[Fwd: Re: [Postfix-es] problema de auth con relay]

Maxnux maxnux en yahoo.com.ar
Mie Mayo 9 20:41:22 CEST 2007 

Perdon por las molestias ocasionadas era una tremenda pabada
tenia mal escrito

smtp_sasl_security_options <http://www.postfix.org/postconf.5.html#smtp_sasl_security_options> = noanonymous

perdon a los que perdieron tiempo y gracias



Maxnux wrote:
> va de nuevo
>
> root en mail:/var/log# postconf -n
> alias_database = hash:/etc/postfix/aliases
> alias_maps = hash:/etc/postfix/aliases
> body_checks = regexp:/etc/postfix/body_checks
> command_directory = /usr/sbin
> config_directory = /etc/postfix
> daemon_directory = /usr/lib/postfix
> debug_peer_level = 5
> disable_vrfy_command = yes
> header_checks = regexp:/etc/postfix/header_checks
> home_mailbox = Maildir/
> html_directory = /usr/doc/postfix-2.2.10/html
> inet_interfaces = all
> local_recipient_maps = unix:passwd.byname $alias_maps
> mail_owner = postfix
> mailq_path = /usr/bin/mailq.postfix
> manpage_directory = /usr/man
> message_size_limit = 5120000
> mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
> myhostname = mail.local.com.ar
> mynetworks = 192.168.0.0/24, 127.0.0.0/8
> newaliases_path = /usr/bin/newaliases.postfix
> queue_directory = /var/spool/postfix
> readme_directory = /usr/doc/postfix-2.2.10/readme
> relayhost = [smtp.fibertel.com.ar]
> sample_directory = /usr/doc/postfix-2.2.10/samples
> sendmail_path = /usr/sbin/sendmail.postfix
> setgid_group = postdrop
> smtp_sasl_auth_enable = yes
> smtp_sasl_mechanism_filter =
> smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
> smtpd_data_restrictions = reject_unauth_pipelining,    permit
> smtpd_helo_required = yes
> smtpd_helo_restrictions = permit_mynetworks,     reject_invalid_hostname
> smtpd_recipient_restrictions = reject_non_fqdn_sender,    
> reject_non_fqdn_recipient,    reject_unknown_sender_domain,    
> reject_unknown_recipient_domain,    reject_unauth_pipelining,    
> permit_mynetworks,    reject_invalid_hostname,    
> reject_non_fqdn_hostname,    reject_unauth_destination,    
> reject_rbl_client relays.mail-abuse.org,    reject_rbl_client 
> list.dsbl.org,    reject_rbl_client sbl.spamhaus.org,    
> reject_rbl_client cbl.abuseat.org,    reject_rbl_client 
> dul.dnsbl.sorbs.net,    reject_rbl_client web.dnsbl.sorbs.net,    
> reject_rbl_client dialups.mail-abuse.net,    permit
> unknown_local_recipient_reject_code = 550
>
> Miguel Angel Tormo wrote:
>> El Martes, 8 de Mayo de 2007 a las 07:47, Miguel Angel Tormo escribió:
>>  
>>> El Martes, 8 de Mayo de 2007 a las 03:53, Maxnux escribió:
>>>    
>>>> Hola a ver si alguien me puede ayudar con esto
>>>>  Estoy configurando un postfix para que haga relay atraves de un isp (
>>>> fibertel para los que sean de argentina) este requiere autentificacion
>>>> usando de http://www.postfix.org/SASL_README.html#client_sasl
>>>> Puse esto
>>>>
>>>>     /etc/postfix/main.cf <http://www.postfix.org/postconf.5.html>:
>>>>         smtp_sasl_auth_enable
>>>> <http://www.postfix.org/postconf.5.html#smtp_sasl_auth_enable> = yes
>>>> smtp_sasl_password_maps
>>>> <http://www.postfix.org/postconf.5.html#smtp_sasl_password_maps> =
