification smtp

tu as modifié ta conf TLS ?
ou tu as regénéré des certifs ?


Tutoriaux Postfix sur www.starbridge.org/spip
Messagerie Dédiée, Relais Mail Antispam/Antivirus, Infogérance 24/7: http://www.eole-its.com

Hors ligne

#54 Le 06/09/2007, à 09:42

SebLinux

Re : Postix - authentification smtp

regenere des certif

Hors ligne

#55 Le 06/09/2007, à 09:43

toniotonio

Re : Postix - authentification smtp

sad
fallait pas sad

fais voir ta conf ? postconf -n


Tutoriaux Postfix sur www.starbridge.org/spip
Messagerie Dédiée, Relais Mail Antispam/Antivirus, Infogérance 24/7: http://www.eole-its.com

Hors ligne

#56 Le 06/09/2007, à 09:46

SebLinux

Re : Postix - authentification smtp

root@LSERV:/etc/postfix/tls# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 LSERV.example.org ESMTP Postfix (Ubuntu)
ehlo domain.tld
250-LSERV.example.org
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

Hors ligne

#57 Le 06/09/2007, à 09:48

toniotonio

Re : Postix - authentification smtp

postconf -n ?


Tutoriaux Postfix sur www.starbridge.org/spip
Messagerie Dédiée, Relais Mail Antispam/Antivirus, Infogérance 24/7: http://www.eole-its.com

Hors ligne

#58 Le 06/09/2007, à 09:49

SebLinux

Re : Postix - authentification smtp

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = amavis:[127.0.0.1]:10024
mailbox_size_limit = 0
mydestination = localhost.localdomain, localhost
myhostname = LSERV.example.org
mynetworks = 127.0.0.0/8
myorigin = /etc/mailname
receive_override_options = no_address_mappings
recipient_delimiter = +
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = permit_mynetworks,  permit_sasl_authenticated,  reject_non_fqdn_hostname,  reject_non_fqdn_sender,  reject_non_fqdn_recipient,    reject_unauth_destination,  reject_unauth_pipelining,     reject_invalid_hostname,  reject_rbl_client sbl-xbl.spamhaus.org
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = 
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/postfix/tls/cacert.pem
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/postfix/tls/smtpd.crt
smtpd_tls_key_file = /etc/postfix/tls/smtpd.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 51200000
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 5000
virtual_transport = virtual
virtual_uid_maps = static:5000

Hors ligne

#59 Le 06/09/2007, à 09:53

toniotonio

Re : Postix - authentification smtp

j'espere que tu as conservé tes anciens certifs, sinon ne fait pas cette modif !

efface

smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/postfix/tls/smtpd.crt
smtpd_tls_key_file = /etc/postfix/tls/smtpd.key
smtpd_tls_CAfile = /etc/postfix/tls/cacert.pem

et ajoute (ce sont tes anciens certifs):

smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key

Tutoriaux Postfix sur www.starbridge.org/spip
Messagerie Dédiée, Relais Mail Antispam/Antivirus, Infogérance 24/7: http://www.eole-its.com

Hors ligne

#60 Le 06/09/2007, à 10:08

SebLinux

Re : Postix - authentification smtp

quand je fais ca j'ai bien un nouveau certificat qui m'est demandé mais le mot de passe ne passe pas

