+- ispCP - Board - Support (http://www.isp-control.net/forum)
+-- Forum: ispCP Omega International Area (/forum-22.html)
+--- Forum: German Corner (/forum-26.html)
+---- Forum: Archiv (/forum-54.html)
+---- Thread: [ERLEDIGT] SASL authentication failure (/thread-2757.html)
Pages: 1 2
[ERLEDIGT] SASL authentication failure - elitepilot - 03-18-2008 12:23 AM
ISPCP RC4 16.03.08
Vserver
Debian Etch 4.0
Hallo, ich bekomme folgende Fehlermeldung in der mail.warn:
Mar 17 15:12:41 server postfix/smtpd[5647]: warning: SASL authentication failure: no secret in database
Mar 17 15:12:41 server postfix/smtpd[5647]: warning: XXX.dip0.t-ipconnect.de[XXX.XXX.XXX.XXX]: SASL NTLM authentication failed: authentication failure
Mar 17 15:12:41 server postfix/smtpd[5647]: warning: SASL authentication failure: realm changed: authentication aborted
Mar 17 15:12:41 server postfix/smtpd[5647]: warning: XXX.t-ipconnect.de[XXX.XXX.XXX.XXX]: SASL DIGEST-MD5 authentication failed: authentication failure
-----------------------------------------------------------------
master.cf:
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - - - - smtpd
#submission inet n - - - - smtpd
# -o smtpd_enforce_tls=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps inet n - - - - smtpd
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
# For AOL-Accounts
587 inet n - - - - smtpd
-o smtpd_client_restrictions=permit_sasl_authenticated,reject_unauth_destination
#628 inet n - - - - qmqpd
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - - 300 1 qmgr
#qmgr fifo n - - 300 1 oqmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - - - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - - - - smtp
-o fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - - - - showq
error unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
# ====================================================================
# ISPCP ω OMEGA configuration
# ====================================================================
# AMaViS => Antivir / Antispam
amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
localhost:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_override_options=no_address_mappings
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
# ISPCP autoresponder
ispcp-arpl unix - n n - - pipe
flags=O user=vmail argv=/var/www/ispcp/engine/messager/ispcp-arpl-msgr
# TLS - Activate, if TLS is avaiable/used
smtps inet n - - - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
#
# The Cyrus deliver program has changed incompatibly, multiple times.
#
old-cyrus unix - n n - - pipe
flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
cyrus unix - n n - - pipe
user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
-----------------------------------------------------------------
main.cf:
#
# Postfix MTA Manager Main Configuration File;
#
# Please do NOT edit this file manually;
#
#
# Postfix directory settings; These are critical for normal Postfix MTA functionallity;
#
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
program_directory = /usr/lib/postfix
#
# Some common configuration parameters;
#
inet_interfaces = all
mynetworks_style = host
myhostname = server.haicon.eu
mydomain = server.haicon.eu.local
myorigin = $myhostname
mynetworks = 78.47.79.103, 127.0.0.0/8
smtpd_banner = $myhostname Mail
setgid_group = postdrop
#
# Receiving messages parameters;
#
mydestination = $myhostname, $mydomain
append_dot_mydomain = no
append_at_myorigin = yes
local_transport = local
virtual_transport = virtual
transport_maps = hash:/etc/postfix/ispcp/transport
#
# Delivering local messages parameters;
#
mail_spool_directory = /var/mail
# Mailboxquota
# => 0 for unlimited
# => 104857600 for 100 MB
mailbox_size_limit = 0
mailbox_command = procmail -a "$EXTENSION"
biff = no
alias_database = hash:/etc/aliases
local_destination_recipient_limit = 1
local_recipient_maps = unix:passwd.byname $alias_database
#
# ISPCP Autoresponder parameters;
#
ispcp-arpl_destination_recipient_limit = 1
#
# Delivering virtual messages parameters;
#
virtual_mailbox_base = /var/mail/virtual
virtual_mailbox_limit = 0
virtual_mailbox_domains = hash:/etc/postfix/ispcp/domains
virtual_mailbox_maps = hash:/etc/postfix/ispcp/mailboxes
virtual_alias_maps = hash:/etc/postfix/ispcp/aliases
virtual_minimum_uid = 1001
virtual_uid_maps = static:1001
virtual_gid_maps = static:8
#
# SASL paramters;
#
smtpd_sasl_auth_enable = yes
smtpd_sasl2_auth_enable = yes
smtpd_sasl_security_options = noanonymous, noplaintext
smtpd_sasl_local_domain =
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_invalid_helo_hostname,
reject_non_fqdn_helo_hostname
smtpd_sender_restrictions = reject_non_fqdn_sender,
reject_unknown_sender_domain,
permit_mynetworks,
permit_sasl_authenticated
smtpd_recipient_restrictions = reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_unlisted_recipient,
check_policy_service inet:127.0.0.1:12525,
#check_policy_service inet:127.0.0.1:60000,
permit
smtpd_data_restrictions = reject_multi_recipient_bounce,
reject_unauth_pipelining
#
# TLS parameters; activate, if avaible/used
#
#smtpd_tls_loglevel = 2
#smtpd_tls_cert_file = /etc/postfix/cert.pem
#smtpd_tls_key_file = /etc/postfix/privkey.pem
#smtpd_use_tls = yes
#smtpd_tls_auth_only = no
#smtpd_tls_received_header = yes
#
# AMaViS parameters; activate, if available/used
#
content_filter = amavis:[127.0.0.1]:10024
#
# Quota support; activate, if available/used
#
#virtual_create_maildirsize = yes
#virtual_mailbox_extended = yes
#virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
#virtual_mailbox_limit_override = yes
#virtual_maildir_limit_message = "The user you're trying to reach is over mailbox quota."
