El 01/03/16 a las 16:49, Manuel Mely escribió:
On 03/01/2016 02:28 PM, Rommel Rodriguez Toirac wrote:
No me llegó nada :-( Directamente no puedo recibir ni enviar correos
a dominios que no sean .cu y no pueden pasar de 1Mb de tamaño Nada
que nosotros todavía estamos en otra época.
De todos modos si pueden seguir el hilo o al menos postear la solucion
al problema por aqui mejor. Y si es posible acortar un poco el cuerpo
del mensaje (como acabo de hacer en este mensaje)
Sobre la solucion... te dejo en buenas manos :)
______________________________________________________________________
Lista de correos del Grupo de Usuarios de Tecnologías Libres de Cuba.
Gutl-l@jovenclub.cu
https://listas.jovenclub.cu/cgi-bin/mailman/listinfo/gutl-l
De la propia wiki de Centos Postfix SASL + Dovecot
Configuring SASL in postfix
To configure SASL in postfix, we need to make the following additions to
/etc/postfix/main.cf:
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
and add permit_sasl_authenticated to our smtpd_recipient_restrictions
section of /etc/postfix/main.cf (if you don't have a
smtpd_recipient_restrictions section, then the following example will
work fine):
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination
Next we need to configure auth default in the authentication processes
section of /etc/dovecot.conf. Uncomment and/or add the following lines
as necessary (be careful as this section is heavily commented, some
entries already exist, others are commented out and need uncommenting
such as socket listen):
auth default {
mechanisms = plain login
passdb pam {
}
userdb passwd {
}
user = root
socket listen {
client {
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
group = postfix
}
}
}
Restart dovecot and reload postfix configuration setting:
service dovecot restart
postfix reload
De la wiki de debian
PostfixAndSASL
Translation(s): none
Simple Authentication and Security Layer (SASL) with Postfix SMTP
Tabla de Contenidos
SASL authentication in the Postfix SMTP server
Implementation using Cyrus SASL
Using saslauthd with PAM
Using auxprop with sasldb
Troubleshooting tip
Implementation using Dovecot SASL
SASL authentication in the Postfix SMTP client
Postfix and sbcglobal/yahoo/att
SASL authentication in the Postfix SMTP server
Implementation using Cyrus SASL
Using saslauthd with PAM
Setup Postfix with SMTP-AUTH over SASL2 with authentication against PAM
in a chroot() environment.
Note: The following steps have been carried out and verified on a Debian
7.1 system (Jan. 2015).
Note: SASL2 (saslauthd) creates a socket in its working directory.
Postfix (smtpd) needs access to this socket. If smtpd is running
chroot()ed (what is standard on Debian) saslauthd must run within this
chroot() environment also (though not being chrooted itself). While this
is fine for smtpd there are other services (Cyrus imapd for example)
which expect saslauthd 's socket at its "regular" location
(/var/run/saslauthd).
The recommended way to solve this is to run separate saslauthd processes
for Postfix and for others. Debian is prepared for this. Alternatively a
symlink-trick can be used. See below. Or you can disable chroot()ing by
editing the chroot columns in /etc/postfix/master.cf.
Install libsasl2-modules, postfix, sasl2-bin
Create a file /etc/postfix/sasl/smtpd.conf:
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
Setup a separate saslauthd process to be used from Postfix:
Create a copy of saslauthd's config file
~# cp /etc/default/saslauthd /etc/default/saslauthd-postfix
and edit it
START=yes
DESC="SASL Auth. Daemon for Postfix"
NAME="saslauthd-postf" # max. 15 char.
# Option -m sets working dir for saslauthd (contains socket)
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd" #
postfix/smtp in chroot()
(See /usr/share/doc/sasl2-bin/README.Debian.gz)
Alternatively you can replace the directory /run/saslauthd with a
symlink to /var/spool/postfix/var/run/saslauthd
~# rm -rf /run/saslauthd
~# ln -s /var/spool/postfix/var/run/saslauthd /run/saslauthd
This is a quick-and-dirty hack, useful only for testing purposes. After
the next reboot the contents of /run will be reset.
