当我从 Gmail 向服务器发送测试邮件时,收到此错误:
致命:没有 SASL 身份验证机制
以下是我的所有配置文件和日志文件,以帮助我们:
/var/log/邮件日志
Nov 4 14:42:49 ns1 postfix/postfix-script[2147]: stopping the Postfix mail system
Nov 4 14:42:49 ns1 postfix/master[1340]: terminating on signal 15
Nov 4 14:42:49 ns1 postfix/postfix-script[2228]: starting the Postfix mail system
Nov 4 14:42:49 ns1 postfix/master[2230]: daemon started -- version 2.10.1, configuration /etc/postfix
Nov 4 14:45:37 ns1 postfix/smtpd[2314]: connect from mail-oi0-f51.google.com[209.85.218.51]
Nov 4 14:45:37 ns1 postfix/smtpd[2314]: fatal: no SASL authentication mechanisms
Nov 4 14:45:38 ns1 postfix/master[2230]: warning: process /usr/libexec/postfix/smtpd pid 2314 exit status 1
Nov 4 14:45:38 ns1 postfix/master[2230]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
Nov 4 14:47:18 ns1 postfix/anvil[2317]: statistics: max connection rate 1/60s for (smtp:209.85.218.51) at Nov 4 14:45:37
Nov 4 14:47:18 ns1 postfix/anvil[2317]: statistics: max connection count 1 for (smtp:209.85.218.51) at Nov 4 14:45:37
Nov 4 14:47:18 ns1 postfix/anvil[2317]: statistics: max cache size 1 at Nov 4 14:45:37
systemctl 状态 dovecot -l
[root@ns1 ~]# systemctl status dovecot -l
dovecot.service - Dovecot IMAP/POP3 email server
Loaded: loaded (/usr/lib/systemd/system/dovecot.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2016-11-04 14:43:28 BRST; 35s ago
Process: 2246 ExecStartPre=/usr/libexec/dovecot/prestartscript (code=exited, status=0/SUCCESS)
Main PID: 2250 (dovecot)
CGroup: /system.slice/dovecot.service
├─2250 /usr/sbin/dovecot -F
├─2251 dovecot/anvil
├─2252 dovecot/log
└─2254 dovecot/config
Nov 04 14:43:28 ns1.domain.com.br systemd[1]: Starting Dovecot IMAP/POP3 email server...
Nov 04 14:43:28 ns1.domain.com.br systemd[1]: Started Dovecot IMAP/POP3 email server.
systemctl 状态后缀-l
[root@ns1 ~]# systemctl status postfix -l
postfix.service - Postfix Mail Transport Agent
Loaded: loaded (/usr/lib/systemd/system/postfix.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2016-11-04 14:42:49 BRST; 1min 55s ago
Process: 2141 ExecStop=/usr/sbin/postfix stop (code=exited, status=0/SUCCESS)
Process: 2158 ExecStart=/usr/sbin/postfix start (code=exited, status=0/SUCCESS)
Process: 2154 ExecStartPre=/usr/libexec/postfix/chroot-update (code=exited, status=0/SUCCESS)
Process: 2152 ExecStartPre=/usr/libexec/postfix/aliasesdb (code=exited, status=0/SUCCESS)
Main PID: 2230 (master)
CGroup: /system.slice/postfix.service
├─2230 /usr/libexec/postfix/master -w
├─2231 pickup -l -t unix -u
└─2232 qmgr -l -t unix -u
Nov 04 14:42:49 ns1.domain.com.br systemd[1]: Starting Postfix Mail Transport Agent...
Nov 04 14:42:49 ns1.domain.com.br postfix/postfix-script[2228]: starting the Postfix mail system
Nov 04 14:42:49 ns1.domain.com.br postfix/master[2230]: daemon started -- version 2.10.1, configuration /etc/postfix
Nov 04 14:42:49 ns1.domain.com.br systemd[1]: Started Postfix Mail Transport Agent.
systemctl 状态 saslauthd -l
[root@ns1 ~]# systemctl status saslauthd -l
saslauthd.service - SASL authentication daemon.
Loaded: loaded (/usr/lib/systemd/system/saslauthd.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2016-11-03 12:19:08 BRST; 1 day 2h ago
Process: 1978 ExecStart=/usr/sbin/saslauthd -m $SOCKETDIR -a $MECH $FLAGS (code=exited, status=0/SUCCESS)
Main PID: 1979 (saslauthd)
CGroup: /system.slice/saslauthd.service
├─1979 /usr/sbin/saslauthd -m /run/saslauthd -a pam -r
├─1980 /usr/sbin/saslauthd -m /run/saslauthd -a pam -r
├─1981 /usr/sbin/saslauthd -m /run/saslauthd -a pam -r
├─1982 /usr/sbin/saslauthd -m /run/saslauthd -a pam -r
└─1983 /usr/sbin/saslauthd -m /run/saslauthd -a pam -r
Nov 03 12:19:08 ns1.domain.com.br systemd[1]: Starting SASL authentication daemon....
Nov 03 12:19:08 ns1.domain.com.br saslauthd[1979]: detach_tty : master pid is: 1979
Nov 03 12:19:08 ns1.domain.com.br saslauthd[1979]: ipc_init : listening on socket: /run/saslauthd/mux
Nov 03 12:19:08 ns1.domain.com.br systemd[1]: Started SASL authentication daemon..
