当前位置: 技术问答>linux和unix
postfix sasl认证出错.....
来源: 互联网 发布时间:2016-08-31
本文导语: main.cf----------------------- queue_directory = /var/spool/postfix command_directory = /usr/sbin daemon_directory = /usr/libexec/postfix mail_owner = postfix myhostname = mail.gdvcp.net #myhostname = virtual.domain.tld mydomain = gdvcp.net myorigin = $myhostnam...
main.cf-----------------------
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
myhostname = mail.gdvcp.net
#myhostname = virtual.domain.tld
mydomain = gdvcp.net
myorigin = $myhostname
#myorigin = $mydomain
#inet_interfaces = all
#inet_interfaces = $myhostname
#inet_interfaces = $myhostname, localhost
inet_interfaces =all
# The proxy_interfaces parameter specifies the network interface
# addresses that this mail system receives mail on by way of a
# proxy or network address translation unit. This setting extends
# the address list specified with the inet_interfaces parameter.
#
# You must specify your proxy/NAT addresses when your system is a
# backup MX host for other domains, otherwise mail delivery loops
# will happen when the primary MX host is down.
#
#proxy_interfaces =
#proxy_interfaces = 1.2.3.4
mydestination = $myhostname,$mydomain, localhost
unknown_local_recipient_reject_code = 550
mynetworks = 168.100.189.0/28, 127.0.0.0/8,192.168.0.0/100,192.168.1.0/100
#mynetworks = $config_directory/mynetworks
#mynetworks = hash:/etc/postfix/network_table
relay_domains =gdvcp.net
alias_database = hash:/etc/aliases
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
# newaliases_path: The full pathname of the Postfix newaliases command.
# This is the Sendmail-compatible command to build alias databases.
#
newaliases_path = /usr/bin/newaliases.postfix
# mailq_path: The full pathname of the Postfix mailq command. This
# is the Sendmail-compatible mail queue listing command.
#
mailq_path = /usr/bin/mailq.postfix
# setgid_group: The group for mail submission and queue management
# commands. This must be a group name with a numerical group ID that
# is not shared with other accounts, not even with the Postfix account.
#
setgid_group = postdrop
# html_directory: The location of the Postfix HTML documentation.
#
html_directory = no
sample_directory = /usr/share/doc/postfix-2.3.3/samples
# readme_directory: The location of the Postfix README files.
#
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
smtpd_sasl_auth_enable = yes //启用sasl验证
smtpd_sasl_security_options = noanonymous //设定验证机制,拒绝匿名用户
broken_sasl_auth_clients = yes //
smtpd_recipient_restrictions =
permit_sasl_authenticated,
permit_mynetworks,
reject_unauth_destination[img=http://b39.photo.store.qq.com/http_imgload.cgi?/rurl4_b=330ec2dd367158f41360ab48d297c5dc1561e19bb25efa7d4e1f9f4ac0fdde32b220c3e8078590a61f8c67490a22776e2b7d495d105275b9c815b4268751276b2d9e15802cc15c2fecfff375748805eb9a2daf2f&a=38&b=39][/img]