Sep  6 17:07:10 LSERV postfix/qmgr[8126]: 8ECAA17454F: removed
Sep  6 17:07:12 LSERV postfix/master[8122]: terminating on signal 15
Sep  6 17:07:13 LSERV postfix/master[8242]: daemon started -- version 2.3.8, configuration /etc/postfix
Sep  6 17:07:15 LSERV postfix/smtpd[8249]: connect from ACA8016E.ipt.aol.com[172.168.1.110]
Sep  6 17:07:15 LSERV postfix/smtpd[8249]: setting up TLS connection from ACA8016E.ipt.aol.com[172.168.1.110]
Sep  6 17:07:17 LSERV postfix/smtpd[8249]: TLS connection established from ACA8016E.ipt.aol.com[172.168.1.110]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Sep  6 17:07:17 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 17:07:17 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: Password verification failed
Sep  6 17:07:17 LSERV postfix/smtpd[8249]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep  6 17:07:17 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 17:07:17 LSERV postfix/smtpd[8249]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep  6 17:07:20 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 17:07:20 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: Password verification failed
Sep  6 17:07:20 LSERV postfix/smtpd[8249]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep  6 17:07:20 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 17:07:20 LSERV postfix/smtpd[8249]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep  6 17:07:21 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 17:07:21 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: Password verification failed
Sep  6 17:07:21 LSERV postfix/smtpd[8249]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep  6 17:07:21 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 17:07:21 LSERV postfix/smtpd[8249]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep  6 17:07:22 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 17:07:22 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: Password verification failed
Sep  6 17:07:22 LSERV postfix/smtpd[8249]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep  6 17:07:22 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 17:07:22 LSERV postfix/smtpd[8249]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep  6 17:07:24 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 17:07:24 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: Password verification failed
Sep  6 17:07:24 LSERV postfix/smtpd[8249]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep  6 17:07:24 LSERV postfix/smtpd[8249]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 17:07:24 LSERV postfix/smtpd[8249]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure

Hors ligne

#61 Le 06/09/2007, à 10:15

toniotonio

Re : Postix - authentification smtp

ok a nouveau:
fais voir ta conf complete:

le contenu des fichiers:
/etc/default/saslauthd
/etc/pam.d/smtp
/etc/postfix/sasl/smtpd.conf

le resultat des commandes:
postconf -n
ls -la /var/spool/postfix/var/run/saslauthd/
getent group | grep postfix
ps waux | grep saslauthd


Tutoriaux Postfix sur www.starbridge.org/spip
Messagerie Dédiée, Relais Mail Antispam/Antivirus, Infogérance 24/7: http://www.eole-its.com

Hors ligne

#62 Le 06/09/2007, à 10:35

SebLinux

Re : Postix - authentification smtp

le contenu des fichiers:

/etc/default/saslauthd

#
# Settings for saslauthd daemon
#

# Should saslauthd run automatically on startup? (default: no)
START=yes

# Which authentication mechanisms should saslauthd use? (default: pam)
#
# Available options in this Debian package:
# getpwent  -- use the getpwent() library function
# kerberos5 -- use Kerberos 5
# pam       -- use PAM
# rimap     -- use a remote IMAP server
# shadow    -- use the local shadow password file
# sasldb    -- use the local sasldb database file
# ldap      -- use LDAP (configuration is in /etc/saslauthd.conf)
#
# Only one option may be used at a time. See the saslauthd man page
# for more information.
#
# Example: MECHANISMS="pam"
MECHANISMS="pam"

# Additional options for this mechanism. (default: none)
# See the saslauthd man page for information about mech-specific options.
MECH_OPTIONS=""

# How many saslauthd processes should we run? (default: 5)
# A value of 0 will fork a new process for each connection.
THREADS=5

#PARAMS="-m /var/spool/postfix/var/run/saslauthd -r"


# Other options (default: -c)
# See the saslauthd man page for information about these options.
#
# Example for postfix users: "-c -m /var/spool/postfix/var/run/saslauthd"
# Note: See /usr/share/doc/sasl2-bin/README.Debian
OPTIONS="-c -r -m /var/spool/postfix/var/run/saslauthd"

/etc/pam.d/smtp

auth required pam_mysql.so user=root passwd=sebseb host=127.0.0.1 db=postfix table=mailbox usercolumn=username passwdcolumn=password crypt=1 md5=1

