+- ispCP - Board - Support (http://www.isp-control.net/forum)
+-- Forum: ispCP Omega International Area (/forum-22.html)
+--- Forum: German Corner (/forum-26.html)
+---- Forum: Plauderecke (/forum-49.html)
+---- Thread: [ERLEDIGT] Problem mit NTLM beim senden von Mails (/thread-11927.html)
RE: Problem mit NTLM beim senden von Mails - Nuxwin - 10-27-2010 09:57 AM
Ok, but you have not fixed the smtpd.conf problem here. This file should look like this:
Code:
log_level: 3
pwcheck_method: auxprop
auxprop_plugin : sasldb
mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5Edit: If you want, I can check your conf (For free of course) now. Send me a PM
Normally, your postfix should not propose NTLM authentication.
RE: Problem mit NTLM beim senden von Mails - Rafioso - 10-27-2010 10:39 AM
Ah damn, ok
I've delete the file some days ago, because with this file, noone can send mails (all domains with NTLM-Auth).This is with the smtpd.conf:
Code:
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
220 muh.muhmuhmuh.de
EHLO mail.muhmuhmuh.de
250-muh.muhmuhmuh.de
250-PIPELINING
250-SIZE
250-VRFY
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5 PLAIN LOGIN
250-AUTH=DIGEST-MD5 CRAM-MD5 PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH PLAIN
334
****cHBv******G9tZXz************************Rhc**ci5**ZU***
235 2.7.0 Authentication successfulLog is the same as the last try.
RE: Problem mit NTLM beim senden von Mails - Nuxwin - 10-27-2010 10:54 AM
Ok so it should work correctly. NTLM is not available now, and so, no one client can choose it.
Microsoft clients will choose another now (such as LOGIN...)
RE: Problem mit NTLM beim senden von Mails - Rafioso - 10-27-2010 09:29 PM
Ok thank you, but i create this topic, because i want to use NTLM
RE: Problem mit NTLM beim senden von Mails - Nuxwin - 10-27-2010 09:38 PM
Ah ok, sorry, I've not understood that. Wait... I check one thing.
RE: Problem mit NTLM beim senden von Mails - Nuxwin - 10-27-2010 11:57 PM
Edit:
Ok, work fine :
Code:
smtp:~# perl gen-auth NTLM
username: l.declercq@nuxwin.com
password:
domain: nuxwin.com
Auth Request: TlRMTVNTUAABAAAAB6IAAAAAAAAAAAAAAAAAAAAAAAA=
challenge: TlRMTVNTUAACAAAAGgAaADAAAAAFogIAA8ut/B67fF4AAAAAAAAAAAAAAAAAAAAAUwBNAFQAUAAuAEkAUwBQAEMAUAAuAEYAUgA=
Auth Response: TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAABoAGgBwAAAAKgAqAIoAAAAqACoAtAAAAAAAAACeAAAABaICAA4C6zkvjXKYUFfwmXhTMPLWstfDJvMDXwgt+KtADeIPndxmbyZwGWLmX+kh9VmpRlMATQBUAFAALgBJAFMAUABDAFAALgBGAFIAbAAuAGQAZQBjAGwAZQByAGMAcQBAAG4AdQB4AHcAaQBuAC4AYwBvAG0AbAAuAGQAZQBjAGwAZQByAGMAcQBAAG4AdQB4AHcAaQBuAC4AYwBvAG0ACode:
smtp:~# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
220 smtp.ispcp.fr ESMTP
ehlo test
250-smtp.ispcp.fr
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-AUTH LOGIN PLAIN NTLM
250-AUTH=LOGIN PLAIN NTLM
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH NTLM TlRMTVNTUAABAAAAB6IAAAAAAAAAAAAAAAAAAAAAAAA=
334 TlRMTVNTUAACAAAAGgAaADAAAAAFogIAA8ut/B67fF4AAAAAAAAAAAAAAAAAAAAAUwBNAFQAUAAuAEkAUwBQAEMAUAAuAEYAUgA=
TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAABoAGgBwAAAAKgAqAIoAAAAqACoAtAAAAAAAAACeAAAABaICAA4C6zkvjXKYUFfwmXhTMPLWstfDJvMDXwgt+KtADeIPndxmbyZwGWLmX+kh9VmpRlMATQBUAFAALgBJAFMAUABDAFAALgBGAFIAbAAuAGQAZQBjAGwAZQByAGMAcQBAAG4AdQB4AHcAaQBuAC4AYwBvAG0AbAAuAGQAZQBjAGwAZQByAGMAcQBAAG4AdQB4AHcAaQBuAC4AYwBvAG0A
235 2.7.0 Authentication successful
quit
221 2.0.0 Bye
Connection closed by foreign host.I'll provide howto for you and also, I'll open ticket to fix this issue in next ispCP release.
RE: Problem mit NTLM beim senden von Mails - Rafioso - 10-28-2010 12:41 AM
Thank you very much
So, i've to wait for the next release of ispCP?
RE: Problem mit NTLM beim senden von Mails - Nuxwin - 10-28-2010 12:54 AM
No ;
I'll perform some other tests and provide a howto
RE: Problem mit NTLM beim senden von Mails - Rafioso - 10-28-2010 12:57 AM
Ok merci
RE: Problem mit NTLM beim senden von Mails - Nuxwin - 10-28-2010 11:19 PM
Re ;
I've installed latest trunk on Debian Lenny, and I've manually created the following file:
/etc/postfix/sasl/smtpd.conf:
Code:
log_level: 6
pwcheck_method: auxprop
auxprop_plugin: sasldb
mech_list: PLAIN LOGIN NTLMAfter this, I've created new reseller and domain account and then, I've created the mail account 'test@nuxwin.net'.