/etc/postfix/main.cf
# MY CONFIGS
myhostname = mail.domain.com.br
mydomain = domain.com.br
myorigin = $mydomain
inet_protocols = ipv4
mydestination = $myhostname, localhost, ns1.domain.com.br
mynetworks = 168.100.189.0/28, 127.0.0.0/8
relay_domains = $mydestination
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
home_mailbox = Maildir/
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
virtual_alias_maps = hash:/etc/postfix/virtual
sender_bcc_maps = hash:/etc/postfix/bcc
recipient_bcc_maps = hash:/etc/postfix/bcc
queue_directory = /var/spool/postfix
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
# SASL
broken_sasl_auth_clients = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_relay_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
smtpd_sasl_security_options = noanonymous noplaintext
smtpd_sasl_local_domain = domain.com.br
smtpd_recipient_restrictions = check_policy_service unix:/var/spool/postfix/postgrey/socket
# TLS
smtpd_use_tls = yes
smtpd_tls_key_file = /etc/postfix/ssl/mail.domain.com.br.key
smtpd_tls_cert_file = /etc/postfix/ssl/mail.domain.com.br.crt
smtpd_tls_security_level=encrypt
smtpd_tls_auth_only = yes
smtpd_sasl_tls_security_options = noanonymous, noplaintext
/etc/postfix/master.cf
smtp inet n - n - - smtpd
/etc/dovecot/dovecot.conf
protocols = imap pop3
listen = *
/etc/dovecot/10-auth.conf
disable_plaintext_auth = no
auth_mechanisms = plain login
/etc/dovecot/10-master.conf
service auth {
unix_listener auth-userdb {
#mode = 0660
#user = postfix
#group = postfix
}
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
# Auth process is run as this user.
#user = $default_internal_user
}
谢谢您的关注。
@更新 01
这是日志文件:
Nov 6 11:02:35 ns1 postfix/smtpd[3950]: connect from mail-oi0-f47.google.com[209.85.218.47]
Nov 6 11:02:35 ns1 postfix/smtpd[3950]: fatal: no SASL authentication mechanisms
Nov 6 11:02:36 ns1 postfix/master[12735]: warning: process /usr/libexec/postfix/smtpd pid 3950 exit status 1
Nov 6 11:02:36 ns1 postfix/master[12735]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
Nov 6 11:04:16 ns1 postfix/anvil[3952]: statistics: max connection rate 1/60s for (smtp:209.85.218.47) at Nov 6 11:02:35
Nov 6 11:04:16 ns1 postfix/anvil[3952]: statistics: max connection count 1 for (smtp:209.85.218.47) at Nov 6 11:02:35
Nov 6 11:04:16 ns1 postfix/anvil[3952]: statistics: max cache size 1 at Nov 6 11:02:35
这是 postconf -n
[root@ns1 ~]# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
home_mailbox = Maildir/
html_directory = no
inet_protocols = ipv4
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
milter_default_action = accept
milter_protocol = 2
mydestination = $myhostname, localhost.$mydomain, $mydomain
mydomain = domain.com.br
myhostname = mail.domain.com.br
mynetworks = 168.100.189.0/28, 127.0.0.0/8
myorigin = domain.com.br
newaliases_path = /usr/bin/newaliases.postfix
non_smtpd_milters = inet:localhost:8891
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
recipient_bcc_maps = hash:/etc/postfix/bcc
sample_directory = /usr/share/doc/postfix-2.10.1/samples
sender_bcc_maps = hash:/etc/postfix/bcc
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_milters = inet:localhost:8891
smtpd_recipient_restrictions = check_policy_service unix:/var/spool/postfix/postgrey/socket permit_mynetworks permit_inet_interfaces
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $mydomain
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous noplaintext
smtpd_sasl_tls_security_options = noanonymous, noplaintext
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = hash:/etc/postfix/virtual
smtpd_sender_restrictions = reject_sender_login_mismatch
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/postfix/ssl/mail.domain.com.br.crt
smtpd_tls_key_file = /etc/postfix/ssl/mail.domain.com.br.key
smtpd_tls_security_level = encrypt
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_cache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_exchange_name = /var/lib/postfix/prng_exch
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/virtual
以下是版本:
postfix-2.10.1-6.el7.x86_64 dovecot-2.2.10-5.el7.x86_64 CentOS Linux 7.2.1511 内核 x86_64 上的 Linux 4.8.5-1.el7.elrepo.x86_64
@更新 02
这是我的 doveconf -n:
[root@ns1 ~]# doveconf -n
# 2.2.10: /etc/dovecot/dovecot.conf
# OS: Linux 4.8.5-1.el7.elrepo.x86_64 x86_64 CentOS Linux release 7.2.1511 (Core )
auth_mechanisms = plain login
disable_plaintext_auth = no
listen = *
mail_location = maildir:~/Maildir
mbox_write_locks = fcntl
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
driver = pam
}
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
}
}
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_key = </etc/pki/dovecot/private/dovecot.pem
userdb {
driver = passwd
}
答案1
您的$mydestination
不包括您的$mydomain
。当 Postfix 收到邮件时,它会查找域是否在 中$mydestination
,如果不在,它会尝试验证发件人(因为它认为邮件是由客户端提交的,而不是由另一台服务器传递的)。
$mydomain
将服务器托管的域或域列表添加至$mydestination
。
此外,您的 SASL 配置似乎已损坏。您启动了saslauthd
,但配置 Postfix 以连接 Dovecot 进行身份验证:
smtpd_sasl_type = dovecot
由于您已经配置了 Dovecot,因此可以省略使用saslauthd
。如果邮件提交失败,请确保dovecot
在中列出postconf -a
。