[postfix-es]
José Luis Tallón
jltallon en adv-solutions.net
Jue Nov 6 22:15:25 CET 2003
At 00:05 07/11/2003, you wrote:
>Hola a Tod en s.
>
>A ver si alguien puede hacerme un poco de luz porque no consigo que
>funcione,intento
>activar SASL pero no me autentifica,ahi van los datos,cualquier sugerencia
>será
>bienvenida:
>Nota: El fichero /etc/postfix/saslpass no lo tengo,necesito crearlo?
Para nada
>Codifico asi:
>
>perl -MMIME::Base64 -e 'print encode_base64("test\0test\0aquivaelpassword");'
>
>Con el resultado de eso hago el AUTH PLAIN
>
>220 mail.navegants.com ESMTP Postfix
>EHLO navegants.com
>250-mail.navegants.com
>250-PIPELINING
>250-SIZE 102400000
>250-VRFY
>250-ETRN
>250-AUTH PLAIN LOGIN GSSAPI DIGEST-MD5 CRAM-MD5
>250-AUTH=PLAIN LOGIN GSSAPI DIGEST-MD5 CRAM-MD5
>250 8BITMIME
>AUTH PLAIN dGxxxxxxxxxxxxxxxxxxxxxxxxx24=
>535 Error: authentication failed
>
>Pero en el log el error es este:
>smtpd_sasl_authenticate: decoded initial response test.navegants.com
>
>
>
>Nov 6 20:52:36 mail postfix/smtpd[2856]: watchdog_pat: 0x80ad360
>Nov 6 20:53:43 mail postfix/smtpd[2856]: unknown[172.26.0.4]: AUTH PLAIN
>dGxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxu
>Nov 6 20:53:43 mail postfix/smtpd[2856]: smtpd_sasl_authenticate:
>sasl_method PLAIN, init_response
>dxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxu
>Nov 6 20:53:43 mail postfix/smtpd[2856]: smtpd_sasl_authenticate: decoded
>initial response test.navegants.com
>Nov 6 20:53:43 mail postfix/smtpd[2856]: warning: SASL authentication
>failure: Password verification failed
>Nov 6 20:53:43 mail postfix/smtpd[2856]: warning: unknown[172.26.0.4]:
>SASL PLAIN authentication failed
>Nov 6 20:53:43 mail postfix/smtpd[2856]: unknown[172.26.0.4]: 535 Error:
>authentication failed
OK
>Y esto es mi config:
>
>[root en mail sasl2]# postconf -n
>alias_database = hash:/etc/postfix/aliases
>alias_maps = hash:/etc/postfix/aliases
>broken_sasl_auth_clients = yes
>command_directory = /usr/sbin
>config_directory = /etc/postfix
>daemon_directory = /usr/libexec/postfix
>debug_peer_level = 2
>inet_interfaces = all
>mail_owner = postfix
>mailbox_size_limit = 5120000000
>mailq_path = /usr/bin/mailq.postfix
>manpage_directory = /usr/share/man
>message_size_limit = 102400000
>mydestination = $myhostname, localhost.$mydomain, $mydomain
>mydomain = navegants.com
>myhostname = mail.navegants.com
>mynetworks = 172.26.0.2, 172.26.0.3, 127.0.0.0/8
>mynetworks_style = subnet
>myorigin = $mydomain
>newaliases_path = /usr/bin/newaliases.postfix
>notify_classes = resource, software
>queue_directory = /var/spool/postfix
>readme_directory = /etc/postfix/README_FILES
>relay_domains = $mydestination
>sample_directory = /etc/postfix/samples
>sendmail_path = /usr/sbin/sendmail.postfix
>setgid_group = postdrop
>smtp_sasl_auth_enable = yes
>smtp_sasl_password_maps = hash:/etc/postfix/saslpass
>smtp_sasl_security_options = noplaintext
>smtpd_recipient_restrictions =
>permit_sasl_authenticated, permit_mynetworks,
>reject_unauth_destination, check_recipient_access
>hash:/etc/postfix/recipient_checks, check_sender_access
>hash:/etc/postfix/sender_checks, check_client_access
>hash:/etc/postfix/client_checks, permit
>smtpd_sasl_auth_enable = yes
>smtpd_sasl_local_domain = $myhostname
>smtpd_sasl_security_options = noanonymous
>unknown_local_recipient_reject_code = 450
>virtual_alias_domains = $virtual_alias_maps
>virtual_alias_maps = hash:/etc/postfix/virtual
>
>[root en mail sasl2]# cat /usr/lib/sasl2/smtpd.conf
>pwcheck_method: saslauthd
OK.
1.- Verifica que smtpd no está en una jaula chroot ( columna 'chroot' en
master.cf )
2.- Saslauthd tiene que arrancar con los parámetros '-a pam' ( porque
parece que quieres autentificar contra 'shadow', verdad? )
>[root en mail sasl2]# rpm -qa |grep sasl
>cyrus-sasl-devel-2.1.15-3
>cyrus-sasl-md5-2.1.15-3
>cyrus-sasl-plain-2.1.15-3
>cyrus-sasl-2.1.15-3
>cyrus-sasl-gssapi-2.1.15-3
OK
>Saludos y Gracias
>Josep
José Luis Tallón
-
Para ENVIAR mensajes a esta lista tienes que estar SUSCRITO a ella.
.
Envía la linea "unsubscribe postfix-es" en el cuerpo de un mensaje
a majordomo en WL0.org para quitarte de la lista.
Más información sobre la lista de distribución Postfix-es