为什么当我尝试使用 Postifx 向 SES 进行身份验证时会出现 Sasl 错误?

tag-icon tag-icon email smtp sasl amazon-ses
为什么当我尝试使用 Postifx 向 SES 进行身份验证时会出现 Sasl 错误?

我的邮件日志中出现以下两个错误:

Aug 25 22:51:23 ns1 postfix/smtpd[246267]: warning: unknown[94.156.102.101]: SASL LOGIN authentication failed: authentication failure
Aug 25 22:55:22 ns1 postfix/smtp[247251]: warning: SASL authentication failure: No worthy mechs found

我的服务器正在运行 Webmin 和 Postfix。我已经安装了libsasl2 模块,但这个已经安装了,并没有解决我的问题。我正在使用noplaintext,noanonymoussasl 身份验证选项。

使用 Usermin 网络邮件时,电子邮件无法送达,并且我在 Webmin 的消息队列中收到以下错误:

delivery temporarily suspended: SASL authentication failed; cannot authenticate to server email-smtp.us-east-1.amazonaws.com[34.238.201.95]: no mechanism available

以下是 Postfix 设置:

postconf -M 输出:

smtp       inet  n       -       y       -       -       smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=may
pickup     unix  n       -       y       60      1       pickup
cleanup    unix  n       -       y       -       0       cleanup
qmgr       unix  n       -       n       300     1       qmgr
tlsmgr     unix  -       -       y       1000?   1       tlsmgr
rewrite    unix  -       -       y       -       -       trivial-rewrite
bounce     unix  -       -       y       -       0       bounce
defer      unix  -       -       y       -       0       bounce
trace      unix  -       -       y       -       0       bounce
verify     unix  -       -       y       -       1       verify
flush      unix  n       -       y       1000?   0       flush
proxymap   unix  -       -       n       -       -       proxymap
proxywrite unix  -       -       n       -       1       proxymap
smtp       unix  -       -       y       -       -       smtp
relay      unix  -       -       y       -       -       smtp -o syslog_name=postfix/$service_name
showq      unix  n       -       y       -       -       showq
error      unix  -       -       y       -       -       error
retry      unix  -       -       y       -       -       error
discard    unix  -       -       y       -       -       discard
local      unix  -       n       n       -       -       local
virtual    unix  -       n       n       -       -       virtual
lmtp       unix  -       -       y       -       -       lmtp
anvil      unix  -       -       y       -       1       anvil
scache     unix  -       -       y       -       1       scache
postlog    unix-dgram n  -       n       -       1       postlogd
maildrop   unix  -       n       n       -       -       pipe flags=DRXhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp       unix  -       n       n       -       -       pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail     unix  -       n       n       -       -       pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp      unix  -       n       n       -       -       pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n       n       -       2       pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman    unix  -       n       n       -       -       pipe flags=FRX user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user}
submission inet  n       -       y       -       -       smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=may
smtps      inet  n       -       y       -       -       smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=may -o smtpd_tls_wrappermode=yes

后配置-n

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
allow_percent_hack = no
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
compatibility_level = 2
home_mailbox = Maildir/
inet_protocols = all
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit = 0
mydestination = $myhostname, ns1.fetz.dev, localhost.fetz.dev, , localhost
myhostname = mail.liliesjewels.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mynetworks_style = subnet
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost = email-smtp.us-east-1.amazonaws.com
resolve_dequoted_address = no
sender_bcc_maps = hash:/etc/postfix/bcc
sender_dependent_default_transport_maps = hash:/etc/postfix/dependent
smtp_dns_support_level = dnssec
smtp_host_lookup = dns
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/smtp_sasl_password_map
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_security_level = dane
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_security_level = encrypt
tls_server_sni_maps = hash:/etc/postfix/sni_map
virtual_alias_maps = hash:/etc/postfix/virtual

相关内容