/etc/postfix/sasl/smtpd.conf

pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
log_level: 5

le resultat des commandes:
postconf -n

root@LSERV:/etc/postfix# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = amavis:[127.0.0.1]:10024
mailbox_size_limit = 0
mydestination = localhost.localdomain, localhost
myhostname = LSERV.example.org
mynetworks = 127.0.0.0/8
myorigin = /etc/mailname
receive_override_options = no_address_mappings
recipient_delimiter = +
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = permit_mynetworks,  permit_sasl_authenticated,  reject_non_fqdn_hostname,  reject_non_fqdn_sender,  reject_non_fqdn_recipient,    reject_unauth_destination,  reject_unauth_pipelining,     reject_invalid_hostname,  reject_rbl_client sbl-xbl.spamhaus.org
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = 
smtpd_sasl_security_options = noanonymous
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 51200000
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 5000
virtual_transport = virtual
virtual_uid_maps = static:5000

ls -la /var/spool/postfix/var/run/saslauthd/

total 940
drwx--x--- 2 root sasl   4096 2007-09-06 16:22 .
drwxr-xr-x 5 root sasl   4096 2007-09-06 15:47 ..
-rw------- 1 root root      0 2007-09-06 16:22 cache.flock
-rw------- 1 root root 945152 2007-09-06 16:22 cache.mmap
srwxrwxrwx 1 root root      0 2007-09-06 16:22 mux
-rw------- 1 root root      0 2007-09-06 16:22 mux.accept
-rw------- 1 root root      5 2007-09-06 16:22 saslauthd.pid

getent group | grep postfix

total 940
drwx--x--- 2 root sasl   4096 2007-09-06 16:22 .
drwxr-xr-x 5 root sasl   4096 2007-09-06 15:47 ..
-rw------- 1 root root      0 2007-09-06 16:22 cache.flock
-rw------- 1 root root 945152 2007-09-06 16:22 cache.mmap
srwxrwxrwx 1 root root      0 2007-09-06 16:22 mux
-rw------- 1 root root      0 2007-09-06 16:22 mux.accept
-rw------- 1 root root      5 2007-09-06 16:22 saslauthd.pid
root@LSERV:/etc/postfix# getent group | grep postfix
sasl:x:45:postfix
postfix:x:119:

ps waux | grep sas

root@LSERV:/etc/postfix# ps waux | grep sas
root      6942  0.0  0.0   7396   752 ?        Ss   16:22   0:00 /usr/sbin/saslauthd -a pam -c -r -m /var/spool/postfix/var/run/saslauthd -n 5
root      6943  0.0  0.0   7396   472 ?        S    16:22   0:00 /usr/sbin/saslauthd -a pam -c -r -m /var/spool/postfix/var/run/saslauthd -n 5
root      6944  0.0  0.0   7396   360 ?        S    16:22   0:00 /usr/sbin/saslauthd -a pam -c -r -m /var/spool/postfix/var/run/saslauthd -n 5
root      6946  0.0  0.0   7396   360 ?        S    16:22   0:00 /usr/sbin/saslauthd -a pam -c -r -m /var/spool/postfix/var/run/saslauthd -n 5
root      6947  0.0  0.0   7396   360 ?        S    16:22   0:00 /usr/sbin/saslauthd -a pam -c -r -m /var/spool/postfix/var/run/saslauthd -n 5
root      8645  0.0  0.0   2884   776 pts/0    S+   17:34   0:00 grep sas
root@LSERV:/etc/postfix#

voila !!!

Hors ligne

#63 Le 06/09/2007, à 10:54

toniotonio

Re : Postix - authentification smtp

il te manque une ligne dans le /etc/pam/smtp:
dans le tuto c'est:

auth required pam_mysql.so user=postfix passwd=yourpass host=127.0.0.1 db=postfix table=mailbox usercolumn=username passwdcolumn=password crypt=1 md5=1

account sufficient pam_mysql.so user=postfix passwd=yourpass host=127.0.0.1 db=postfix table=mailbox usercolumn=username passwdcolumn=password crypt=1 md5=1

valide bien egalemnet les champs de ce fichier avec ceux de ta base sql (tout doit correspondre evidemment)

remarque: tu utilises le root de sql ce qui est une tres tres mauvaise pratique.



enleve dans le main.cf:

smtpd_use_tls = yes

(c'est l'ancien parametre, le nouveau etant deja specifié dans ta conf: smtpd_tls_security_level = may)

et une question: en quoi sont encryptés les passwords des users dans la base SQL ?


