[postfix-es] TLS y SASL juntos

Jose jperezme en telefonica.net
Mie Mar 12 04:07:44 CET 2003 

Hola a todos.
Tengo funcionando sasl y ahora quiero añadir tls a postfix 2-0-6.
He configurado postfix asi y todo ha ido sin problemas que yo sepa:

make makefiles CCARGS="-DHASH_SSL -DUSE_SASL_AUTH -I/usr/local/ssl/include/openssl -I/usr/local/include/sasl -I/usr/local/include/db3 -I/usr/local/include" \
AUXLIBS="-L/usr/local/lib -L/usr/local/lib/sasl2 -L/usr/local/ssl/lib/ -lssl -lcrypto -lsasl2 -ldb"

Pero si hago telnet veo que no da soporte de tls,pero si de sasl:
220 mail.aixpanish.com ESMTP Postfix/MJ-1.03 (2.0.6)
ehlo mail.aixpanish.com
250-mail.aixpanish.com
250-PIPELINING
250-SIZE 5242880
250-ETRN
250-AUTH LOGIN PLAIN OTP DIGEST-MD5 CRAM-MD5
250-AUTH=LOGIN PLAIN OTP DIGEST-MD5 CRAM-MD5
250-XVERP
250 8BITMIME

A ver si alguien ve algo.Gracias.



Mi salida del postconf -n es:
alias_database = dbm:/etc/postfix/aliases
alias_maps = dbm:/etc/postfix/aliases
body_checks = regexp:/etc/postfix/body_checks
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
default_destination_concurrency_limit = 10
disable_dns_lookups = no
disable_vrfy_command = yes
header_checks = regexp:/etc/postfix/header_checks
local_destination_concurrency_limit = 2
local_recipient_maps = $alias_maps unix:passwd.byname
mail_name = Postfix/MJ-1.03
mail_owner = postfix
mailbox_size_limit = 5242880
mailq_path = /usr/sbin/mailq
manpage_directory = /usr/local/man
maximal_queue_lifetime = 5d
message_size_limit = 5242880
mydestination = $myhostname localhost.$mydomain $mydomain mail.$mydomain
mydomain = aixpanish.com
myhostname = mail.aixpanish.com
mynetworks = 127.0.0.1 172.26.0.0/24
myorigin = $mydomain
newaliases_path = /usr/sbin/newaliases
notify_classes = resource, software, policy
queue_directory = /var/spool/postfix
readme_directory = /etc/postfix/readmefiles
relay_domains = $mydestination
sample_directory = /etc/postfix
sendmail_path = /usr/lib/sendmail
setgid_group = postdrop
smtp_tls_CAfile = /etc/postfix/cert/cacert.pem
smtp_tls_cert_file = /etc/postfix/cert/aixsrv.aixpanish.com.pem
smtp_tls_key_file = /etc/postfix/cert/aixsrv.aixpanish.com.pem
smtp_tls_session_cache_database = sdbm:/etc/postfix/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
smtpd_client_restrictions = reject_rbl_client relays.ordb.org reject_rhsbl_client relays.ordb.org
smtpd_recipient_restrictions = permit_mynetworks, reject_non_fqdn_recipient, permit_sasl_authenticated, check_relay_domains
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $mydomain
smtpd_tls_CAfile = /etc/postfix/cert/cacert.pem
smtpd_tls_cert_file = /etc/postfix/cert/aixsrv.aixpanish.com.pem
smtpd_tls_key_file = /etc/postfix/cert/aixsrv.aixpanish.com.pem
smtpd_tls_session_cache_database = sdbm:/etc/postfix/smtpd_scache
smtpd_use_tls = yes
transport_maps = dbm:/etc/postfix/transport

Mi master.cf es:
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (50)
# ==========================================================================
#127.0.0.1:10025     inet  n       -       n       -       -       smtpd -o content_filter=
smtp      inet  n       -       n       -       -       smtpd
pickup    fifo  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
#qmgr     fifo  n       -       n       300     1       qmgr
qmgr      fifo  n       -       n       300     1       nqmgr
tlsmgr    fifo  -       -       n       300     1       tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
flush     unix  n       -       n       1000?   0       flush
smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       n       -       -       smtp
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       n       n       -       -       lmtp
#
#
#old-cyrus unix  -      n       n       -       -       pipe
#   flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
cyrus     unix  -       n       n       -       -       pipe
    user=cyrus argv=/cyrus/bin/deliver -e -r ${recipient} -m ${extension} ${user}
uucp      unix  -       n       n       -       -       pipe
    flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
    flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
    flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
#vscan    unix  -       n       n       -      10       pipe
#   flags=q user=amavis argv=/usr/sbin/amavis ${sender} ${recipient}

proxymap  unix        -       -       n       -       -       proxymap


----------------------------------------------------------------
Tu portal de Aix en Español
http://aixpanish.com
------------------------------------------------------------
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: http://lists.wl0.org/pipermail/postfix-es/attachments/20030312/1fcff9f4/attachment.htm

Más información sobre la lista de distribución Postfix-es