>>>> hash:/etc/postfix/sasl_passwd smtp_sasl_type
>>>> <http://www.postfix.org/postconf.5.html#smtp_sasl_type> = cyrus
>>>> smtp_sasl_security_options
>>>> <http://www.postfix.org/postconf.5.html#smtp_sasl_security_options> =
>>>> noanonymous
>>>>       
>> OK, no me había fijado en esto. Tienes esta opción bien configurada, 
>> comprueba qué tienes en smtp_sasl_mechanism_filter.
>> Por otro lado, la salida de postconf -n no cuadra aparentemente con 
>> lo que dices que has puesto... ¿Has probado a recargar la 
>> configuración (postfix reload)?
>> Y si puedes pegar la salida de 'postconf' en lugar de 'postconf -n', 
>> mejor, ya que dependiendo de la versión de postfix, distribución, 
>> etc, los valores por defecto pueden ser diferentes.
>>
>>  
>>>>     /etc/postfix/sasl_passwd:
>>>>
>>>>         [smtp.fibertel.com.ar] username:password
>>>>
>>>>
>>>> y sale este error
>>>>
>>>> May  7 22:22:48 mail postfix/qmgr[11953]: B1C4C29C7: from=<root en mail>,
>>>> size=427, nrcpt=1 (queue active)
>>>> May  7 22:22:49 mail postfix/smtp[12291]: warning: SASL authentication
>>>> failure: No worthy mechs found
>>>> May  7 22:22:49 mail postfix/smtp[12292]: warning: SASL authentication
>>>> failure: No worthy mechs found
>>>> May  7 22:22:49 mail postfix/smtp[12292]: B1C4C29C7:
>>>> to=<test en dominio.com>, relay=smtp.fibertel.com.ar[24.232.0.227],
>>>> delay=11804, status=deferred (Authentication failed: cannot SASL
>>>> authenticate to server smtp.fibertel.com.ar[24.232.0.227]: no 
>>>> mechanism
>>>> available)
>>>> May  7 22:22:49 mail postfix/smtp[12291]: 91D762A01:
>>>> to=<test en dominio.com>, relay=smtp.fibertel.com.ar[24.232.0.227],
>>>> delay=11444, status=deferred (Authentication failed: cannot SASL
>>>> authenticate to server smtp.fibertel.com.ar[24.232.0.227]: no 
>>>> mechanism
>>>> available)
>>>>
>>>>  El smtp de fibertel responde con esto
>>>>
>>>> maxnux en maxnux-n:~$ telnet smtp.fibertel.com.ar 25
>>>> Trying 24.232.0.227...
>>>> Connected to smtp.fibertel.com.ar.
>>>> Escape character is '^]'.
>>>> 220 avas-mr14.fibertel.com.ar ESMTP (NO UCE,UBE,SPAM) Alerce-MR listo
>>>> Mon, 7 May 2007 22:41:16 -0300
>>>> EHLO dns.liocba.com.ar
>>>> 250-avas-mr14.fibertel.com.ar expected "EHLO 
>>>> cpe-6-239.bvconline.com.ar"
>>>> 250-SIZE 10485760
>>>> 250-8BITMIME
>>>> 250-PIPELINING
>>>> 250-CHUNKING
>>>> 250-ENHANCEDSTATUSCODES
>>>> 250-DSN
>>>> 250-AUTH=LOGIN
>>>> 250-AUTH LOGIN
>>>> 250 HELP
>>>>
>>>> alguna idea por que da ese error ???
>>>>
>>>>
>>>> root en mail:/home/admin_remoto# postconf -n
>>>> alias_database = hash:/etc/postfix/aliases
>>>> alias_maps = hash:/etc/postfix/aliases
>>>> body_checks = regexp:/etc/postfix/body_checks
>>>> command_directory = /usr/sbin
>>>> config_directory = /etc/postfix
>>>> daemon_directory = /usr/lib/postfix
>>>> debug_peer_level = 2
>>>> disable_vrfy_command = yes
>>>> header_checks = regexp:/etc/postfix/header_checks
>>>> home_mailbox = Maildir/
>>>> html_directory = /usr/doc/postfix-2.2.10/html
>>>> inet_interfaces = all
>>>> local_recipient_maps = unix:passwd.byname $alias_maps
>>>> mail_owner = postfix
>>>> mailq_path = /usr/bin/mailq.postfix
>>>> manpage_directory = /usr/man
>>>> message_size_limit = 5120000