Tutoriaux Postfix sur www.starbridge.org/spip
Messagerie Dédiée, Relais Mail Antispam/Antivirus, Infogérance 24/7: http://www.eole-its.com

Hors ligne

#64 Le 06/09/2007, à 11:06

SebLinux

Re : Postix - authentification smtp

pam.d :J'avais deliberement enlever la ligne pour coller a ton tuto

Root : je sais mais je suis en période de test et d'apprentissage ce qui me permet de mieux me familiarisé et d'eviter un bog suplémantaire mais ca va changer !

Les mots de passe sont encrypter avec la fonction encrypt de php

<?

$guid=crypt("seb");


echo  $guid;

?>

Hors ligne

#65 Le 06/09/2007, à 11:32

toniotonio

Re : Postix - authentification smtp

il ya bien les 2 lignes dans le tuto mais l'ascenseur cachait la derniere.

ok essaie de faire un test et postes les logs

Dernière modification par toniotonio (Le 06/09/2007, à 11:33)


Tutoriaux Postfix sur www.starbridge.org/spip
Messagerie Dédiée, Relais Mail Antispam/Antivirus, Infogérance 24/7: http://www.eole-its.com

Hors ligne

#66 Le 06/09/2007, à 11:58

SebLinux

Re : Postix - authentification smtp

Toujours pareil le mot de passe est refusé :

Sep  6 18:57:21 LSERV postfix/smtpd[10824]: connect from ACA8016E.ipt.aol.com[172.168.1.110]
Sep  6 18:57:21 LSERV postfix/smtpd[10824]: setting up TLS connection from ACA8016E.ipt.aol.com[172.168.1.110]
Sep  6 18:57:21 LSERV postfix/smtpd[10824]: TLS connection established from ACA8016E.ipt.aol.com[172.168.1.110]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Sep  6 18:57:23 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 18:57:23 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: Password verification failed
Sep  6 18:57:23 LSERV postfix/smtpd[10824]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep  6 18:57:23 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 18:57:23 LSERV postfix/smtpd[10824]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep  6 18:57:24 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 18:57:24 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: Password verification failed
Sep  6 18:57:24 LSERV postfix/smtpd[10824]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep  6 18:57:24 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 18:57:24 LSERV postfix/smtpd[10824]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep  6 18:57:25 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 18:57:25 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: Password verification failed
Sep  6 18:57:25 LSERV postfix/smtpd[10824]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep  6 18:57:25 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 18:57:25 LSERV postfix/smtpd[10824]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep  6 18:57:26 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 18:57:26 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: Password verification failed
Sep  6 18:57:26 LSERV postfix/smtpd[10824]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep  6 18:57:26 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 18:57:26 LSERV postfix/smtpd[10824]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep  6 18:57:28 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 18:57:28 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: Password verification failed
Sep  6 18:57:28 LSERV postfix/smtpd[10824]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep  6 18:57:28 LSERV postfix/smtpd[10824]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 18:57:28 LSERV postfix/smtpd[10824]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep  6 18:57:31 LSERV postfix/smtpd[10824]: disconnect from ACA8016E.ipt.aol.com[172.168.1.110]