Create required subdirectories in postfix chroot directory:
dpkg-statoverride --add root sasl 710
/var/spool/postfix/var/run/saslauthd
Add the user "postfix" to the group "sasl":
adduser postfix sasl
Restart saslauthd:
~# service saslauthd restart
[ ok ] Stopping SASL Auth. Daemon: saslauthd.
[ ok ] Stopping SASL Auth. Daemon for Postfix: saslauthd-postf.
[ ok ] Starting SASL Auth. Daemon: saslauthd.
[ ok ] Starting SASL Auth. Daemon for Postfix: saslauthd-postf.
Edit Postfix configuration:
~# postconf -e 'smtpd_sasl_local_domain = $myhostname'
~# postconf -e 'smtpd_sasl_auth_enable = yes'
~# postconf -e 'broken_sasl_auth_clients = yes'
~# postconf -e 'smtpd_sasl_security_options = noanonymous'
~# postconf -e 'smtpd_recipient_restrictions =
permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination'
(Optionally) Create a new PAM fragment and adjust it to your needs:
~# cd /etc/pam.d
~# cp other smtp
~# editor /etc/pam.d/smtp
Restart (reloading is not enough) postfix:
~# service postfix restart
That's it, you're done, everything should work fine now.
Using auxprop with sasldb
Setup Postfix with SMTP-AUTH over SASL2 with authentication against
sasldb in a chroot() environment.
Note: The following steps have been carried out and verified on a Debian
8.3 system (Feb. 2016).
Install libsasl2-modules, sasl2-bin
Create a file /etc/postfix/sasl/smtpd.conf:
pwcheck_method: auxprop
auxprop_plugin: sasldb
mech_list: plain login
Add an user to sasldb2
~# saslpasswd2 -c -u domain user
~# sasldblistusers2
Postfix needs /etc/sasldb2 in his chroot environment. One solution is to
change init script to copy sasldb2 at startup.
In /etc/init.d/postfix, add etc/sasldb2 in the variable FILES :
FILES="etc/localtime etc/services etc/resolv.conf etc/hosts \
etc/host.conf etc/nsswitch.conf etc/nss_mdns.config
etc/sasldb2"
Edit Postfix configuration:
~# postconf -e 'smtpd_sasl_local_domain = $myhostname'
~# postconf -e 'smtpd_sasl_auth_enable = yes'
~# postconf -e 'smtpd_sasl_security_options = noanonymous'
Restart (reloading is not enough) postfix:
~# service postfix restart
~# systemctl daemon-reload
That's it, you're done, everything should work fine now.
Troubleshooting tip
Check your configuration with saslfinger :
~# saslfinger -s
If something goes wrong (cannot connect to server, authentification
fails) try to see what is happening behind the scenes. Try to connect to
your mailserver via
~# telnet server 25
Can smtpd be connected? If yes, enter the command "ehlo dummy". What
does smtpd respond? For more information see Check for SMTP AUTH support
Implementation using Dovecot SASL
See also: http://wiki.dovecot.org/HowTo/PostfixAndDovecotSASL
SASL authentication in the Postfix SMTP client
Postfix and sbcglobal/yahoo/att
SBC global block port 25 on its DSL users:
http://help.sbcglobal.net/article.php?item=4640
We will use sbc smtp server via authentication to send emails. Do this:
apt-get install libsasl2-modules
ADD to main.cf by using postconf. Just type (smtp.att.yahoo.com requires
the port 587 otherwise you don't need it):
postconf -e "relayhost = [smtp.sbcglobal.yahoo.com]:587"
postconf -e "smtp_sasl_auth_enable = yes"
postconf -e "smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd"
postconf -e "smtp_sasl_security_options = noanonymous"
Create a file called sasl_passwd in /etc/postfix/sasl_passwd. Inside type
in
[smtp.sbcglobal.yahoo.com]:587 usern...@sbcglobal.net:mypassword
Now change permissions so others can't read it:
chmod 600 /etc/postfix/sasl_passwd
Now postmap it. (It creates a database-like file so postfix can read it.)
postmap /etc/postfix/sasl_passwd
Restart postfix
postfix reload
He aquí ambos soluciones para implementación de SASL. Salu2.
