SASL: kein Login möglich

berny09 · Nov 10, 2009

Guten Abend!

Ich habe die letzten Jahre schon vieles Nützliches hier im Forum lesen und lernen können. Nun reicht aber Lesen alleine nicht mehr aus, ich brauche Hilfe. Ich habe schon diverse Foren durchforstet und google durchgegraben, komme aber nicht weiter:

Ich habe auf einem vserver debian 2.6.18 und habe nach der hier verlinkten Anleitung POSTFIX mit Courier und SASL (mit PAM) eingerichtet. Es funktioniert alles bis auf SASL:

Code:

# testsaslauthd -u test@test.net -p test
0: NO "authentication failed"

auch mit

Code:

# testsaslauthd -f /var/run/saslauthd/ -u test@test.net -p test
0: NO "authentication failed"

und:

Code:

# testsaslauthd -f /var/spool/postfix/var/run/saslauthd/ -u test@test.net -p test
0: NO "authentication failed"

Ausgabe von saslfinger:

Code:

# saslfinger -s
saslfinger - postfix Cyrus sasl configuration Tue Nov 10 21:26:00 UTC 2009
version: 1.0.2
mode: server-side SMTP AUTH

-- basics --
Postfix: 2.3.8
System: Debian GNU/Linux 4.0 \n \l

-- smtpd is linked to --
        libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7d18000)

-- active SMTP AUTH and TLS parameters for smtpd --
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes


-- listing of /usr/lib/sasl2 --
total 796
drwxr-xr-x  2 root root  4096 Nov  9 19:27 .
drwxr-xr-x 41 root root 16384 Nov  9 19:27 ..
-rw-r--r--  1 root root 13304 May 30 12:04 libanonymous.a
-rw-r--r--  1 root root   855 May 30 12:04 libanonymous.la
-rw-r--r--  1 root root 12844 May 30 12:04 libanonymous.so
-rw-r--r--  1 root root 12844 May 30 12:04 libanonymous.so.2
-rw-r--r--  1 root root 12844 May 30 12:04 libanonymous.so.2.0.22
-rw-r--r--  1 root root 15502 May 30 12:04 libcrammd5.a
-rw-r--r--  1 root root   841 May 30 12:04 libcrammd5.la
-rw-r--r--  1 root root 15052 May 30 12:04 libcrammd5.so
-rw-r--r--  1 root root 15052 May 30 12:04 libcrammd5.so.2
-rw-r--r--  1 root root 15052 May 30 12:04 libcrammd5.so.2.0.22
-rw-r--r--  1 root root 46320 May 30 12:04 libdigestmd5.a
-rw-r--r--  1 root root   864 May 30 12:04 libdigestmd5.la
-rw-r--r--  1 root root 43040 May 30 12:04 libdigestmd5.so
-rw-r--r--  1 root root 43040 May 30 12:04 libdigestmd5.so.2
-rw-r--r--  1 root root 43040 May 30 12:04 libdigestmd5.so.2.0.22
-rw-r--r--  1 root root 13482 May 30 12:04 liblogin.a
-rw-r--r--  1 root root   835 May 30 12:04 liblogin.la
-rw-r--r--  1 root root 13384 May 30 12:04 liblogin.so
-rw-r--r--  1 root root 13384 May 30 12:04 liblogin.so.2
-rw-r--r--  1 root root 13384 May 30 12:04 liblogin.so.2.0.22
-rw-r--r--  1 root root 29300 May 30 12:04 libntlm.a
-rw-r--r--  1 root root   829 May 30 12:04 libntlm.la
-rw-r--r--  1 root root 28776 May 30 12:04 libntlm.so
-rw-r--r--  1 root root 28776 May 30 12:04 libntlm.so.2
-rw-r--r--  1 root root 28776 May 30 12:04 libntlm.so.2.0.22
-rw-r--r--  1 root root 13818 May 30 12:04 libplain.a
-rw-r--r--  1 root root   835 May 30 12:04 libplain.la
-rw-r--r--  1 root root 13992 May 30 12:04 libplain.so
-rw-r--r--  1 root root 13992 May 30 12:04 libplain.so.2
-rw-r--r--  1 root root 13992 May 30 12:04 libplain.so.2.0.22
-rw-r--r--  1 root root 21726 May 30 12:04 libsasldb.a
-rw-r--r--  1 root root   856 May 30 12:04 libsasldb.la
-rw-r--r--  1 root root 17980 May 30 12:04 libsasldb.so
-rw-r--r--  1 root root 17980 May 30 12:04 libsasldb.so.2
-rw-r--r--  1 root root 17980 May 30 12:04 libsasldb.so.2.0.22
-rw-r--r--  1 root root 23576 May 30 12:04 libsql.a
-rw-r--r--  1 root root   964 May 30 12:04 libsql.la
-rw-r--r--  1 root root 23072 May 30 12:04 libsql.so
-rw-r--r--  1 root root 23072 May 30 12:04 libsql.so.2
-rw-r--r--  1 root root 23072 May 30 12:04 libsql.so.2.0.22