Hors ligne

#67 Le 06/09/2007, à 12:03

toniotonio

Re : Postix - authentification smtp

essaye de redemarrer le serveur saslauthd et postfix

installe saslfinger :

wget http://postfix.state-of-mind.de/patrick.koetter/saslfinger/saslfinger-1.0.2.tar.gz
tar xvzf saslfinger-1.0.2.tar.gz
cd saslfinger-1.0.2
./install.sh

puis tu le lances et tu postes la sortie:

saslfinger -s

Tutoriaux Postfix sur www.starbridge.org/spip
Messagerie Dédiée, Relais Mail Antispam/Antivirus, Infogérance 24/7: http://www.eole-its.com

Hors ligne

#68 Le 06/09/2007, à 12:19

SebLinux

Re : Postix - authentification smtp

root@LSERV:/etc/postfix/saslfinger-1.0.2# saslfinger -s
saslfinger - postfix Cyrus sasl configuration Thu Sep  6 19:18:38 HKT 2007
version: 1.0.2
mode: server-side SMTP AUTH

-- basics --
Postfix: 2.3.8
System: Ubuntu 7.04 \n \l

-- smtpd is linked to --
        libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7d6d000)

-- active SMTP AUTH and TLS parameters for smtpd --
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = 
smtpd_sasl_security_options = noanonymous
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s


-- listing of /usr/lib/sasl2 --
total 852
drwxr-xr-x   2 root root  4096 2007-08-28 15:44 .
drwxr-xr-x 186 root root 69632 2007-08-31 14:55 ..
-rw-r--r--   1 root root 13640 2007-01-09 18:33 libanonymous.a
-rw-r--r--   1 root root   855 2007-01-09 18:33 libanonymous.la
-rw-r--r--   1 root root 13240 2007-01-09 18:33 libanonymous.so
-rw-r--r--   1 root root 13240 2007-01-09 18:33 libanonymous.so.2
-rw-r--r--   1 root root 13240 2007-01-09 18:33 libanonymous.so.2.0.22
-rw-r--r--   1 root root 15942 2007-01-09 18:33 libcrammd5.a
-rw-r--r--   1 root root   841 2007-01-09 18:33 libcrammd5.la
-rw-r--r--   1 root root 15704 2007-01-09 18:33 libcrammd5.so
-rw-r--r--   1 root root 15704 2007-01-09 18:33 libcrammd5.so.2
-rw-r--r--   1 root root 15704 2007-01-09 18:33 libcrammd5.so.2.0.22
-rw-r--r--   1 root root 47348 2007-01-09 18:33 libdigestmd5.a
-rw-r--r--   1 root root   864 2007-01-09 18:33 libdigestmd5.la
-rw-r--r--   1 root root 43884 2007-01-09 18:33 libdigestmd5.so
-rw-r--r--   1 root root 43884 2007-01-09 18:33 libdigestmd5.so.2
-rw-r--r--   1 root root 43884 2007-01-09 18:33 libdigestmd5.so.2.0.22
-rw-r--r--   1 root root 13650 2007-01-09 18:33 liblogin.a
-rw-r--r--   1 root root   835 2007-01-09 18:33 liblogin.la
-rw-r--r--   1 root root 14036 2007-01-09 18:33 liblogin.so
-rw-r--r--   1 root root 14036 2007-01-09 18:33 liblogin.so.2
-rw-r--r--   1 root root 14036 2007-01-09 18:33 liblogin.so.2.0.22
-rw-r--r--   1 root root 30516 2007-01-09 18:33 libntlm.a
-rw-r--r--   1 root root   829 2007-01-09 18:33 libntlm.la
-rw-r--r--   1 root root 29876 2007-01-09 18:33 libntlm.so
-rw-r--r--   1 root root 29876 2007-01-09 18:33 libntlm.so.2
-rw-r--r--   1 root root 29876 2007-01-09 18:33 libntlm.so.2.0.22
-rw-r--r--   1 root root 13938 2007-01-09 18:33 libplain.a
-rw-r--r--   1 root root   835 2007-01-09 18:33 libplain.la
-rw-r--r--   1 root root 14036 2007-01-09 18:33 libplain.so
-rw-r--r--   1 root root 14036 2007-01-09 18:33 libplain.so.2
-rw-r--r--   1 root root 14036 2007-01-09 18:33 libplain.so.2.0.22
-rw-r--r--   1 root root 22150 2007-01-09 18:33 libsasldb.a
-rw-r--r--   1 root root   856 2007-01-09 18:33 libsasldb.la
-rw-r--r--   1 root root 18372 2007-01-09 18:33 libsasldb.so
-rw-r--r--   1 root root 18372 2007-01-09 18:33 libsasldb.so.2
-rw-r--r--   1 root root 18372 2007-01-09 18:33 libsasldb.so.2.0.22
-rw-r--r--   1 root root 23812 2007-01-09 18:33 libsql.a
-rw-r--r--   1 root root   964 2007-01-09 18:33 libsql.la
-rw-r--r--   1 root root 23352 2007-01-09 18:33 libsql.so
-rw-r--r--   1 root root 23352 2007-01-09 18:33 libsql.so.2
-rw-r--r--   1 root root 23352 2007-01-09 18:33 libsql.so.2.0.22




