Hi,
Wir ihr bestimmt aus dem Titel entnehmen könnt handelt es sich um ein Problem bei der Authentifizierung am Postfix per sasl.
Leider habe ich bis jetzt noch keine passende Lösung für das Problem gefunden, auch nicht nach stunden langer Recherche im Internet.
System: OpenSuse 11.1
ISPCP: neuste Version stable
main.cf:
Code:
#
# ispCP ω (OMEGA) a Virtual Hosting Control System
#
# @copyright 2001-2006 by moleSoftware GmbH
# @copyright 2006-2008 by ispCP | http://isp-control.net
# @version SVN: $Id$
# @link http://isp-control.net
# @author ispCP Team
#
# @license
# This program is free software; you can redistribute it and/or modify it under
# the terms of the MPL General Public License as published by the Free Software
# Foundation; either version 1.1 of the License, or (at your option) any later
# version.
# You should have received a copy of the MPL Mozilla Public License along with
# this program; if not, write to the Open Source Initiative (OSI)
# http://opensource.org | osi@opensource.org
#
################################################################################
# Postfix directory settings; These are critical for normal Postfix MTA functionallity
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
# Some common configuration parameters
mydomain = bithost.ch
smtpd_banner = $myhostname ESMTP ispCP {MTA_VERSION} Managed
setgid_group = maildrop
# Receiving messages parameters
mydestination = $myhostname, localhost.$mydomain
append_dot_mydomain = no
append_at_myorigin = yes
local_transport = local
virtual_transport = virtual
transport_maps = hash:/etc/postfix/transport
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
# Delivering local messages parameters
mail_spool_directory = /var/mail
# Mailboxquota
# => 0 for unlimited
# => 104857600 for 100 MB
mailbox_size_limit = 0
mailbox_command =
# Message size limit
# => 0 for unlimited
# => 104857600 for 100 MB
message_size_limit = 10240000
biff = no
recipient_delimiter = +
local_destination_recipient_limit = 1
local_recipient_maps = unix:passwd.byname $alias_database
# ispCP Autoresponder parameters
ispcp-arpl_destination_recipient_limit = 1
# Delivering virtual messages parameters
virtual_mailbox_base = /var/spool/mail/virtual
virtual_mailbox_limit = 0
virtual_mailbox_domains = hash:/etc/postfix/ispcp/domains
virtual_mailbox_maps = hash:/etc/postfix/ispcp/mailboxes
virtual_alias_maps = hash:/etc/postfix/virtual
virtual_minimum_uid = 1000
virtual_uid_maps = static:1000
virtual_gid_maps = static:12
# SASL paramters
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_helo_required = no
smtpd_helo_restrictions =
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination
smtpd_data_restrictions = reject_multi_recipient_bounce,
reject_unauth_pipelining
# TLS parameters; activate, if avaible/used
#smtpd_use_tls = yes
#smtpd_tls_loglevel = 2
#smtpd_tls_cert_file = /etc/postfix/cert.pem
#smtpd_tls_key_file = /etc/postfix/privkey.pem
#smtpd_tls_auth_only = no
#smtpd_tls_received_header = yes
# AMaViS parameters; activate, if available/used
#content_filter = amavis:[127.0.0.1]:10024
# Quota support; activate, if available/used
#virtual_create_maildirsize = yes
#virtual_mailbox_extended = yes
#virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
#virtual_mailbox_limit_override = yes
#virtual_maildir_limit_message = "The user you're trying to reach is over mailbox quota."
