SMTP-AUTH will auch nach einer Woche Arbeit daran nicht

[maxB]

Guten Abend an alle Leserinnen und Leser,

bereits seit einiger Zeit versuche ich nun, auf einem Ubutnu 8.04 TLS-System einen Mailserver mit Hilfe von Postfix, Courier, Amavis, SpamAssassin, MySQL & Squirremail anhand diverser Tutorials ans Laufen zu bekommen. Schon vor Monaten habe ich das erste mal mit dem Tutorial von Flurdy begonnen - und bin an einem Fehler verzweifelt, an den ich mich heute nicht mehr erinnere. Vor ca. 2 Wochen habe ich dann alles noch einmal neu mit selbigen Tutorial begonnen: wieder kein Erfolg. Ich habe natürlich immer recherchiert, nichts hat zum Erfolg geführt.

Anschließend habe ich mich nach anderen Tutorials umgesehen und bin nun nach diesem vorgegangen.

In den letzten Tagen habe ich mehrmals von vorne angefangen, alle Angaben kontrolliert - noch immer funktioniert der Versand von extern über den SMTP-Server nicht. Seit Ewigkeiten sind gefühlte 30 Tabs in meinem Browser mit Recherchen geöffnet.

Ich bin verzweifelt und weiß nicht mehr alleine weiter - und hoffe daher hier auf eine Lösung.

Erst einmal die üblichen Daten:

saslfinger -s

saslfinger - postfix Cyrus sasl configuration Tue Nov 30 23:58:41 CET 2010
version: 1.0.4
mode: server-side SMTP AUTH

-- basics --
Postfix: 2.5.1
System: Ubuntu 8.04.4 LTS \n \l

-- smtpd is linked to --
	libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x00007f46ac27d000)

-- active SMTP AUTH and TLS parameters for smtpd --
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = 
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes


-- listing of /usr/lib64/sasl2 --
total 936
drwxr-xr-x  2 root root  4096 2010-04-07 15:53 .
drwxr-xr-x 65 root root 20480 2010-11-30 21:28 ..
-rw-r--r--  1 root root 19196 2009-06-23 21:16 libanonymous.a
-rw-r--r--  1 root root   862 2009-06-23 21:15 libanonymous.la
-rw-r--r--  1 root root 15888 2009-06-23 21:16 libanonymous.so
-rw-r--r--  1 root root 15888 2009-06-23 21:16 libanonymous.so.2
-rw-r--r--  1 root root 15888 2009-06-23 21:16 libanonymous.so.2.0.22
-rw-r--r--  1 root root 22186 2009-06-23 21:16 libcrammd5.a
-rw-r--r--  1 root root   848 2009-06-23 21:15 libcrammd5.la
-rw-r--r--  1 root root 19184 2009-06-23 21:16 libcrammd5.so
-rw-r--r--  1 root root 19184 2009-06-23 21:16 libcrammd5.so.2
-rw-r--r--  1 root root 19184 2009-06-23 21:16 libcrammd5.so.2.0.22
-rw-r--r--  1 root root 60688 2009-06-23 21:16 libdigestmd5.a
-rw-r--r--  1 root root   871 2009-06-23 21:15 libdigestmd5.la
-rw-r--r--  1 root root 48448 2009-06-23 21:16 libdigestmd5.so
-rw-r--r--  1 root root 48448 2009-06-23 21:16 libdigestmd5.so.2
-rw-r--r--  1 root root 48448 2009-06-23 21:16 libdigestmd5.so.2.0.22
-rw-r--r--  1 root root 19366 2009-06-23 21:16 liblogin.a
-rw-r--r--  1 root root   842 2009-06-23 21:15 liblogin.la
-rw-r--r--  1 root root 16432 2009-06-23 21:16 liblogin.so
-rw-r--r--  1 root root 16432 2009-06-23 21:16 liblogin.so.2
-rw-r--r--  1 root root 16432 2009-06-23 21:16 liblogin.so.2.0.22
-rw-r--r--  1 root root 38980 2009-06-23 21:16 libntlm.a
-rw-r--r--  1 root root   836 2009-06-23 21:15 libntlm.la
-rw-r--r--  1 root root 32368 2009-06-23 21:16 libntlm.so
-rw-r--r--  1 root root 32368 2009-06-23 21:16 libntlm.so.2
-rw-r--r--  1 root root 32368 2009-06-23 21:16 libntlm.so.2.0.22
-rw-r--r--  1 root root 19406 2009-06-23 21:16 libplain.a
-rw-r--r--  1 root root   842 2009-06-23 21:15 libplain.la
-rw-r--r--  1 root root 16336 2009-06-23 21:16 libplain.so
-rw-r--r--  1 root root 16336 2009-06-23 21:16 libplain.so.2
-rw-r--r--  1 root root 16336 2009-06-23 21:16 libplain.so.2.0.22
-rw-r--r--  1 root root 29764 2009-06-23 21:16 libsasldb.a
-rw-r--r--  1 root root   873 2009-06-23 21:15 libsasldb.la
-rw-r--r--  1 root root 21528 2009-06-23 21:16 libsasldb.so
-rw-r--r--  1 root root 21528 2009-06-23 21:16 libsasldb.so.2
-rw-r--r--  1 root root 21528 2009-06-23 21:16 libsasldb.so.2.0.22
-rw-r--r--  1 root root 33576 2009-06-23 21:16 libsql.a
-rw-r--r--  1 root root   971 2009-06-23 21:15 libsql.la
-rw-r--r--  1 root root 27904 2009-06-23 21:16 libsql.so
-rw-r--r--  1 root root 27904 2009-06-23 21:16 libsql.so.2
-rw-r--r--  1 root root 27904 2009-06-23 21:16 libsql.so.2.0.22