#virtual_overquota_bounce = yes
-----------------------------------------------------------------
saslfinger -chs
saslfinger - postfix Cyrus sasl configuration Mo 17. Mär 15:20:36 CET 2008
version: 1.0
mode: client-side SMTP AUTH
-- basics --
Postfix: 2.3.8
System: Debian GNU/Linux 4.0 \n \l
-- smtp is linked to --
libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x00002ae54fa07000)
-- active SMTP AUTH and TLS parameters for smtp --
No active SMTP AUTH and TLS parameters for smtp in main.cf!
SMTP AUTH can't work!
-----------------------------------------------------------------
saslfinger -s
saslfinger - postfix Cyrus sasl configuration Mo 17. Mär 15:21:45 CET 2008
version: 1.0
mode: server-side SMTP AUTH
-- basics --
Postfix: 2.3.8
System: Debian GNU/Linux 4.0 \n \l
-- smtpd is linked to --
libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x00002b98074a4000)
-- active SMTP AUTH and TLS parameters for smtpd --
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous, noplaintext
-- listing of /usr/lib/sasl2 --
insgesamt 804
drwxr-xr-x 2 root root 4096 2008-03-12 11:26 .
drwxr-xr-x 39 root root 12288 2008-03-15 00:47 ..
-rw-r--r-- 1 root root 18868 2006-12-13 22:52 libanonymous.a
-rw-r--r-- 1 root root 855 2006-12-13 22:52 libanonymous.la
-rw-r--r-- 1 root root 15792 2006-12-13 22:52 libanonymous.so
-rw-r--r-- 1 root root 15792 2006-12-13 22:52 libanonymous.so.2
-rw-r--r-- 1 root root 15792 2006-12-13 22:52 libanonymous.so.2.0.22
-rw-r--r-- 1 root root 21754 2006-12-13 22:52 libcrammd5.a
-rw-r--r-- 1 root root 841 2006-12-13 22:52 libcrammd5.la
-rw-r--r-- 1 root root 19184 2006-12-13 22:52 libcrammd5.so
-rw-r--r-- 1 root root 19184 2006-12-13 22:52 libcrammd5.so.2
-rw-r--r-- 1 root root 19184 2006-12-13 22:52 libcrammd5.so.2.0.22
-rw-r--r-- 1 root root 60216 2006-12-13 22:52 libdigestmd5.a
-rw-r--r-- 1 root root 864 2006-12-13 22:52 libdigestmd5.la
-rw-r--r-- 1 root root 48504 2006-12-13 22:52 libdigestmd5.so
-rw-r--r-- 1 root root 48504 2006-12-13 22:52 libdigestmd5.so.2
-rw-r--r-- 1 root root 48504 2006-12-13 22:52 libdigestmd5.so.2.0.22
-rw-r--r-- 1 root root 19094 2006-12-13 22:52 liblogin.a
-rw-r--r-- 1 root root 835 2006-12-13 22:52 liblogin.la
-rw-r--r-- 1 root root 16424 2006-12-13 22:52 liblogin.so
-rw-r--r-- 1 root root 16424 2006-12-13 22:52 liblogin.so.2
-rw-r--r-- 1 root root 16424 2006-12-13 22:52 liblogin.so.2.0.22
-rw-r--r-- 1 root root 38700 2006-12-13 22:52 libntlm.a
-rw-r--r-- 1 root root 829 2006-12-13 22:52 libntlm.la
-rw-r--r-- 1 root root 32520 2006-12-13 22:52 libntlm.so
-rw-r--r-- 1 root root 32520 2006-12-13 22:52 libntlm.so.2
-rw-r--r-- 1 root root 32520 2006-12-13 22:52 libntlm.so.2.0.22
-rw-r--r-- 1 root root 19134 2006-12-13 22:52 libplain.a
-rw-r--r-- 1 root root 835 2006-12-13 22:52 libplain.la
-rw-r--r-- 1 root root 16392 2006-12-13 22:52 libplain.so
-rw-r--r-- 1 root root 16392 2006-12-13 22:52 libplain.so.2
-rw-r--r-- 1 root root 16392 2006-12-13 22:52 libplain.so.2.0.22
-rw-r--r-- 1 root root 29100 2006-12-13 22:52 libsasldb.a
-rw-r--r-- 1 root root 856 2006-12-13 22:52 libsasldb.la
-rw-r--r-- 1 root root 21456 2006-12-13 22:52 libsasldb.so
-rw-r--r-- 1 root root 21456 2006-12-13 22:52 libsasldb.so.2
-rw-r--r-- 1 root root 21456 2006-12-13 22:52 libsasldb.so.2.0.22
There is no smtpd.conf that defines what SASL should do for Postfix.
