使用 slackware linux 13.1 在 postfix 邮件服务器上进行 smtp 身份验证

使用 slackware linux 13.1 在 postfix 邮件服务器上进行 smtp 身份验证

我无法使用 saslauthd (cyrus-sasl2.1.23) 通过 pam-mysql 验证 mysql 邮件数据库。以下是一些执行的命令以及配置

root@xxxx:/# ps aux | grep saslauthd
root      3443  0.0  0.0  34524   752 pts/0    S    10:53   0:00 saslauthd -a pam -d
root      3507  0.0  0.0  34524  1096 ?        Ss   11:22   0:00 saslauthd -a pam
root      3508  0.0  0.0  34524   644 ?        S    11:22   0:00 saslauthd -a pam
root      3509  0.0  0.0  34524   596 ?        S    11:22   0:00 saslauthd -a pam
root      3510  0.0  0.0  34524   596 ?        S    11:22   0:00 saslauthd -a pam
root      3511  0.0  0.0  34524   596 ?        S    11:22   0:00 saslauthd -a pam
root      3518  0.0  0.0   4116   604 pts/0    S+   11:26   0:00 grep saslauthd

root@xxxx:/# saslauthd -v
saslauthd 2.1.23
authentication mechanisms: getpwent pam rimap shadow ldap

root@xxxx:/# perl -MMIME::Base64 -e 'print encode_base64("\000mkk\@mkk\000mkk123")'
AG1ra0Bta2sAbWtrMTIz
root@xxxx:/# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mailbkp.mak.ac.ug ESMTP Postfix
ehlo localhost
250-mailbkp.mak.ac.ug
250-PIPELINING
250-SIZE 15000000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH PLAIN AG1ra0Bta2sAbWtrMTIz
Connection closed by foreign host.

root@xxxx:/# tail -f var/log/auth
postfix/smtpd[3437]: sql_select option missing
postfix/smtpd[3437]: auxpropfunc error no mechanism available
postfix/smtpd[3437]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql
postfix/smtpd[3437]: auxpropfunc error invalid parameter supplied
postfix/smtpd[3437]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: ldapdb

root@xxxx:/etc/pam.d# cat smtp

auth required /lib/security/pam_mysql.so user=mailnew passwd=post2011new host=127.0.0.1 db=postfix table=mailbox usercolumn=username passwdcolumn=password crpyt=1

account sufficient /lib/security/pam_mysql.so  user=mailnew passwd=post2011new  host=127.0.0.1 db=postfix table=mailbox usercolumn=username passwdcolumn=password crpyt=1

root@xxxx:/etc/default# cat saslauthd
# This needs to be uncommented before saslauthd will be run automatically
START=yes

PWDIR="/var/state/saslauthd"
PARAMS="-m ${PWDIR}"
PIDFILE="${PWDIR}/saslauthd.pid"
#PIDFILE="${PWDIR}/saslauthd.pid"

# You must specify the authentication mechanisms you wish to use.
# This defaults to "pam" for PAM support, but may also include
# "shadow" or "sasldb", like this:
# MECHANISMS="pam shadow"

MECHANISMS="pam"

# Other options (default: -c)
# See the saslauthd man page for information about these options.
#
# Example for postfix users: "-c -m /var/state/saslauthd"
# Note: See /usr/share/doc/sasl2-bin/README.Debian
OPTIONS="-c"
THREADS=5

#make sure you set the options here otherwise it ignores params above and will not work
OPTIONS="-c -m /var/state/saslauthd"


root@xxxx:/etc/sysconfig# cat saslauthd
SOCKETDIR=/var/state/saslauthd
MECH=pam
FLAGS="-r"

SMTP configurstions in main.cf

smtp_sasl_mechanism_filter = plain, login
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = /usr/lib64/sasl2
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = cyrus

root@xxxx:/usr/share/doc/cyrus-sasl-2.1.23/doc# testsaslauthd -u <username> -p <password>
0: NO "authentication failed"

root@xxxx:/var/log# testsaslauthd -u <username>  -p <password>  -f /var/state/saslauthd/
connect() : Connection refused

root@xxxx:# tail -f /var/log/auth

saslauthd[3508]: DEBUG: auth_pam: pam_start failed: Critical error - immediate abort
saslauthd[3508]: do_auth         : auth failure: [user=<username@domain>] [service=imap] [realm=] [mech=pam] [reason=PAM start error]

有人能帮我解决这个问题吗

答案1

您的 SMTP pam 配置中有一个拼写错误,应该是“crypt=1”,而不是“crpyt=1”。我目前无法访问实时 PAM 系统来验证这是否会导致您的问题,但您可能希望从那里开始。

相关内容