Postfix MySql Dovecot-SMTP 身份验证失败

Postfix MySql Dovecot-SMTP 身份验证失败

您好,我有一个 Postfix 设置,其中包含 Dovecot 和 MySql。服务器运行 Debian Squeeze。MySql 服务器是一个从属服务器,数据从主 (postfix) 邮件服务器(运行不同的操作系统)推送到它。电子邮件存储在复制的 GlusterFS 卷上。

我能够使用 Thunderbird 通过 IMAP 检查电子邮件。但是,SMTP 请求失败。打开 MySql 服务器的查询日志后,我注意到当 SMTP 客户端尝试进行身份验证时,没有执行查询语句来检索用户信息。我想知道我做错了什么,或者接下来的故障排除步骤是什么。我快要抓狂了。以下是一些我认为相关的日志和配置数据。非常感谢您的帮助。

文件 /var/log/mail.log 显示

Oct 11 14:54:16 mailbox2 postfix/smtpd[25017]: connect from unknown[192.168.0.44]
Oct 11 14:54:19 mailbox2 postfix/smtpd[25017]: warning: unknown[192.168.0.44]: SASL PLAIN     authentication failed: 
Oct 11 14:54:25 mailbox2 postfix/smtpd[25017]: warning: unknown[192.168.0.44]: SASL LOGIN authentication failed: VXNlcm5hbWU6
Oct 11 14:55:48 mailbox2 postfix/smtpd[25017]: warning: unknown[192.168.0.44]: SASL PLAIN authentication failed: VXNlcm5hbWU6
Oct 11 14:55:54 mailbox2 postfix/smtpd[25017]: warning: unknown[192.168.0.44]: SASL LOGIN   authentication failed: VXNlcm5hbWU6
Oct 11 14:55:57 mailbox2 postfix/smtpd[25017]: disconnect from unknown[192.168.0.44]

这是我的 dovecot.conf 文件

log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_location = maildir:/var/mail/virtual/%d/%n/
auth_mechanisms = plain login
disable_plaintext_auth = no

namespace {
  inbox = yes
  location =
  prefix = INBOX.
  separator = .
  type = private
}
passdb {
  args = /etc/dovecot/dovecot-mysql.conf
  driver = sql
}
protocols = imap pop3
service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0660
    user = postfix
  }
  unix_listener auth-master {
    mode = 0600
    user = postfix
  }
  user = root
}
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
  args = /etc/dovecot/dovecot-mysql.conf
  driver = sql
}
protocol lda {
  auth_socket_path = /var/run/dovecot/auth-master
  mail_plugins = sieve
  postmaster_address = [email protected]
}
protocol pop3 {
  pop3_uidl_format = %08Xu%08Xv
}

这是我的 dovecot-mysql.conf 文件:

connect = host=127.0.0.1 dbname=postfix user=postfix password=ffjM2MYAqQtAzRHX
driver = mysql
default_pass_scheme = MD5-CRYPT
password_query = SELECT username AS user,password FROM mailbox WHERE username = '%u' AND active='1'
user_query = SELECT CONCAT('/var/mail/virtual/', maildir) AS home, 1001 AS uid, 109 AS gid, CONCAT('*:messages=10000:bytes=',quota) as quota_rule, 'Trash:ignore' AS quota_rule2 FROM mailbox WHERE username = '%u' AND active='1'

以下是‘postconf -n’的输出:

append_dot_mydomain = no
biff = no
bounce_template_file = /etc/postfix/bounce.cf
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
delay_warning_time = 0h
dovecot_destination_recipient_limit = 1
inet_interfaces = all
local_recipient_maps = $virtual_mailbox_maps
local_transport = virtual
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
maximal_queue_lifetime = 1d
message_size_limit = 25600000
mydestination = mailbox2.cws.net, debian.local.cws.net, localhost.local.cws.net, localhost
myhostname = mailbox2.cws.net
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 172.18.0.119 63.164.138.3
myorigin = /etc/mailname
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
readme_directory = no
recipient_delimiter = +
relay_domains =
relayhost =
smtp_connect_timeout = 10
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_client_message_rate_limit = 50
smtpd_client_recipient_rate_limit = 500
smtpd_client_restrictions = permit_sasl_authenticated, permit_mynetworks
smtpd_delay_reject = yes
smtpd_discard_ehlo_keyword_address_maps = hash:/etc/postfix/discard_ehlo
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, reject_invalid_helo_hostname, permit
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, permit
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
transport_maps = hash:/etc/postfix/transport
virtual_alias_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf
virtual_gid_maps = static:1001
virtual_mailbox_base = /var/mail/virtual/
virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf
virtual_transport = dovecot
virtual_uid_maps = static:1001

答案1

VXNlcm5hbWU6是针对“用户名:”字符串进行 base64 编码的,例如:

$ perl -MMIME::Base64 -e 'print decode_base64("VXNlcm5hbWU6") . "\n";'
Username:

相关内容