-- listing of /usr/lib/sasl2 --
total 936
drwxr-xr-x  2 root root  4096 2010-04-07 15:53 .
drwxr-xr-x 65 root root 20480 2010-11-30 21:28 ..
-rw-r--r--  1 root root 19196 2009-06-23 21:16 libanonymous.a
-rw-r--r--  1 root root   862 2009-06-23 21:15 libanonymous.la
-rw-r--r--  1 root root 15888 2009-06-23 21:16 libanonymous.so
-rw-r--r--  1 root root 15888 2009-06-23 21:16 libanonymous.so.2
-rw-r--r--  1 root root 15888 2009-06-23 21:16 libanonymous.so.2.0.22
-rw-r--r--  1 root root 22186 2009-06-23 21:16 libcrammd5.a
-rw-r--r--  1 root root   848 2009-06-23 21:15 libcrammd5.la
-rw-r--r--  1 root root 19184 2009-06-23 21:16 libcrammd5.so
-rw-r--r--  1 root root 19184 2009-06-23 21:16 libcrammd5.so.2
-rw-r--r--  1 root root 19184 2009-06-23 21:16 libcrammd5.so.2.0.22
-rw-r--r--  1 root root 60688 2009-06-23 21:16 libdigestmd5.a
-rw-r--r--  1 root root   871 2009-06-23 21:15 libdigestmd5.la
-rw-r--r--  1 root root 48448 2009-06-23 21:16 libdigestmd5.so
-rw-r--r--  1 root root 48448 2009-06-23 21:16 libdigestmd5.so.2
-rw-r--r--  1 root root 48448 2009-06-23 21:16 libdigestmd5.so.2.0.22
-rw-r--r--  1 root root 19366 2009-06-23 21:16 liblogin.a
-rw-r--r--  1 root root   842 2009-06-23 21:15 liblogin.la
-rw-r--r--  1 root root 16432 2009-06-23 21:16 liblogin.so
-rw-r--r--  1 root root 16432 2009-06-23 21:16 liblogin.so.2
-rw-r--r--  1 root root 16432 2009-06-23 21:16 liblogin.so.2.0.22
-rw-r--r--  1 root root 38980 2009-06-23 21:16 libntlm.a
-rw-r--r--  1 root root   836 2009-06-23 21:15 libntlm.la
-rw-r--r--  1 root root 32368 2009-06-23 21:16 libntlm.so
-rw-r--r--  1 root root 32368 2009-06-23 21:16 libntlm.so.2
-rw-r--r--  1 root root 32368 2009-06-23 21:16 libntlm.so.2.0.22
-rw-r--r--  1 root root 19406 2009-06-23 21:16 libplain.a
-rw-r--r--  1 root root   842 2009-06-23 21:15 libplain.la
-rw-r--r--  1 root root 16336 2009-06-23 21:16 libplain.so
-rw-r--r--  1 root root 16336 2009-06-23 21:16 libplain.so.2
-rw-r--r--  1 root root 16336 2009-06-23 21:16 libplain.so.2.0.22
-rw-r--r--  1 root root 29764 2009-06-23 21:16 libsasldb.a
-rw-r--r--  1 root root   873 2009-06-23 21:15 libsasldb.la
-rw-r--r--  1 root root 21528 2009-06-23 21:16 libsasldb.so
-rw-r--r--  1 root root 21528 2009-06-23 21:16 libsasldb.so.2
-rw-r--r--  1 root root 21528 2009-06-23 21:16 libsasldb.so.2.0.22
-rw-r--r--  1 root root 33576 2009-06-23 21:16 libsql.a
-rw-r--r--  1 root root   971 2009-06-23 21:15 libsql.la
-rw-r--r--  1 root root 27904 2009-06-23 21:16 libsql.so
-rw-r--r--  1 root root 27904 2009-06-23 21:16 libsql.so.2
-rw-r--r--  1 root root 27904 2009-06-23 21:16 libsql.so.2.0.22

