Postfix,SASL(mysql) connected nicht zu mysql(?)

I

IWantMail

New Member
Ich hoffe, irgendjemand kann mir hier dringend helfen!

Ich habe gerade einen "frischen" opensuse11.1-server aufgesetzt und u.a. postfix,courier,mysql,... darauf installiert. postfix soll mit mysql zusammenlaufen (mail-account passwords dürfen auch ausnahmsweise plaintext in der DB stehen...). Daher wollte ich auf PAM verzichten, um es zunächst einfach über smtpd.conf: auxprop=sql machen, um endlich mails versenden zu können.

über pop3+mysql können schon sauber mails vom server von mail-clients abgeholt werden aber eben nicht versendet (daher denke ich das grundsätzlich die mysql funktionalität sauber steht: user+pwd in DB-tables).

Inzwischen bin ich bei saslfinger angekommen und hoffe, daß hier jemand vielleicht was drin sieht, was ich nicht peile... :confused:

Code: 
saslfinger - postfix Cyrus sasl configuration Sun Jun  6 23:15:08 CEST 2010
version: 1.0.2
mode: server-side SMTP AUTH

-- basics --
Postfix: 2.5.5
System: Welcome to openSUSE 11.1 - Kernel \r (\l).

-- smtpd is linked to --
        libsasl2.so.2 => /usr/lib64/libsasl2.so.2 (0x00007fa33fe05000)

-- active SMTP AUTH and TLS parameters for smtpd --
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_path = smtpd
smtpd_sasl_security_options = noanonymous
smtpd_use_tls = no


-- listing of /usr/lib64/sasl2 --
total 796
drwxr-xr-x  2 root root  4096 Jun  6 21:55 .
drwxr-xr-x 64 root root 36864 Jun  6 13:36 ..
-rwxr-xr-x  1 root root 18888 May 14  2009 libanonymous.so
-rwxr-xr-x  1 root root 18888 May 14  2009 libanonymous.so.2
-rwxr-xr-x  1 root root 18888 May 14  2009 libanonymous.so.2.0.22
-rwxr-xr-x  1 root root 23040 May 14  2009 libcrammd5.so
-rwxr-xr-x  1 root root 23040 May 14  2009 libcrammd5.so.2
-rwxr-xr-x  1 root root 23040 May 14  2009 libcrammd5.so.2.0.22
-rwxr-xr-x  1 root root 52272 May 14  2009 libdigestmd5.so
-rwxr-xr-x  1 root root 52272 May 14  2009 libdigestmd5.so.2
-rwxr-xr-x  1 root root 52272 May 14  2009 libdigestmd5.so.2.0.22
-rwxr-xr-x  1 root root 31408 May 14  2009 libgssapiv2.so
-rwxr-xr-x  1 root root 31408 May 14  2009 libgssapiv2.so.2
-rwxr-xr-x  1 root root 31408 May 14  2009 libgssapiv2.so.2.0.22
-rwxr-xr-x  1 root root 18912 May 14  2009 liblogin.so
-rwxr-xr-x  1 root root 18912 May 14  2009 liblogin.so.2
-rwxr-xr-x  1 root root 18912 May 14  2009 liblogin.so.2.0.22
-rwxr-xr-x  1 root root 52600 May 14  2009 libotp.so
-rwxr-xr-x  1 root root 52600 May 14  2009 libotp.so.2
-rwxr-xr-x  1 root root 52600 May 14  2009 libotp.so.2.0.22
-rwxr-xr-x  1 root root 18912 May 14  2009 libplain.so
-rwxr-xr-x  1 root root 18912 May 14  2009 libplain.so.2
-rwxr-xr-x  1 root root 18912 May 14  2009 libplain.so.2.0.22
-rwxr-xr-x  1 root root 22888 May 14  2009 libsasldb.so
-rwxr-xr-x  1 root root 22888 May 14  2009 libsasldb.so.2
-rwxr-xr-x  1 root root 22888 May 14  2009 libsasldb.so.2.0.22

-- listing of /etc/sasl2 --
total 24
drwxr-xr-x  2 root root  4096 Jun  6 22:28 .
drwxr-xr-x 91 root root 12288 Jun  6 22:26 ..
-rw-------  1 root root   289 Jun  6 19:01 smtpd.c_o_n_f_orig
-rw-r--r--  1 root root   255 Jun  6 22:28 smtpd.conf




-- content of /etc/sasl2/smtpd.conf --
pwcheck_method: auxprop
auxprop_plugin: sql
mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
sql_engine: mysql
sql_hostnames: localhost
sql_user: --- replaced ---
sql_passwd: --- replaced ---
sql_database: maildb
sql_select: SELECT clear FROM users WHERE id='%u@%r' AND enabled=1


-- active services in /etc/postfix/master.cf --
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
smtp      inet  n       -       n       -       -       smtpd
pickup    fifo  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       n       -       -       smtp
        -o fallback_relay=
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
discard   unix  -       -       n       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
scache    unix  -       -       n       -       1       scache
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
cyrus     unix  -       n       n       -       -       pipe
  user=cyrus argv=/usr/lib/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
procmail  unix  -       n       n       -       -       pipe
  flags=R user=nobody argv=/usr/bin/procmail -t -m /etc/procmailrc ${sender} ${recipient}
retry     unix  -       -       n       -       -       error
proxywrite unix -       -       n       -       1       proxymap

-- mechanisms on localhost --
250-AUTH LOGIN CRAM-MD5 DIGEST-MD5 PLAIN
250-AUTH=LOGIN CRAM-MD5 DIGEST-MD5 PLAIN


-- end of saslfinger output --

Mit tail -f kontrolliere ich schon das mysqld.log, sehe da aber nix drin, wenn ich eine Mail versenden will. Wohlaber, wenn Mails von draueßn reinkommen...