SMTP AUTH can't work!
ElitePilot
RE: SASL authentication failure - elitepilot - 03-18-2008 12:28 AM
Problem gelöst, dank Monday
Hier seine Lösung:
[/quote]
/etc/postfix/main.cf
Zeile ~88:
Code:
smtpd_sasl_security_options = noanonymous[/quote]
RE: [ERLEDIGT] SASL authentication failure - Rene - 03-18-2008 12:36 AM
der thread ist total unnötig... es hätte wie immer die suche geholfen...
RE: [ERLEDIGT] SASL authentication failure - joximu - 03-18-2008 01:40 AM
Vorallem wäre es wichtig gewesen zu wissen, dass es nur mit dem Programm Ausblick Probleme gibt - soll ja immernoch Firmen geben, die das einsetzen...
naja, hoffen wir, dass jemand anderes daraus lernen kann :-)
RE: [ERLEDIGT] SASL authentication failure - elitepilot - 03-18-2008 01:44 AM
Ich habe die Forum suche nach diesem Error benutzt und ich habe auch vorher bei google gesucht. Desweiteren bin ich kein Kommerzieller nutzer von ISPCP und bin auch daran interessiert das die OpenSource entwicklung weiter geht ohne Fehler.
RE: [ERLEDIGT] SASL authentication failure - rbtux - 03-18-2008 01:53 AM
elitepilot Wrote:Ich habe die Forum suche nach diesem Error benutzt und ich habe auch vorher bei google gesucht.
Naja schlecht gesucht: (hier mal zwei threads welche ich mit der ersten suchanfrage gefunden habe, es gibt bestimmt noch mehr...)
http://www.isp-control.net/forum/sasl-authentication-failure-no-secret-in-database-t-2444.html#pid22691
http://www.isp-control.net/forum/solved-helo-command-rejected-need-fully-qualified-hostname-t-2726.html#pid25517
RE: [ERLEDIGT] SASL authentication failure - elitepilot - 03-18-2008 01:58 AM
rbtux Wrote:Nach Was haste den gesucht? Ich hatte "SASL authentication failure" eingeben und er hatt nix gefunden bei mir.elitepilot Wrote:Ich habe die Forum suche nach diesem Error benutzt und ich habe auch vorher bei google gesucht.
Naja schlecht gesucht: (hier mal zwei threads welche ich mit der ersten suchanfrage gefunden habe, es gibt bestimmt noch mehr...)
http://www.isp-control.net/forum/sasl-authentication-failure-no-secret-in-database-t-2444.html#pid22691
http://www.isp-control.net/forum/solved-helo-command-rejected-need-fully-qualified-hostname-t-2726.html#pid25517
PS: Bei Fehlern die einmal behoben habe, behebe ich auch alleine bei Zukünftigen Updates. Man lernt schließlich dazu.
RE: [ERLEDIGT] SASL authentication failure - rbtux - 03-18-2008 02:01 AM
smtp authentication
sasl authentication
RE: [ERLEDIGT] SASL authentication failure - elitepilot - 03-18-2008 02:03 AM
ok danke ich probiere das nächste mal die Suche etwas aufzuplitten. Aber wenn demnächst einer nach "SASL authentication failure" sucht, wird er diesen Thread finden und die Lösung dadrin. D.h. es sollte nicht nochmal einer wegen diesem Fehler nachfragen.
RE: [ERLEDIGT] SASL authentication failure - gOOvER - 03-18-2008 02:07 AM
Das bleibt abzuwarten.
es gibt immer noch die Gruppe: Wieso suchen, die helfen auch so 