-- content of /etc/postfix/sasl/smtpd.conf --
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
log_level: 5


-- active services in /etc/postfix/master.cf --
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
smtp      inet  n       -       n       -       -       smtpd
smtps   inet    n       y       -       -       -       smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       -       -       -       smtp
relay     unix  -       -       -       -       -       smtp
        -o fallback_relay=
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -       n       n       -       2       pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}

amavis unix - - - - 2 smtp
        -o smtp_data_done_timeout=1200
        -o smtp_send_xforward_command=yes

127.0.0.1:10025 inet n - - - - smtpd
        -o content_filter=
        -o local_recipient_maps=
        -o relay_recipient_maps=
        -o smtpd_restriction_classes=
        -o smtpd_client_restrictions=
        -o smtpd_helo_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o mynetworks=127.0.0.0/8
        -o strict_rfc821_envelopes=yes
        -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
        -o smtpd_bind_address=127.0.0.1

-- mechanisms on localhost --

-- end of saslfinger output --

root@LSERV:/etc/postfix/saslfinger-1.0.2#

Hors ligne

#69 Le 06/09/2007, à 12:23

toniotonio

Re : Postix - authentification smtp

dpkg -l | grep sasl

Dernière modification par toniotonio (Le 06/09/2007, à 12:24)


Tutoriaux Postfix sur www.starbridge.org/spip
Messagerie Dédiée, Relais Mail Antispam/Antivirus, Infogérance 24/7: http://www.eole-its.com

Hors ligne

#70 Le 06/09/2007, à 12:26

SebLinux

Re : Postix - authentification smtp

root@LSERV:/etc/postfix/saslfinger-1.0.2# dpkg -l | grep sasl
ii  libgsasl7                                  0.2.12-1build1                         GNU SASL library
ii  libsasl2                                   2.1.22.dfsg1-8ubuntu2                  Authentication abstraction library
ii  libsasl2-2                                 2.1.22.dfsg1-8ubuntu2                  Authentication abstraction library
ii  libsasl2-modules                           2.1.22.dfsg1-8ubuntu2                  Pluggable Authentication Modules for SASL
ii  libsasl2-modules-sql                       2.1.22.dfsg1-8ubuntu2                  Pluggable Authentication Modules for SASL (SQL)
ii  sasl2-bin                                  2.1.22.dfsg1-8ubuntu2                  Administration programs for SASL users database
root@LSERV:/etc/postfix/saslfinger-1.0.2#

Hors ligne

#71 Le 06/09/2007, à 12:29

toniotonio

Re : Postix - authentification smtp

hmm bon sur ubuntu je sais pas si il y a une difference avec la debian
mais moi je virerai

libgsasl7
libsasl2-modules-sql



donc

aptitude purge libsasl2-modules-sql libgsasl7

Dernière modification par toniotonio (Le 06/09/2007, à 12:30)