Ich hoffe, irgendjemand kann mir hier helfen!
 
/etc/postfix/{main,master}.cf

Hier die main.cf. Die habe ich abgeändert, basierend auf dieser page:
http://flurdy.com/docs/postfix/. (Das ist zwar hauptsächlich Ubuntu, aber dachte ich, könnte ich weitestgehend übernehmen.)

Code: 
inet_protocols = all
biff = no
mail_spool_directory = /var/mail
canonical_maps = hash:/etc/postfix/canonical

#virtual_alias_maps = hash:/etc/postfix/virtual
#virtual_alias_domains = hash:/etc/postfix/virtual
alias_maps = hash:/etc/aliases
virtual_mailbox_base = /var/spool/mail/virtual
virtual_mailbox_maps = mysql:/etc/postfix/mysql_mailbox.cf
virtual_uid_maps = mysql:/etc/postfix/mysql_uid.cf
virtual_gid_maps = mysql:/etc/postfix/mysql_gid.cf
virtual_alias_maps = mysql:/etc/postfix/mysql_alias.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_domains.cf


relocated_maps = hash:/etc/postfix/relocated
#transport_maps = hash:/etc/postfix/transport
sender_canonical_maps = hash:/etc/postfix/sender_canonical
masquerade_exceptions = root
masquerade_classes = envelope_sender, header_sender, header_recipient

# added:
mydomain = MYDOMAIN.de
myorigin=MYDOMAIN.de

# changed:
myhostname = mail.MYDOMAIN.de
delay_warning_time = 1h
message_strip_characters = \0
program_directory = /usr/lib/postfix

# changed from "localhost" to "all"
inet_interfaces = all

masquerade_domains = 
# set to blank from: mydestination = $myhostname, localhost.$mydomain
mydestination =
defer_transports = 
local_recipient_maps=

# changed from "subnet" to "host"
mynetworks_style = host

disable_dns_lookups = no
relayhost = 
mailbox_command = 
mailbox_transport = 
strict_8bitmime = no
disable_mime_output_conversion = no
#smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, warn_if_reject reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_pipelining, permit

smtpd_client_restrictions = 
# this could be better:
#smtpd_client_restrictions = reject_rbl_client sbl.spamhaus.org, reject_rbl_client blackholes.easynet.nl, reject_rbl_client dnsbl.njabl.org 

# changed to "yes" from "no"
smtpd_helo_required = yes

# added (was blank previously):
smtpd_helo_restrictions = reject_unknown_helo_hostname

# added completely:
smtpd_data_restrictions = reject_unauth_pipelining

# changed to "yes" from "no"
strict_rfc821_envelopes = no

# changed to long list (like from opensuse proposed):
#smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination
# tmp rausgenommen:  reject_rbl_client pbl.spamhaus.org,
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, permit_sasl_authenticated, reject_rbl_client cbl.abuseat.org,reject_rbl_client sbl.spamhaus.org,reject_unauth_destination, reject_invalid_hostname,reject_non_fqdn_hostname, reject_non_fqdn_sender,reject_non_fqdn_recipient, reject_unknown_sender_domain,reject_unknown_recipient_domain, permit


smtpd_sasl_path = smtpd
smtpd_sasl_application_name = smtpd

# changed from "no" to yes"
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain =
broken_sasl_auth_clients = yes

smtpd_use_tls = no
smtp_use_tls = no
mailbox_size_limit = 0
message_size_limit = 10240000

Die master.cf habe ich völlig untouched gelassen:

Code: 
#
# Postfix master process configuration file.  For details on the format
# of the file, see the Postfix master(5) manual page.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       n       -       -       smtpd
#submission inet n      -       n       -       -       smtpd
#	-o smtpd_etrn_restrictions=reject
#	-o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps    inet  n       -       n       -       -       smtpd -o smtpd_tls_wrappermode=yes
#  -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
#submission   inet    n       -       n       -       -       smtpd
#  -o smtpd_etrn_restrictions=reject
#  -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
#628      inet  n       -       n       -       -       qmqpd
pickup    fifo  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       n       300     1       oqmgr
#tlsmgr    unix  -       -       n       1000?   1       tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       n       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       n       -       -       smtp
	-o fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
discard   unix  -       -       n       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
#localhost:10025 inet	n	-	n	-	-	smtpd -o content_filter=
scache	  unix	-	-	n	-	1	scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
cyrus	  unix	-	n	n	-	-	pipe
  user=cyrus argv=/usr/lib/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
uucp	  unix	-	n	n	-	-	pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
procmail  unix  -       n       n       -       -       pipe
  flags=R user=nobody argv=/usr/bin/procmail -t -m /etc/procmailrc ${sender} ${recipient}
retry	  unix	-	-	n	-	-	error
proxywrite unix	-	-	n	-	1	proxymap

Any idea?? :confused:
 
You must log in or register to reply here.
Back
Top