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
myhostname = mail.gdvcp.net
#myhostname = virtual.domain.tld
mydomain = gdvcp.net
myorigin = $myhostname
#myorigin = $mydomain
#inet_interfaces = all
#inet_interfaces = $myhostname
#inet_interfaces = $myhostname, localhost
inet_interfaces =all
# The proxy_interfaces parameter specifies the network interface
# addresses that this mail system receives mail on by way of a
# proxy or network address translation unit. This setting extends
# the address list specified with the inet_interfaces parameter.
#
# You must specify your proxy/NAT addresses when your system is a
# backup MX host for other domains, otherwise mail delivery loops
# will happen when the primary MX host is down.
#
#proxy_interfaces =
#proxy_interfaces = 1.2.3.4
mydestination = $myhostname,$mydomain, localhost
unknown_local_recipient_reject_code = 550
mynetworks = 168.100.189.0/28, 127.0.0.0/8,192.168.0.0/100,192.168.1.0/100
#mynetworks = $config_directory/mynetworks
#mynetworks = hash:/etc/postfix/network_table
relay_domains =gdvcp.net
alias_database = hash:/etc/aliases
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
# newaliases_path: The full pathname of the Postfix newaliases command.
# This is the Sendmail-compatible command to build alias databases.
#
newaliases_path = /usr/bin/newaliases.postfix
# mailq_path: The full pathname of the Postfix mailq command. This
# is the Sendmail-compatible mail queue listing command.
#
mailq_path = /usr/bin/mailq.postfix
# setgid_group: The group for mail submission and queue management
# commands. This must be a group name with a numerical group ID that
# is not shared with other accounts, not even with the Postfix account.
#
setgid_group = postdrop
# html_directory: The location of the Postfix HTML documentation.
#
html_directory = no
sample_directory = /usr/share/doc/postfix-2.3.3/samples
# readme_directory: The location of the Postfix README files.
#
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
smtpd_sasl_auth_enable = yes //启用sasl验证
smtpd_sasl_security_options = noanonymous //设定验证机制,拒绝匿名用户
broken_sasl_auth_clients = yes //
smtpd_recipient_restrictions =
permit_sasl_authenticated,
permit_mynetworks,
reject_unauth_destination[img=http://b39.photo.store.qq.com/http_imgload.cgi?/rurl4_b=330ec2dd367158f41360ab48d297c5dc1561e19bb25efa7d4e1f9f4ac0fdde32b220c3e8078590a61f8c67490a22776e2b7d495d105275b9c815b4268751276b2d9e15802cc15c2fecfff375748805eb9a2daf2f&a=38&b=39][/img]
|
我看你是想采用ldap认证吧 那你/etc/sysconfig/saslauthd
文件里
为什么
MECH=shadow //这个是使用本地shadow密码文件认证
既然你用ldap认证
应该改成
MECH=ldap
另外不知道你的smtpd.conf文件在哪儿
我的在/etc/sasl2/smtpd.conf
至少有如下2句
pwcheck_method: saslauthd
mech_list: plain login
main.cf里再加一句
smtpd_sasl_application_name = smtpd
还有你关于ldap的配置是不是正确 你也得先自己再确认一下
文件里
为什么
MECH=shadow //这个是使用本地shadow密码文件认证
既然你用ldap认证
应该改成
MECH=ldap
另外不知道你的smtpd.conf文件在哪儿
我的在/etc/sasl2/smtpd.conf
至少有如下2句
pwcheck_method: saslauthd
mech_list: plain login
main.cf里再加一句
smtpd_sasl_application_name = smtpd
还有你关于ldap的配置是不是正确 你也得先自己再确认一下
|
楼主先用最简单的试试:
smtpd.conf中仅配置以下两行:
pwcheck_method: auxprop
mech_list: plain login
添加账号:
saslpasswd2 -c -u `postconf -h mydomain` miaojihao
然后用telnet测试一下
smtpd.conf中仅配置以下两行:
pwcheck_method: auxprop
mech_list: plain login
添加账号:
saslpasswd2 -c -u `postconf -h mydomain` miaojihao
然后用telnet测试一下
|
那你先按楼上的设置 先把一种认证的弄正确了
再添加另外一种认证 你这样眉毛胡子一把抓 出问题都不好找
再添加另外一种认证 你这样眉毛胡子一把抓 出问题都不好找
|
看你的ldap_filter
ldap_filter: mail=%u@%r--
所以你认证的格式应该是 user@realm 的格式
所以测试的时候应该是 /usr/sbin/testsaslauthd -u miao -p 'rootroot' -r realm
ldap_filter: mail=%u@%r--
所以你认证的格式应该是 user@realm 的格式
所以测试的时候应该是 /usr/sbin/testsaslauthd -u miao -p 'rootroot' -r realm
您可能感兴趣的文章:
本站(WWW.)旨在分享和传播互联网科技相关的资讯和技术,将尽最大努力为读者提供更好的信息聚合和浏览方式。
本站(WWW.)站内文章除注明原创外,均为转载、整理或搜集自网络。欢迎任何形式的转载,转载请注明出处。
本站(WWW.)站内文章除注明原创外,均为转载、整理或搜集自网络。欢迎任何形式的转载,转载请注明出处。