-- listing of /etc/postfix/sasl --
total 12
drwxr-xr-x 2 root postfix 4096 2010-11-30 23:03 .
drwxr-xr-x 3 root root    4096 2010-11-30 23:26 ..
-rw-r--r-- 1 root postfix  354 2010-11-30 23:03 smtpd.conf




-- content of /etc/postfix/sasl/smtpd.conf --
#pwcheck_method: saslauthd
pwcheck_method: auxprop
#auxprop_plugin: mysql
auxprop_plugin: sql
#mech_list: plain login
mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
#allow_plaintext: true
sql_engine: mysql
sql_hostnames: 127.0.0.1
sql_user: --- replaced ---
sql_passwd: --- replaced ---
sql_database: mail
sql_select: SELECT password FROM users WHERE email = '%u@%r'
-- content of /etc/postfix/sasl/smtpd.conf --
#pwcheck_method: saslauthd
pwcheck_method: auxprop
#auxprop_plugin: mysql
auxprop_plugin: sql
#mech_list: plain login
mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
#allow_plaintext: true
sql_engine: mysql
sql_hostnames: 127.0.0.1
sql_user: --- replaced ---
sql_passwd: --- replaced ---
sql_database: mail
sql_select: SELECT password FROM users WHERE email = '%u@%r'

-- active services in /etc/postfix/master.cf --
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
smtp      inet  n       -       -       -       -       smtpd
smtps     inet  n       -       -       -       -       smtpd
    -o smtpd_tls_wrappermode=yes
    -o smtpd_sasl_auth_enable=yes
    -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    -o milter_macro_daemon_name=ORIGINATING
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       -       smtp
relay     unix  -       -       -       -       -       smtp
	-o smtp_fallback_relay=
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix	-	n	n	-	2	pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}

amavis	unix	-	-	-	-	2	smtp
    -o smtp_data_done_timeout=1200
    -o smtp_send_xforward_command=yes
	
127.0.0.1:10025	inet	n	-	-	-	-	smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_client_restrictions=
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks=127.0.0.0/8
    -o strict_rfc821_envelopes=yes
    -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
    -o smtpd_bind_address=127.0.0.1

-- mechanisms on localhost --
250-AUTH PLAIN LOGIN DIGEST-MD5 CRAM-MD5
250-AUTH=PLAIN LOGIN DIGEST-MD5 CRAM-MD5


-- end of saslfinger output --

postconf -n

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = amavis:[127.0.0.1]:10024
html_directory = /usr/share/doc/postfix/html
inet_interfaces = all
mailbox_size_limit = 0
mydestination = leopold.servlix.de, localhost, localhost.localdomain
myhostname = leopold.servlix.de
mynetworks = 127.0.0.0/8
myorigin = /etc/mailname
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
readme_directory = /usr/share/doc/postfix
receive_override_options = no_address_mappings
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain =
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_uid_maps = static:5000

testsaslauth -p user@domain.tld -p password -s smtp -f /var/spool/postfix/var/run/saslauthd/mux

0: OK "Success."

