我有邮件服务器 Postfix+Saslauth。我为 Postfix 配置了多个实例:
后缀
后缀输出
以及两个实例saslauth
:
萨斯劳德
saslauthd-输出
设置saslauthd
用于验证Postfix
服务及其saslauthd-out
另一个实例。
为了创建第二个实例,sasl
我这样做:
cp /etc/default/saslauthd /etc/default/saslauthd-out
使用以下配置::~# vim /etc/default/saslauthd-out
DESC="SASL Authentication Daemon postfix-out"
NAME="saslauthd-out"
MECHANISMS="pam"
OPTIONS="-c -m /var/spool/postfix-out/var/run/saslauthd-out"
在 postfix-out 配置中(/etc/postfix-out/sasl/smtp.conf):
pwcheck_method: saslauthd-out
对于 postfix (/etc/postfix/sasl/smtp.conf):
pwcheck_method: saslauthd
当我重新启动时saslauth
一切正常,
当我尝试连接smtp server
(postfix)时,一切正常,并且身份验证成功,但在smtp server
(postfix-out)中,连接到 smtp 正常,但无法进行身份验证,并且出现以下错误:
:~# telnet mail2.example.com 25
Trying 111.222.333.444...
Connected to mail2.example.com.
Escape character is '^]'.
220 mail2.example.com ESMTP Postfix (@@DISTRO@@)
auth plain YWdoc2EAYWdoc2hhbGRvcmFu
535 5.7.8 Error: authentication failed: no mechanism available
日志:
Nov 30 09:17:47 mail4 postfix-out/smtpd[4361]: connect from unknown[111.222.333.444]
Nov 30 09:17:58 mail4 postfix-out/smtpd[4361]: warning: SASL authentication problem: unknown password verifier
Nov 30 09:17:58 mail4 postfix-out/smtpd[4361]: warning: SASL authentication failure: Password verification failed
Nov 30 09:17:58 mail4 postfix-out/smtpd[4361]: warning: unknown[111.222.333.444]: SASL plain authentication failed: no mechanism available
Nov 30 09:18:04 mail4 postfix-out/smtpd[4361]: disconnect from unknown[111.222.333.444]
问题是什么?
答案1
pwcheck_method
是 Cyrus SASL 库的配置选项。可能的值是、和。auxprop
此处saslauthd
不pwcheck
支持。您的配置需要像这样authdaemond
saslauthd-out
在 /etc/default/saslauthd 中:
DESC="SASL Authentication Daemon postfix-out"
NAME="saslauthd-out"
MECHANISMS="pam"
OPTIONS="-c -m /var/spool/postfix-out/var/run/saslauthd-out"
/etc/postfix-out/sasl/smtp.conf:
pwcheck_method: saslauthd
saslauthd_path: /var/spool/postfix-out/var/run/saslauthd-out/mux
/etc/postfix-out/main.cf 中的某处:
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = smtp
smtpd_sasl_type = cyrus
cyrus_sasl_config_path = /etc/postfix-out/sasl
我刚刚用该配置设置了一个虚拟机并且它可以运行。
/var/spool/postfix-out/var/run/saslauthd-out
必须存在,尽管我个人更希望它更像/var/spool/postfix-out/saslauthd-out
。但这是你的决定。