我正在尝试设置我的 VPS,以便使用 Thunderbird IMAP 来管理我的邮件。首先,我安装了postfix
并按照这指南来创建 SSL 证书。然后我安装了sasl2-bin
并courier-imap-ssl
发现本(德语)指南设置 SASL。尽管它是德语,但您仍然能够从显示的命令中看到我所做的操作。
安装 Courier 后,Thunderbird 最终接受了我的配置并询问我是否信任该证书,我接受了。 * 但是,它无法登录。查看/var/log/mail.info
,每当 Thunderbird 尝试进行身份验证时,它都会记录您可以在下面找到的内容,“admin”是我的用户名。
Nov 19 22:55:19 vps imapd-ssl: chdir Maildir: No such file or directory
Nov 19 22:55:19 vps imapd-ssl: admin: No such file or directory
但是,我可以验证 PAM 身份验证是否有效。
admin@vps:~$ sudo testsaslauthd -f /var/run/saslauthd/mux -u admin -p 'mypassword'
0: OK "Success."
任何线索都将不胜感激。
* Courier 已创建了自己的证书,因此我甚至不确定我手动生成的证书是否真的在某处使用。但它仍配置为可供使用/etc/postfix/main.cf
。
编辑:我不小心把 Cyrus 和 Courier 搞混了。其实我已经安装了 courier。根据 @masegaloeh 的要求,您可以在下面找到配置。
postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
inet_interfaces = all
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
mydestination = mail.niklasrosenstein.com niklasrosenstein.com
myhostname = mail.niklasrosenstein.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/ssl/certs/mail.niklasrosenstein.com.crt
smtpd_tls_key_file = /etc/ssl/private/mail.niklasrosenstein.com.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
/etc/courier/authdaemonrc
##VERSION: $Id: authdaemonrc.in,v 1.13 2005/10/05 00:07:32 mrsam Exp $
#
# Copyright 2000-2005 Double Precision, Inc. See COPYING for
# distribution information.
#
# authdaemonrc created from authdaemonrc.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# This file configures authdaemond, the resident authentication daemon.
#
# Comments in this file are ignored. Although this file is intended to
# be sourced as a shell script, authdaemond parses it manually, so
# the acceptable syntax is a bit limited. Multiline variable contents,
# with the \ continuation character, are not allowed. Everything must
# fit on one line. Do not use any additional whitespace for indentation,
# or anything else.
##NAME: authmodulelist:2
#
# The authentication modules that are linked into authdaemond. The
# default list is installed. You may selectively disable modules simply
# by removing them from the following list. The available modules you
# can use are: authuserdb authpam authpgsql authldap authmysql authcustom authpipe
authmodulelist="authpam"
##NAME: authmodulelistorig:3
#
# This setting is used by Courier's webadmin module, and should be left
# alone
authmodulelistorig="authuserdb authpam authpgsql authldap authmysql authcustom authpipe"
##NAME: daemons:0
#
# The number of daemon processes that are started. authdaemon is typically
# installed where authentication modules are relatively expensive: such
# as authldap, or authmysql, so it's better to have a number of them running.
# PLEASE NOTE: Some platforms may experience a problem if there's more than
# one daemon. Specifically, SystemV derived platforms that use TLI with
# socket emulation. I'm suspicious of TLI's ability to handle multiple
# processes accepting connections on the same filesystem domain socket.
#
# You may need to increase daemons if as your system load increases. Symptoms
# include sporadic authentication failures. If you start getting
# authentication failures, increase daemons. However, the default of 5
# SHOULD be sufficient. Bumping up daemon count is only a short-term
# solution. The permanent solution is to add more resources: RAM, faster
# disks, faster CPUs...
daemons=5
##NAME: authdaemonvar:2
#
# authdaemonvar is here, but is not used directly by authdaemond. It's
# used by various configuration and build scripts, so don't touch it!
authdaemonvar=/var/run/courier/authdaemon
##NAME: DEBUG_LOGIN:0
#
# Dump additional diagnostics to syslog
#
# DEBUG_LOGIN=0 - turn off debugging
# DEBUG_LOGIN=1 - turn on debugging
# DEBUG_LOGIN=2 - turn on debugging + log passwords too
#
# ** YES ** - DEBUG_LOGIN=2 places passwords into syslog.
#
# Note that most information is sent to syslog at level 'debug', so
# you may need to modify your /etc/syslog.conf to be able to see it.
DEBUG_LOGIN=0
##NAME: DEFAULTOPTIONS:0
#
# A comma-separated list of option=value pairs. Each option is applied
# to an account if the account does not have its own specific value for
# that option. So for example, you can set
# DEFAULTOPTIONS="disablewebmail=1,disableimap=1"
# and then enable webmail and/or imap on individual accounts by setting
# disablewebmail=0 and/or disableimap=0 on the account.
DEFAULTOPTIONS=""
##NAME: LOGGEROPTS:0
#
# courierlogger(1) options, e.g. to set syslog facility
#
LOGGEROPTS=""
##NAME: LDAP_TLS_OPTIONS:0
#
# Options documented in ldap.conf(5) can be set here, prefixed with 'LDAP'.
# Examples:
#
#LDAPTLS_CACERT=/path/to/cacert.pem
#LDAPTLS_REQCERT=demand
#LDAPTLS_CERT=/path/to/clientcert.pem
#LDAPTLS_KEY=/path/to/clientkey.pem
答案1
看起来 Postfix 存储电子邮件的位置和 Courier 搜索电子邮件的位置不匹配。
查看你的 postfix 配置,很明显你让 postfix 以默认格式和默认位置存储电子邮件,
/var/spool/mail/$user
采用 mbox 格式。在快递中,你使用验证码作为身份验证模块。因此预计快递员将搜索来自
/home/$user/Maildir
使用 maildir 格式。
简单的解决方法是更改 Postfix 存储电子邮件的位置和格式。为此,请在以下位置添加此参数:main.cf
home_mailbox = Maildir/
它将改变 postfix 行为,以 maildir 格式将电子邮件存储在 ~/Maildir/ 中。