/var/log/mail.log

Dec  1 00:02:32 leopold postfix/smtpd[32161]: connect from XXX[W.X.Y.Z]
Dec  1 00:02:33 leopold postfix/smtpd[32161]: warning: SASL authentication failure: Password verification failed
Dec  1 00:02:33 leopold postfix/smtpd[32161]: warning: XXX[W.X.Y.Z]: SASL PLAIN authentication failed: authentication failure
Dec  1 00:02:33 leopold postfix/smtpd[32161]: warning: XXX[W.X.Y.Z]: SASL LOGIN authentication failed: authentication failure
Dec  1 00:02:34 leopold postfix/smtpd[32161]: disconnect from XXX

/var/log/auth.log

Dec  1 00:02:32 leopold postfix/smtpd[32161]: sql auxprop plugin using mysql engine 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin Parse the username user@domain.tld 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin try and connect to a host 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin trying to open db 'mail' on host '127.0.0.1' 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin Parse the username user@domain.tld 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin try and connect to a host 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin trying to open db 'mail' on host '127.0.0.1' 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: begin transaction
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin create statement from userPassword post vettelfinger.de 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin doing query SELECT password FROM users WHERE email = 'user@domain.tld'; 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin create statement from cmusaslsecretPLAIN post vettelfinger.de 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin doing query SELECT password FROM users WHERE email = 'user@domain.tld'; 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: commit transaction
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin Parse the username user@domain.tld 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin try and connect to a host 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin trying to open db 'mail' on host '127.0.0.1' 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin Parse the username user@domain.tld 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin try and connect to a host 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin trying to open db 'mail' on host '127.0.0.1' 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: begin transaction
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin create statement from userPassword post vettelfinger.de 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin doing query SELECT password FROM users WHERE email = 'user@domain.tld'; 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: commit transaction
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin Parse the username user@domain.tld 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin try and connect to a host 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin trying to open db 'mail' on host '127.0.0.1' 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin Parse the username user@domain.tld 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin try and connect to a host 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin trying to open db 'mail' on host '127.0.0.1' 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: begin transaction
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin create statement from userPassword post vettelfinger.de 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin doing query SELECT password FROM users WHERE email = 'user@domain.tld'; 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin create statement from cmusaslsecretPLAIN post vettelfinger.de 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin doing query SELECT password FROM users WHERE email = 'user@domain.tld'; 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: commit transaction
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin Parse the username user@domain.tld 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin try and connect to a host 
Dec  1 00:02:33 leopold postfix/smtpd[32161]: sql plugin trying to open db 'mail' on host '127.0.0.1'

/var/log/mysql/mysql.log

101201  0:02:33	    157 Connect     mail@localhost on mail
		    157 Quit       
		    158 Connect     mail@localhost on mail
		    158 Query       START TRANSACTION
		    158 Query       SELECT password FROM users WHERE email = 'user@domain.tld'
		    158 Query       SELECT password FROM users WHERE email = 'user@domain.tld'
		    158 Query       COMMIT
		    158 Quit       
		    159 Connect     mail@localhost on mail
		    159 Quit       
		    160 Connect     mail@localhost on mail
		    160 Query       START TRANSACTION
		    160 Query       SELECT password FROM users WHERE email = 'user@domain.tld'
		    160 Query       COMMIT
		    160 Quit       
		    161 Connect     mail@localhost on mail
		    161 Quit       
		    162 Connect     mail@localhost on mail
		    162 Query       START TRANSACTION
		    162 Query       SELECT password FROM users WHERE email = 'user@domain.tld'
		    162 Query       SELECT password FROM users WHERE email = 'user@domain.tld'
		    162 Query       COMMIT
		    162 Quit       
		    163 Connect     mail@localhost on mail
		    163 Quit

Noch einmal zur Klarstellung: IMAP funktioniert, Versand über Squirrelmail funktioniert - alles soweit top. Nur der SMTP-AUTH nicht ...

Ich hoffe auf Hilfe und danke bereits jedem, der sich die Zeit genommen und bis hierhin gelesen hat!

Schönen Abend noch!

 

[maxB]

Ein neuer Tag - ein neuer Versuch.

Vermutlich habe ich mittlerweile so viele Tutorials und Lösungsansätze ausprobiert, dass ich Sachen durcheinander geworfen habe.

Die Lösung fand sich inder /etc/postfix/sasl/smtpd.conf - dort muss man, entgegen ein paar Hinweisen, die ich bekam, auf folgendes achten:

pwcheck_method: saslauthd
auxprop_plugin: mysql

Bei pwcheck_method gehört kein auxprop hin und bei auxprop_plugin auch kein sql ...

Auf ins nächste Problem ;-)