Finally, I've tested the NTLM authentication like this:
Code:
ispcp:~# perl gen-auth
encryption type: NTLM
username: test@nuxwin.net
password:
domain: nuxwin.net
Auth Request: TlRMTVNTUAABAAAAB6IAAAAAAAAAAAAAAAAAAAAAAAA=
challenge: TlRMTVNTUAACAAAAIAAgADAAAAAFogIAf5UpCuXF4wwAAAAAAAAAAAAAAAAAAAAASQBTAFAAQwBQAC4ATgBVAFgAVwBJAE4ALgBDAE8ATQA=
Auth Response: TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAACAAIABwAAAAHgAeAJAAAAAeAB4ArgAAAAAAAACMAAAABaICAA+jlXe/YoIoIiU5RhWXFHvfcJlSjzWwrt7n149VWVB+JDPfBv6kg2wd35Msmr00O0kAUwBQAEMAUAAuAE4AVQBYAFcASQBOAC4AQwBPAE0AdABlAHMAdABAAG4AdQB4AHcAaQBuAC4AbgBlAHQAdABlAHMAdABAAG4AdQB4AHcAaQBuAC4AbgBlAHQANote: Here, the challenge was provided by postfix.
Code:
ispcp:~# telnet localhost 25
Trying 127.0.0.1...
Connected to ispcp.nuxwin.com.local.
Escape character is '^]'.
220 ispcp.nuxwin.com ESMTP ispCP 1.0.7 OMEGA Managed
EHLO testing.tld
250-ispcp.nuxwin.com
250-PIPELINING
250-SIZE
250-VRFY
250-ETRN
250-AUTH NTLM PLAIN LOGIN
250-AUTH=NTLM PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH NTLM TlRMTVNTUAABAAAAB6IAAAAAAAAAAAAAAAAAAAAAAAA=
334 TlRMTVNTUAACAAAAIAAgADAAAAAFogIAf5UpCuXF4wwAAAAAAAAAAAAAAAAAAAAASQBTAFAAQwBQAC4ATgBVAFgAVwBJAE4ALgBDAE8ATQA=
TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAACAAIABwAAAAHgAeAJAAAAAeAB4ArgAAAAAAAACMAAAABaICAA+jlXe/YoIoIiU5RhWXFHvfcJlSjzWwrt7n149VWVB+JDPfBv6kg2wd35Msmr00O0kAUwBQAEMAUAAuAE4AVQBYAFcASQBOAC4AQwBPAE0AdABlAHMAdABAAG4AdQB4AHcAaQBuAC4AbgBlAHQAdABlAHMAdABAAG4AdQB4AHcAaQBuAC4AbgBlAHQA
235 2.7.0 Authentication successful
quitNote: Here, the AUTH request 'TlRMTVNTUAABAAAAB6IAAAAAAAAAAAAAAAAAAAAAAAA=' was provided by the gen-auth script. The response:
Code:
TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAACAAIABwAAAAHgAeAJAAAAAeAB4ArgAAAAAAAACMAAAABaICAA+jlXe/YoIoIiU5RhWXFHvfcJlSjzWwrt7n149VWVB+JDPfBv6kg2wd35Msmr00O0kAUwBQAEMAUAAuAE4AVQBYAFcASQBOAC4AQwBPAE0AdABlAHMAdABAAG4AdQB4AHcAaQBuAC4AbgBlAHQAdABlAHMAdABAAG4AdQB4AHcAaQBuAC4AbgBlAHQAwas provided by the gen-auth script :
Code:
TlRMTVNTUAACAAAAIAAgADAAAAAFogIAf5UpCuXF4wwAAAAAAAAAAAAAAAAAAAAASQBTAFAAQwBQAC4ATgBVAFgAVwBJAE4ALgBDAE8ATQA=that was provided by postfix after the authentication request.
I've also tested NTLM authentication from mail client (Evolution):
[attachment=1486] [attachment=1487] [attachment=1488]
The relevant mail log:
Code:
ispcp:~# tail -f -n0 /var/log/mail.log
Oct 28 15:11:24 ispcp postfix/smtpd[31411]: connect from unknown[192.168.1.100]
Oct 28 15:11:24 ispcp postfix/smtpd[31411]: 34650369BE: client=unknown[192.168.1.100], sasl_method=NTLM, sasl_username=test@nuxwin.net
Oct 28 15:11:24 ispcp postfix/cleanup[31413]: 34650369BE: message-id=<1288271522.14861.1.camel@mdev.nuxwin.com>
Oct 28 15:11:24 ispcp postfix/qmgr[29929]: 34650369BE: from=<test@nuxwin.net>, size=527, nrcpt=1 (queue active)
Oct 28 15:11:24 ispcp postfix/virtual[31421]: 34650369BE: to=<test@nuxwin.net>, relay=virtual, delay=0.11, delays=0.07/0.03/0/0.01, dsn=2.0.0, status=sent (delivered to maildir)
Oct 28 15:11:24 ispcp postfix/qmgr[29929]: 34650369BE: removed
Oct 28 15:11:24 ispcp postfix/smtpd[31411]: disconnect from unknown[192.168.1.100]Conclusion: All works fine.
Note: For the record:
Code:
ispcp:~# uname -a
Linux ispcp 2.6.26-2-amd64 #1 SMP Thu Sep 16 15:56:38 UTC 2010 x86_64 GNU/LinuxCode:
ispcp:~# lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 5.0.6 (lenny)
Release: 5.0.6
Codename: lenny
ispcp:~#Code:
ispcp:~# cat /etc/ispcp/ispcp.conf |grep '^Version'
Version = 1.0.7 OMEGA
ispcp:~#