#virtual_overquota_bounce = yes
canonical_maps = hash:/etc/postfix/canonical
virtual_alias_domains = hash:/etc/postfix/virtual
relocated_maps = hash:/etc/postfix/relocated
sender_canonical_maps = hash:/etc/postfix/sender_canonical
masquerade_exceptions = root
masquerade_classes = envelope_sender, header_sender, header_recipient
delay_warning_time = 1h
message_strip_characters = \0
program_directory = /usr/lib/postfix
readme_directory = /usr/share/doc/packages/postfix-doc/README_FILES
html_directory = /usr/share/doc/packages/postfix-doc/html
sample_directory = /usr/share/doc/packages/postfix-doc/samples
sendmail_path = /usr/sbin/sendmail
manpage_directory = /usr/share/man
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
inet_protocols = all
masquerade_domains =
defer_transports =
disable_dns_lookups = no
mailbox_transport =
strict_8bitmime = no
disable_mime_output_conversion = no
smtpd_client_restrictions =
strict_rfc821_envelopes = no
smtp_sasl_auth_enable = no
smtp_use_tls = no
delay_notice_recipient = root
bounce_notice_recipient = root
2bounce_notice_recipient = root
error_notice_recipient = root
inet_interfaces = 127.0.0.1, xx.xx.xx.xx
master.cf:
Code:
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd
#submission inet n - - - - smtpd
# -o smtpd_enforce_tls=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps inet n - - - - smtpd -o smtpd_tls_wrappermode=yes
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
# For AOL-Accounts
587 inet n - - - - smtpd
-o smtpd_client_restrictions=permit_sasl_authenticated,reject_unauth_destination
#628 inet n - - - - qmqpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - - 300 1 oqmgr
#tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - - - - smtp
-o fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
# ====================================================================
# ispCP ω (OMEGA) a Virtual Hosting Control System
#
# @copyright 2001-2006 by moleSoftware GmbH
# @copyright 2006-2008 by ispCP | http://isp-control.net
# @version SVN: $Id$
# @link http://isp-control.net
# @author ispCP Team
# ====================================================================
# AMaViS => Antivir / Antispam
amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
#localhost:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_override_options=no_address_mappings
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
# ispCP autoresponder
ispcp-arpl unix - n n - - pipe
flags=O user=vmail argv=/var/www/ispcp/engine/messager/ispcp-arpl-msgr
# TLS - Activate, if TLS is avaiable/used
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
mail log:
Code:
Jul 29 19:12:12 bithost postfix/smtpd[3576]: warning: SASL authentication failure: Password verification failed
Jul 29 19:12:12 bithost postfix/smtpd[3576]: warning: 183-205.5-85.cust.bluewin.ch[85.5.205.183]: SASL PLAIN authentication failed: authentication failure
Jul 29 19:12:12 bithost postfix/smtpd[3576]: warning: 183-205.5-85.cust.bluewin.ch[85.5.205.183]: SASL LOGIN authentication failed: authentication failure
Jul 29 19:13:10 bithost imapd: Failed to create cache file: maildirwatch (stvinfo@stvkesswil.ch)
Jul 29 19:13:10 bithost imapd: Error: Input/output error
Jul 29 19:13:10 bithost imapd: Check for proper operation and configuration
Jul 29 19:13:10 bithost imapd: of the File Access Monitor daemon (famd).
/etc/init.d/saslauthd:
Code:
#! /bin/sh
# Copyright (c) 2002 SuSE Linux AG Nuernberg, Germany.
#
# Author: Carsten Hoeger, Ralf Haferkamp
#
# /etc/init.d/saslauthd
#
### BEGIN INIT INFO
# Provides: saslauthd
# Required-Start: $network $remote_fs
# Required-Stop: $network $remote_fs
# Default-Start: 3 5
# Description: cyrus-sasl auth daemon
### END INIT INFO
AUTHD_BIN=/usr/sbin/saslauthd
test -x $AUTHD_BIN || exit 5
SASLAUTHD_AUTHMECH="pam"
SASLAUTHD_THREADS=5
test -f /etc/sysconfig/saslauthd && . /etc/sysconfig/saslauthd
# Shell functions sourced from /etc/rc.status:
# rc_check check and set local and overall rc status
# rc_status check and set local and overall rc status
# rc_status -v ditto but be verbose in local rc status
# rc_status -v -r ditto and clear the local rc status
# rc_failed set local and overall rc status to failed
# rc_failed <num> set local and overall rc status to <num><num>
# rc_reset clear local rc status (overall remains)
# rc_exit exit appropriate to overall rc status
. /etc/rc.status
# First reset status of this service
rc_reset
# Return values acc. to LSB for all commands but status:
# 0 - success
# 1 - generic or unspecified error
# 2 - invalid or excess argument(s)
# 3 - unimplemented feature (e.g. "reload")
# 4 - insufficient privilege
# 5 - program is not installed
# 6 - program is not configured
# 7 - program is not running
#
# Note that starting an already running service, stopping
# or restarting a not-running service as well as the restart
# with force-reload (in case signalling is not supported) are
# considered a success.
case "$1" in
start)
echo -n "Starting service saslauthd"