-- content of /etc/postfix/sasl/smtpd.conf --
#pwcheck_method: auxprop
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
allow_plaintext: true
autotransition: true
#auxprop_plugin: mysql
sql_hostnames: 127.0.0.1
sql_user: --- replaced ---
sql_passwd: --- replaced ---
sql_database: mail
#sql_select: select password from users where email = '%u@%r'
sql_select: select password from users where email = '%u'
saslauthd_path: /var/spool/postfix/var/run/saslauthd

-- active services in /etc/postfix/master.cf --
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
smtp      inet  n       -       -       -       -       smtpd -v
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       -       -       -       smtp
relay     unix  -       -       -       -       -       smtp
        -o fallback_relay=
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -       n       n       -       2       pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}

-- mechanisms on localhost --
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN

-- end of saslfinger output --

/etc/postfix/sasl/smtp.conf:

Code:

pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
allow_plaintext: true
autotransition: true
auxprop_plugin: mysql
sql_hostnames: 127.0.0.1
sql_user: test
sql_passwd: test
sql_database: mail
sql_select: select password from users where email = '%u'
saslauthd_path: /var/spool/postfix/var/run/saslauthd

etc/default/saslauthd:

Code:

START=yes
MECHANISMS="pam"
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"

etc/pam.d/smpt:

Code:

auth required pam_mysql.so user=test passwd=test host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1
account sufficient pam_mysql.so user=test passwd=test host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1

Versenden an sich geht mit:

Code:

telnet localhost 25

Nach dem ich nun einige Abende/Nächte damit verbracht habe, weiß ich einfach nicht weiter. Danke für Eure Hilfe.

Gruß Markus

Mordor · Nov 10, 2009

Hast du mal probiert, ob du dich mit den Logindaten für die Datenbank direkt über mysql einloggen kannst? Und was steht in der mail.log zu dem Zeitpunkt wo du versuchst dich einzuloggen?

berny09 · Nov 10, 2009

Ich kann mich Problemlos mit den Daten in Mysql einloggen.
mail.log zeigt bei testsaslauthd nichts, nur wenn ich es über outlook versuche:

mail.log

Code:

Nov 10 22:12:00 vps-1006820-1956 postfix/smtpd[21903]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
Nov 10 22:12:00 vps-1006820-1956 postfix/smtpd[21903]: warning: 189.104.164.196: hostname 189104164196.user.veloxzone.com.br verification failed: Name or service not known
Nov 10 22:12:00 vps-1006820-1956 postfix/smtpd[21903]: connect from unknown[189.104.164.196]
Nov 10 22:12:01 vps-1006820-1956 postfix/smtpd[21903]: NOQUEUE: reject: RCPT from unknown[189.104.164.196]: 550 5.1.1 <vorstand@domain.de>: Recipient address rejected: User unknown in virtual mailbox table; from=<mwhpnraeklrgf@exxels.com> to=<vorstand@domain.de> proto=ESMTP helo=<189104164196.user.veloxzone.com.br>
Nov 10 22:12:01 vps-1006820-1956 postfix/smtpd[21903]: lost connection after RCPT from unknown[189.104.164.196]
Nov 10 22:12:01 vps-1006820-1956 postfix/smtpd[21903]: disconnect from unknown[189.104.164.196]
Nov 10 22:13:41 vps-1006820-1956 courierpop3login: Connection, ip=[::ffff:91.32.57.119]
Nov 10 22:13:54 vps-1006820-1956 courierpop3login: LOGIN, user=markus@domain.de, ip=[::ffff:91.32.57.119]
Nov 10 22:13:54 vps-1006820-1956 courierpop3login: LOGOUT, user=markus@domain.de, ip=[::ffff:91.32.57.119], top=0, retr=0, rcvd=12, sent=39, time=0
Nov 10 22:13:59 vps-1006820-1956 courierpop3login: Connection, ip=[::ffff:91.32.57.119]
Nov 10 22:13:59 vps-1006820-1956 postfix/smtpd[22429]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
Nov 10 22:13:59 vps-1006820-1956 postfix/smtpd[22429]: connect from p5B203977.dip0.t-ipconnect.de[91.32.57.119]
Nov 10 22:13:59 vps-1006820-1956 courierpop3login: LOGIN, user=postmaster@domain.net, ip=[::ffff:91.32.57.119]
Nov 10 22:14:00 vps-1006820-1956 postfix/smtpd[22429]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Nov 10 22:14:00 vps-1006820-1956 postfix/smtpd[22429]: warning: p5B203977.dip0.t-ipconnect.de[91.32.57.119]: SASL LOGIN authentication failed: generic failure
Nov 10 22:14:00 vps-1006820-1956 postfix/smtpd[22429]: disconnect from p5B203977.dip0.t-ipconnect.de[91.32.57.119]
Nov 10 22:14:00 vps-1006820-1956 courierpop3login: LOGOUT, user=postmaster@domain.net, ip=[::ffff:91.32.57.119], top=0, retr=0, rcvd=12, sent=39, time=1
Nov 10 22:14:01 vps-1006820-1956 postfix/smtpd[22429]: connect from p5B203977.dip0.t-ipconnect.de[91.32.57.119]
Nov 10 22:14:08 vps-1006820-1956 postfix/smtpd[22429]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Nov 10 22:14:08 vps-1006820-1956 postfix/smtpd[22429]: warning: p5B203977.dip0.t-ipconnect.de[91.32.57.119]: SASL LOGIN authentication failed: generic failure
Nov 10 22:14:08 vps-1006820-1956 postfix/smtpd[22429]: disconnect from p5B203977.dip0.t-ipconnect.de[91.32.57.119]
Nov 10 22:14:09 vps-1006820-1956 postfix/smtpd[22429]: connect from p5B203977.dip0.t-ipconnect.de[91.32.57.119]
Nov 10 22:14:09 vps-1006820-1956 postfix/smtpd[22429]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Nov 10 22:14:09 vps-1006820-1956 postfix/smtpd[22429]: warning: p5B203977.dip0.t-ipconnect.de[91.32.57.119]: SASL LOGIN authentication failed: generic failure
Nov 10 22:14:10 vps-1006820-1956 postfix/smtpd[22429]: disconnect from p5B203977.dip0.t-ipconnect.de[91.32.57.119]
Nov 10 22:14:10 vps-1006820-1956 postfix/smtpd[22429]: connect from p5B203977.dip0.t-ipconnect.de[91.32.57.119]
Nov 10 22:14:10 vps-1006820-1956 postfix/smtpd[22429]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Nov 10 22:14:10 vps-1006820-1956 postfix/smtpd[22429]: warning: p5B203977.dip0.t-ipconnect.de[91.32.57.119]: SASL LOGIN authentication failed: generic failure
Nov 10 22:14:10 vps-1006820-1956 postfix/smtpd[22429]: disconnect from p5B203977.dip0.t-ipconnect.de[91.32.57.119]
Nov 10 22:14:11 vps-1006820-1956 postfix/smtpd[22429]: connect from p5B203977.dip0.t-ipconnect.de[91.32.57.119]
Nov 10 22:14:11 vps-1006820-1956 postfix/smtpd[22429]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Nov 10 22:14:11 vps-1006820-1956 postfix/smtpd[22429]: warning: p5B203977.dip0.t-ipconnect.de[91.32.57.119]: SASL LOGIN authentication failed: generic failure
Nov 10 22:14:11 vps-1006820-1956 postfix/smtpd[22429]: disconnect from p5B203977.dip0.t-ipconnect.de[91.32.57.119]

Er findet wohl ein Verzeichnis nicht, verstehe aber nicht weshalb.

LinuxAdmin · Nov 10, 2009

Was sagt: "ls -la /var/spool/postfix/var/run/saslauthd"?

berny09 · Nov 11, 2009

Code:

# ls -la /var/spool/postfix/var/run/saslauthd
total 940
drwxr-xr-x 2 root sasl   4096 Nov 10 22:09 .
drwxr-xr-x 3 root root   4096 Nov  4 22:00 ..
-rw------- 1 root root      0 Nov 10 22:09 cache.flock
-rw------- 1 root root 945152 Nov 10 22:10 cache.mmap
srwxrwxrwx 1 root root      0 Nov 10 22:09 mux
-rw------- 1 root root      0 Nov 10 22:09 mux.accept
-rw------- 1 root root      6 Nov 10 22:09 saslauthd.pid

SASL: kein Login möglich

berny09

New Member

Mordor

Registered User

berny09

New Member

LinuxAdmin

Moderator

berny09

New Member

We value your privacy