Postfix + Ubuntu:SASL LOGIN 身份验证失败:身份验证失败

Postfix + Ubuntu:SASL LOGIN 身份验证失败:身份验证失败

在 Ubuntu 18.04 服务器上,我使用 Webmin 和 Virtualmin 来管理服务器和虚拟主机。

查看文件:/var/log/mail.log

我有这个:

Sep  5 12:11:50 ns3147326 postfix/smtpd[17356]: warning: unknown[92.118.38.51]: SASL LOGIN authentication failed: authentication failure
Sep  5 12:11:50 ns3147326 postfix/smtpd[17356]: disconnect from unknown[92.118.38.51] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4

给出这个命令service saslauthd status我得到:

● saslauthd.service - LSB: saslauthd startup script
Loaded: loaded (/etc/init.d/saslauthd; generated)
Active: active (running) since Thu 2019-09-05 12:15:18 CEST; 31min ago
 Docs: man:systemd-sysv-generator(8)
Process: 21744 ExecStop=/etc/init.d/saslauthd stop (code=exited, 
status=0/SUCCESS)
Process: 21762 ExecStart=/etc/init.d/saslauthd start (code=exited, 
status=0/SUCCESS)
Tasks: 10 (limit: 4915)
CGroup: /system.slice/saslauthd.service
       ├─19961 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
       ├─19962 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
       ├─19963 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
       ├─19964 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
       ├─19965 /usr/sbin/saslauthd -a pam -c -m /var/run/saslauthd -n 5
       ├─21783 /usr/sbin/saslauthd -a pam -c -m 
/var/spool/postfix/var/run/saslauthd -r -n 5
       ├─21784 /usr/sbin/saslauthd -a pam -c -m 
/var/spool/postfix/var/run/saslauthd -r -n 5
       ├─21785 /usr/sbin/saslauthd -a pam -c -m 
/var/spool/postfix/var/run/saslauthd -r -n 5
       ├─21786 /usr/sbin/saslauthd -a pam -c -m 
/var/spool/postfix/var/run/saslauthd -r -n 5
       └─21787 /usr/sbin/saslauthd -a pam -c -m 
/var/spool/postfix/var/run/saslauthd -r -n 5

set 05 12:46:56 ns3147326 saslauthd[21784]: pam_unix(smtp:auth): check pass; 
user unknown
set 05 12:46:56 ns3147326 saslauthd[21784]: pam_unix(smtp:auth): 
authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=
set 05 12:46:57 ns3147326 saslauthd[21784]: DEBUG: auth_pam: 
pam_authenticate failed: Authentication failure
set 05 12:46:57 ns3147326 saslauthd[21784]:                 : auth failure: 
[[email protected]] [service=smtp] [realm=ip-51-75-135.eu] 
[mech=pam] [reason=PAM auth error]

我用 Google 搜索了该问题,但找不到解决方案。

这是我的 /etc/postfix/main.cf:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
# fresh installs.
compatibility_level = 2

# TLS parameters
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated 
defer_unauth_destination
myhostname = ns3147326.ip-51-75-135.eu
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = $mydomain
mydestination = $myhostname, localhost.$mydomain, $mydomain, localhost, 
localhost.localdomain
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_protocols = all
virtual_alias_maps = hash:/etc/postfix/virtual
sender_bcc_maps = hash:/etc/postfix/bcc
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
home_mailbox = Maildir/
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated 
reject_unauth_destination
smtp_tls_security_level = may
allow_percent_hack = no
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
mynetworks_style = subnet

这是我的 /etc/default/saslauthd:

#
# Settings for saslauthd daemon
# Please read /usr/share/doc/sasl2-bin/README.Debian for details.
#

# Should saslauthd run automatically on startup? (default: no)
START=yes

# Description of this saslauthd instance. Recommended.
# (suggestion: SASL Authentication Daemon)
DESC="SASL Authentication Daemon"

# Short name of this saslauthd instance. Strongly recommended.
# (suggestion: saslauthd)
NAME="saslauthd"

# Which authentication mechanisms should saslauthd use? (default: pam)
#
# Available options in this Debian package:
# getpwent  -- use the getpwent() library function
# kerberos5 -- use Kerberos 5
# pam       -- use PAM
# rimap     -- use a remote IMAP server
# shadow    -- use the local shadow password file
# sasldb    -- use the local sasldb database file
# ldap      -- use LDAP (configuration is in /etc/saslauthd.conf)
#
# Only one option may be used at a time. See the saslauthd man page
# for more information.
#
# Example: MECHANISMS="pam"
MECHANISMS="pam"

# Additional options for this mechanism. (default: none)
# See the saslauthd man page for information about mech-specific options.
#OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"


# How many saslauthd processes should we run? (default: 5)
# A value of 0 will fork a new process for each connection.
THREADS=5

# Other options (default: -c -m /var/run/saslauthd)
# Note: You MUST specify the -m option or saslauthd won't run!
#
# WARNING: DO NOT SPECIFY THE -d OPTION.
# The -d option will cause saslauthd to run in the foreground instead of as
# a daemon. This will PREVENT YOUR SYSTEM FROM BOOTING PROPERLY. If you wish
# to run saslauthd in debug mode, please run it by hand to be safe.
#
# See /usr/share/doc/sasl2-bin/README.Debian for Debian-specific 
information.
# See the saslauthd man page and the output of 'saslauthd -h' for general
# information about these options.
#
# Example for chroot Postfix users: "-c -m /var/spool/postfix/var/run/saslauthd"
# Example for non-chroot Postfix users: "-c -m /var/run/saslauthd"
#
# To know if your Postfix is running chroot, check /etc/postfix/master.cf.
# If it has the line "smtp inet n - y - - smtpd" or "smtp inet n - - - - smtpd"
# then your Postfix is running in a chroot.
# If it has the line "smtp inet n - n - - smtpd" then your Postfix is NOT
# running in a chroot.
#OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"
#PARAMS="-m /var/spool/postfix/var/run/saslauthd -r"
#OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"
PARAMS="-m /var/spool/postfix/var/run/saslauthd -r"

我该如何解决?

答案1

使用其默认的 .yaml 文件应用 netplan(来自 18.04 的 FRESH 安装)

然后通过 Webmin 配置网络。它将创建所需的可读 netplan .yaml 文件。

相关内容