Tutoriaux Postfix sur www.starbridge.org/spip
Messagerie Dédiée, Relais Mail Antispam/Antivirus, Infogérance 24/7: http://www.eole-its.com

Hors ligne

#72 Le 06/09/2007, à 12:42

SebLinux

Re : Postix - authentification smtp

Sep  6 19:40:48 LSERV postfix/smtpd[6624]: connect from ACA8016E.ipt.aol.com[172.168.1.110]
Sep  6 19:40:48 LSERV postfix/smtpd[6624]: setting up TLS connection from ACA8016E.ipt.aol.com[172.168.1.110]
Sep  6 19:40:48 LSERV postfix/smtpd[6624]: TLS connection established from ACA8016E.ipt.aol.com[172.168.1.110]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Sep  6 19:40:49 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 19:40:49 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: Password verification failed
Sep  6 19:40:49 LSERV postfix/smtpd[6624]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep  6 19:40:49 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 19:40:49 LSERV postfix/smtpd[6624]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep  6 19:40:50 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 19:40:50 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: Password verification failed
Sep  6 19:40:50 LSERV postfix/smtpd[6624]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep  6 19:40:50 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 19:40:50 LSERV postfix/smtpd[6624]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep  6 19:40:51 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 19:40:51 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: Password verification failed
Sep  6 19:40:51 LSERV postfix/smtpd[6624]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep  6 19:40:51 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 19:40:51 LSERV postfix/smtpd[6624]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep  6 19:40:52 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 19:40:52 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: Password verification failed
Sep  6 19:40:52 LSERV postfix/smtpd[6624]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep  6 19:40:52 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 19:40:52 LSERV postfix/smtpd[6624]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure
Sep  6 19:40:53 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 19:40:53 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: Password verification failed
Sep  6 19:40:53 LSERV postfix/smtpd[6624]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL PLAIN authentication failed: generic failure
Sep  6 19:40:53 LSERV postfix/smtpd[6624]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Sep  6 19:40:53 LSERV postfix/smtpd[6624]: warning: ACA8016E.ipt.aol.com[172.168.1.110]: SASL LOGIN authentication failed: generic failure

Hors ligne

#73 Le 06/09/2007, à 12:45

toniotonio

Re : Postix - authentification smtp

tu as redemarré saslauthd et postfix ?

si cela ne marche pas desinstalle tous les composants sasl (aptitude purge) puis reinstalle uniquement les paquets necessaires:

aptitude install libsasl2-2 libsasl2-modules sasl2-bin

puis redemarre postfix et postes :

dpkg -l | grep sasl
ps waux | grep sasl

ls -la /var/spool/postfix/var/run/saslauthd

Dernière modification par toniotonio (Le 06/09/2007, à 12:46)


Tutoriaux Postfix sur www.starbridge.org/spip
Messagerie Dédiée, Relais Mail Antispam/Antivirus, Infogérance 24/7: http://www.eole-its.com

Hors ligne

#74 Le 06/09/2007, à 12:46

SebLinux

Re : Postix - authentification smtp

Tu sais quoi je pense que je vais reprendre ton tuto et ton formater et recommencer ...

non ?

Et si j'ai de nouveau pb j'espere pouvoir recompter sur toi ...

Tu m'as deja beaucoup aider et au moins la prochaine fois se seras sur les bases de ton travail que l'on parlera ...

Est ce que tu as un tuto avec la mise en place d'un webmail a la suite de postfix (simple genre pas horde) ?

Hors ligne

#75 Le 06/09/2007, à 12:48

SebLinux

Re : Postix - authentification smtp

quand j'ai fais aptitude j'ai cette erreur tu connais ?

Errors were encountered while processing:
clvm
redhat-cluster-suite
system-config-cluster

Hors ligne