On 10/03/2010 09:58 PM, Nicholas Sideris wrote:
On Oct 4, 2010, at 4:39 AM, Matt Hayes wrote:
On 10/03/2010 09:32 PM, Nicholas Sideris wrote:
Hello,
I have the following trouble with enabling the smtpd auth for postfix ...
First of all I am using Dovecot 1.2.x and I have enabled everything
according to the available on-line HOW TOs. Everything seems fine to me
and the appropriate socket is created under private/auth so there's no
problem there.
Now I had modified main.cf to enable SMTP AUTH as follows (I do also
include a few lines of other config, because I think it may be useful
for you):
html_directory = /server/html/postfix
manpage_directory = /server/man
sample_directory = /server/etc/postfix
readme_directory = /server/readme/postfix
data_directory = /var/lib/postfix
virtual_mailbox_maps = mysql:/server/etc/postfix/virtual.sql
virtual_mailbox_base = /
virtual_minimum_uid = 1500
virtual_uid_maps = mysql:/server/etc/postfix/uids.sql
virtual_gid_maps = mysql:/server/etc/postfix/gids.sql
virtual_mailbox_limit_maps = mysql:/server/etc/postfix/quota.sql
content_filter = avscan:[127.0.0.1]:10025
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
#broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
smtpd_recipient_restrictions =
permit_mynetworks
permit_sasl_authenticated
reject_unauth_destination
Now when I am trying to test if it works, I get this
telnet> open xxxxx.xxxxxx.xxx 25
Trying 127.0.0.1...
Connected to localbase.
Escape character is '^]'.
220 eurovision.oikotimes.net <http://eurovision.oikotimes.net>
<http://eurovision.oikotimes.net> ESMTP Postfix
EHLO client.test.gr <http://client.test.gr> <http://client.test.gr>
250-xxxxx.xxxxxx.xxx
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH PLAIN ncjdskl=
502 5.5.2 Error: command not recognized
AUTH PLAIN bchjdbckjdsc=
502 5.5.2 Error: command not recognized
So actually there's no SMTP authentication available.
Any ideas of what I need to check?
PS: My server is custom compiled using this command ...
make AUXLIBS='-L/server/lib/mysql -lmysqlclient -lz -lm -lpcre'
CCARGS='-DDEF_CONFIG_DIR=\"/server/etc/postfix\"
-DDEF_COMMAND_DIR=\"/server/sbin\"
-DDEF_DAEMON_DIR=\"/server/libexec/postfix\"
-DDEF_MAILQ_PATH=\"/usr/bin/mailq\"
-DDEF_HTML_DIR=\"/server/html/postfix\"
-DDEF_MANPAGE_DIR=\"/server/man\"
-DDEF_NEWALIAS_PATH=\"/usr/bin/newaliases\"
-DDEF_README_DIR=\"/server/readme/postfix\"
-DDEF_SENDMAIL_PATH=\"/usr/sbin/sendmail\" -DHAS_MYSQL
-I/server/include/mysql -DHAS_PCRE -DUSE_SASL_AUTH
-DDEF_SERVER_SASL_TYPE=\"dovecot\"' OPT='-O' DEBUG='-g'
PS2: Obtaining mail works as it should ... everything is ok.
You might want to look at using smtpd_sasl_auth_enable for your smtpd
listener.
I'd suggest using submisstion port 587 as well for your authenticated
clients.
-Matt
Still I get the same message. Well I had opened port 587 and tried it as
well. Here's my master.cf, could be the antivirus I mean {avscan] the
real problem? From the other hand the server doesn;t even recognize the
command ...
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
postspam unix - n n - - pipe
flags=Rq user=spamdu argv=/server/bin/postspam -f ${sender} -- ${recipient}
#policy unix - n n - - spawn
# user=nobody argv=/usr/bin/perl /inertia/mailserver/bin/greylist.pl -v
smtp inet n - n - - smtpd
-o content_filter=postspam:dummy
submission inet n - n - - smtpd
-o smtpd_enforce_tls=no
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps inet n - n - - smtpd
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#628 inet n - n - - qmqpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - n - - smtp
-o fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
#maildrop unix - n n - - pipe
# flags=DRhu user=vmail argv=/server/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# The Cyrus deliver program has changed incompatibly, multiple times.
#
#old-cyrus unix - n n - - pipe
# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus unix - n n - - pipe
# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
#uucp unix - n n - - pipe
# flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
($recipient)
#
# ====================================================================
#
# Other external delivery methods.
#
#ifmail unix - n n - - pipe
# flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
#
#bsmtp unix - n n - - pipe
# flags=Fq. user=bsmtp argv=/usr/local/sbin/bsmtp -f $sender $nexthop
$recipient
#
#scalemail-backend unix - n n - 2 pipe
# flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
# ${nexthop} ${user} ${extension}
#
#mailman unix - n n - - pipe
# flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
# ${nexthop} ${user}
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
avscan unix - - n - 16 smtp
-o smtp_send_xforward_command=yes
-o smtp_enforce_tls=no
127.0.0.1:10026 inet n - n - 16 smtpd
-o content_filter=
-o
receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o
smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
-o mynetworks_style=host
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
proxywrite unix - - n - 1 proxymap
Do you have logs of the transaction when trying to send outbound through
port 587 using authentication?
-Matt
