·ChinaUnix首页 ·论坛 ·博客 
Linux首页 | Linux新闻 | Linux论坛 | Linux文档 | Linux下载 | Linux博客 | Linux搜索 | 开源项目孵化平台 | 《开源时代》
新手入门 | 安装启动 | 管理员指南 | 开发手册 | 桌面应用 | 程序开发 | 数据库 | 网络技术| CentOS | Fedora | MySQL | Apache | Ubuntu | Gentoo| OSCON08
  Linux时代 >> 技术文档 >> 新手入门
 
Postfix SMTP 部分用户验证失败,POP验证正常。
来源: Linux论坛  日期: 2012.03.15 15:16 (共有条评论) 我要评论
 
[i=s] 本帖最后由 GreenAugust 于 2012-03-15 15:24 编辑

请教大家,先谢谢

组件:Postfix+Dovecot+OpenLDAP

Postfix+Cyrus-SASL+OpenLDAP   验证SMTP
Dovecot+OpenLDAP  验证POP

Postfix Dovecot OpenLDAP 使用编译安装

Cyrus-SASL 使用RHL5.4 自带安装RPM包安装


POP和SMTP使用相同的数据库LDAP

问题:用户在发送邮件的时候,突然突出密码验证失败,日志显示 SASL LOGIN authentication failed: authentication failure,使用 testsaslauthd -uuser -ppassword依然验证失败。
登录phpLDAPadmin 登录,查看使用checkpassword 检查用户密码为正确的密码,排除用户更改密码的可能性。POP收取邮件正常,用户登录正常
问题是,这只是部分用户,没有大规模用户验证失败。
贴出配置:
Postfix  main.cf

————————————————————————————————————————————————————————————

alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
myhostname = ********************
mydestination = $myhostname,localhost
unknown_local_recipient_reject_code = 550
mynetworks = 127.0.0.0/8,192.168.254.0/24


debug_peer_level = 2
debugger_command =
         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
         xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/local/man
sample_directory = /etc/postfix
readme_directory = no
virtual_mailbox_domains = ********************
virtual_mailbox_base = /mail
#virtual_alias_maps = ldap:/etc/postfix/ldapalias.cf.autoreply
#virtual_alias_maps = ldap:/etc/postfix/ldapalias.cf
virtual_alias_maps = ldap:/etc/postfix/ldapalias.cf.autoreply,ldap:/etc/postfix/ldapalias.cf
virtual_mailbox_maps = ldap:/etc/postfix/ldap-mailbox.cf
virtual_mailbox_limit = 0

virtual_mailbox_limit_inbox = no
virtual_mailbox_limit_maps = ldap:/etc/postfix/quota.cf
virtual_overquota_bounce = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.




virtual_uid_maps     = static:1000
virtual_gid_maps     = static:1000
local_recipient_maps = proxy:unix:passwd.byname $alias_maps $virtual_mailbox_maps




smtpd_sasl_auth_enable = yes
#smtpd_sasl_path = smtp
smtpd_sasl_security_options = noanonymous
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
smtpd_sasl_local_domain = $myhostname
smtpd_recipient_restrictions =
permit_mynetworks
permit_auth_destination
permit_sasl_authenticated
reject
#broken_sasl_auth_clients = yes

transport_maps = hash:/etc/postfix/transport
virtual_transport = virtual
#relayhost = 192.168.254.173
#relayhost = 192.168.254.173

smtpd_use_tls = yes
smtpd_tls_key_file = /etc/pki/tls/private/localhost.key
smtpd_tls_cert_file = /etc/pki/tls/certs/localhost.crt
smtpd_tls_session_cache_database = btree:/etc/postfix/smtpd__scache
#smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache
#smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_scache

smtpd_tls_loglevel = 1
bounce_queue_lifetime = 3d
maximal_queue_lifetime = 3d

[root@web postfix]# clear
[root@web postfix]# cat /etc/smtpd.conf
pwcheck_method: saslauthd
mech_list: login plain
[root@web postfix]# vim main.cf
[root@web postfix]# vim main.cf
[root@web postfix]# postfix reload
postfix/postfix-script: refreshing the Postfix mail system
[root@web postfix]# cat main.cf
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
myhostname = ****************************
mydestination = $myhostname,localhost
unknown_local_recipient_reject_code = 550
mynetworks = 127.0.0.0/8