## Start daemon with startproc(8). If this fails
## the echo return value is set appropriate.
# NOTE: startproc return 0, even if service is
# already running to match LSB spec.
/sbin/startproc $AUTHD_BIN $SASLAUTHD_PARAMS -a $SASLAUTHD_AUTHMECH -n $SASLAUTHD_THREADS > /dev/null 2>&1
# Remember status and be verbose
rc_status -v
;;
stop)
echo -n "Shutting down service saslauthd"
## Stop daemon with killproc(8) and if this fails
## set echo the echo return value.
/sbin/killproc -TERM $AUTHD_BIN > /dev/null 2>&1
# Remember status and be verbose
rc_status -v
;;
try-restart)
## Stop the service and if this succeeds (i.e. the
## service was running before), start it again.
## Note: try-restart is not (yet) part of LSB (as of 0.7.5)
$0 status >/dev/null && $0 restart
# Remember status and be quiet
rc_status
;;
restart)
## Stop the service and regardless of whether it was
## running or not, start it again.
$0 stop
$0 start
# Remember status and be quiet
rc_status
;;
force-reload)
## Signal the daemon to reload its config. Most daemons
## do this on signal 1 (SIGHUP).
## If it does not support it, restart.
echo -n "Reload service saslauthd"
## if it supports it:
#/sbin/killproc -HUP $AUTHD_BIN
#touch /var/run/FOO.pid
#rc_status -v
# Otherwise:
$0 stop && $0 start
rc_status
;;
reload)
## Like force-reload, but if daemon does not support
## signalling, do nothing (!)
echo -n "Reload service saslauthd"
# If it supports signalling:
#/sbin/killproc -HUP $AUTHD_BIN
#touch /var/run/FOO.pid
#rc_status -v
# Otherwise if it does not support reload:
rc_failed 3
rc_status -v
;;
status)
echo -n "Checking for service saslauthd: "
## Check status with checkproc(8), if process is running
## checkproc will return with exit status 0.
# Status has a slightly different for the status command:
# 0 - service running
# 1 - service dead, but /var/run/ pid file exists
# 2 - service dead, but /var/lock/ lock file exists
# 3 - service not running
# NOTE: checkproc returns LSB compliant status values.
/sbin/checkproc $AUTHD_BIN
rc_status -v
;;
*)
echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload}"
exit 1
;;
esac
rc_exit
/etc/sysconfig/saslauthd:
Code:
## Path: System/Security/SASL
## Type: list(getpwent,kerberos5,pam,rimap,shadow,ldap)
## Default: pam
## ServiceRestart: saslauthd
#
# Authentication mechanism to use by saslauthd.
# See man 8 saslauthd for available mechanisms.
#
SASLAUTHD_AUTHMECH=pam
## Path: System/Security/SASL
## Type: integer(0:)
## Default: 5
## ServiceRestart: saslauthd
#
# Authentication mechanism to use by saslauthd.
# See man 8 saslauthd for available mechanisms.
#
SASLAUTHD_THREADS=5
## Path: System/Security/SASL
## Type: string
## Default: ""
## ServiceRestart: saslauthd
#
# Additional parameters to use by saslauthd.
# See the saslauthd(8) manpage for available parameters.
#
SASLAUTHD_PARAMS=""
So ich hoffe mal das die Infos hier reichen, um dem Problem eine Spur näher zu kommen.
Besten Dank schon mal für eure Hilfe!!!
Freundliche Grüsse
linuxjohnny
Search
Member List
Calendar
Help
/
[ERLEDIGT]SASL PLAIN authentication failed: authentication failure