>>>> mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
>>>> myhostname = mail.local.com.ar
>>>> mynetworks = 192.168.0.0/24, 127.0.0.0/8
>>>> newaliases_path = /usr/bin/newaliases.postfix
>>>> queue_directory = /var/spool/postfix
>>>> readme_directory = /usr/doc/postfix-2.2.10/readme
>>>> relayhost = [smtp.fibertel.com.ar]
>>>> sample_directory = /usr/doc/postfix-2.2.10/samples
>>>> sendmail_path = /usr/sbin/sendmail.postfix
>>>> setgid_group = postdrop
>>>> smtp_sasl_auth_enable = yes
>>>> smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
>>>> smtpd_data_restrictions = reject_unauth_pipelining,    permit
>>>> smtpd_helo_required = yes
>>>> smtpd_helo_restrictions = permit_mynetworks,     
>>>> reject_invalid_hostname
>>>> smtpd_recipient_restrictions = reject_non_fqdn_sender,
>>>> reject_non_fqdn_recipient,    reject_unknown_sender_domain,
>>>> reject_unknown_recipient_domain,    reject_unauth_pipelining,
>>>> permit_mynetworks,    reject_invalid_hostname,
>>>> reject_non_fqdn_hostname,    reject_unauth_destination,
>>>> reject_rbl_client relays.mail-abuse.org,    reject_rbl_client
>>>> list.dsbl.org,    reject_rbl_client sbl.spamhaus.org,
>>>> reject_rbl_client cbl.abuseat.org,    reject_rbl_client
>>>> dul.dnsbl.sorbs.net,    reject_rbl_client web.dnsbl.sorbs.net,
>>>> reject_rbl_client dialups.mail-abuse.net,    permit
>>>> unknown_local_recipient_reject_code = 550
>>>>
>>>> _______________________________________________
>>>> List de correo Postfix-es para tratar temas del MTA postfix en 
>>>> español
>>>> Postfix-es en lists.wl0.org
>>>> http://lists.wl0.org/mailman/listinfo/postfix-es
>>>>       
>>> Parece ser que el servidor de fibertel solamente te ofrece AUTH LOGIN.
>>> Comprueba qué tienes configurado en los siguientes parámetros:
>>> smtp_sasl_mechanism_filter
>>> smtp_sasl_security_options
>>>
>>> Por defecto, smtp_sasl_mechanism_filter estará vacío, por tanto no 
>>> creo que
>>> sea éste el que te esté molestando. En cambio, si ejecutas:
>>>     postconf smtp_sasl_security_options
>>> si no lo has cambiado valdrá:
>>>     smtp_sasl_security_options = noplaintext, noanonymous
>>>
>>> Eso significa que estás rechazando los métodos de autentificación en 
>>> texto
>>> claro, es decir, LOGIN y PLAIN. Lo puedes dejar así:
>>>     smtp_sasl_security_options = noanonymous
>>> Supongo que te funcionará.
>>>
>>> Más información en
>>> http://www.postfix.org/postconf.5.html#smtp_sasl_security_options
>>>
>>> _______________________________________________
>>> List de correo Postfix-es para tratar temas del MTA postfix en espaol
>>> Postfix-es en lists.wl0.org
>>> http://lists.wl0.org/mailman/listinfo/postfix-es
>>>     
>>
>>
>> _______________________________________________
>> List de correo Postfix-es para tratar temas del MTA postfix en español
>> Postfix-es en lists.wl0.org
>> http://lists.wl0.org/mailman/listinfo/postfix-es
>>
>>   
>
>
>
> _______________________________________________
> List de correo Postfix-es para tratar temas del MTA postfix en español
> Postfix-es en lists.wl0.org
> http://lists.wl0.org/mailman/listinfo/postfix-es
>

Más información sobre la lista de distribución Postfix-es