debug_peer_level = 2
debugger_command =
         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
         xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/local/man
sample_directory = /etc/postfix
readme_directory = no

virtual_mailbox_domains = **************************
virtual_mailbox_base = /mail
virtual_alias_maps = ldap:/etc/postfix/ldapalias.cf.autoreply,ldap:/etc/postfix/ldapalias.cf
virtual_mailbox_maps = ldap:/etc/postfix/ldap-mailbox.cf
virtual_mailbox_limit = 0
virtual_mailbox_limit_inbox = no
virtual_mailbox_limit_maps = ldap:/etc/postfix/quota.cf
virtual_overquota_bounce = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.
virtual_uid_maps     = static:1000
virtual_gid_maps     = static:1000
local_recipient_maps = proxy:unix:passwd.byname $alias_maps $virtual_mailbox_maps

smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
smtpd_sasl_local_domain = $myhostname
smtpd_recipient_restrictions =
permit_mynetworks
permit_auth_destination
permit_sasl_authenticated
reject
broken_sasl_auth_clients = yes

transport_maps = hash:/etc/postfix/transport
virtual_transport = virtual

smtpd_use_tls = yes
smtpd_tls_key_file = /etc/pki/tls/private/localhost.key
smtpd_tls_cert_file = /etc/pki/tls/certs/localhost.crt
smtpd_tls_session_cache_database = btree:/etc/postfix/smtpd__scache
#smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache
#smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_scache

smtpd_tls_loglevel = 1
bounce_queue_lifetime = 3d
____________________________________________________________________________________

SASL 配置文件
——————————————————————————————————————————————————————
cat /etc/saslauthd.conf
ldap_servers: ldap://127.0.0.1
ldap_bind_dn: cn=root,o=sesc,c=cn
ldap_bind_pw: 123456
ldap_search_base: ou=People,o=sesc,c=cn
ldap_version: 3
ldap_auth_method: bind
ldap_filter: (virtualdomainuser=%u)


cat /etc/sasl2/smtpd.conf
pwcheck_method: saslauthd
mech_list: login plain


grep -Ev "^$|#" /etc/sysconfig/saslauthd
SOCKETDIR=/var/run/saslauthd
MECH=ldap
FLAGS=

————————————————————————————————————————————————————————
以上;谢谢


目前我只有16积分,如果问题解决,可以提供给你$。感谢





  发表评论 查看评论(共有条评论)
 
 


最新资讯更多>> 
· 谷歌劝说诺基亚采用Android操作..
· Apache 基金会确认退出 JCP 执..
· Chrome 10 新功能探秘:新增GP..
· 金山宣布开源其安全软件
· 女黑客在开源会议上抱受骚扰
· 21款值得关注的Linux游戏
· 马化腾:腾讯半年后彻底转型,..
· [多图] Chrome OS 预发布版本多..
· Lubuntu 11.04 默认应用抢先一览
· Red Hat宣布收购云计算软件提供..
论坛热点更多>> 
· do_execve时候用户栈中参数的..
· swapinfo -atm 问题
· Linux 的优点简述
· VM虚拟机上得Red Hat Linux上..
· 我看成了上海男人喜欢女人毛..
· 校车展览,看了你就知道
· 在遇到他之前,唯一需要做的..
· GRUB的疑问
· 从来没有人真正付足书价——..
· 云存储 vs 网盘
文档更新更多>> 
· orcale queue
· 谁可以推荐几本经典的操作系统的..
· 【北京】某物联网公司招云计算应..
· 【北京】某物联网公司招云计算应..
· 谁能推荐几本关于操作系统的书
· 如何添加网络接口eth1
· 葡萄牙语入门教材的选取与经验分享
· 葡萄牙语就业前景分析
· 葡萄牙语学习经验交流
· Щ
 
关于我们 | 联系方式 | 广告合作 | 诚聘英才 | 网站地图 | 友情链接 | 免费注册

Copyright © 2001-2009 ChinaUnix.net All Rights Reserved

感谢所有关心和支持过ChinaUnix的朋友们

京ICP证:060528号