Re: [postfix-users] smtp auth
On Tue, May 04, 2004 at 02:46:01PM -0700, Jays wrote: > Hi all, > > saya coba mengaktifkan smtp auth dgn sasl. > tapi saya coba telnet hasilnya spt ini. > > saya pake authsasl -> mysql. (dari techie.org) > pls helpknapa failed. > > - > Connected to localhost. > Escape character is '^]'. > 220 xxx.co.id ESMTP Postfix > ehlo gue.com > 250-xxx.co.id > 250-PIPELINING > 250-SIZE 102400 > 250-ETRN > 250-AUTH LOGIN PLAIN DIGEST-MD5 CRAM-MD5 > 250-AUTH=LOGIN PLAIN DIGEST-MD5 CRAM-MD5 > 250-XVERP > 250 8BITMIME > auth mysql dGVzdABqYXlzQGluZm8uZ3VuYW51c2EuY28uaWRT > 535 Error: authentication failed > quit > 221 Bye > Connection closed by foreign host. coba pada /etc/postfix/master.cf, edit baris pertama (yang tanpa komentar) menjadi: smtp inet n - n - - smtpd -v -v di akhir itu untuk menyatakan "verbose", atau "keterangan lebih lengkap". Keterangan ini yang di tampilkan di log. misal log mail anda di /var/log/mail.log, maka sebelum menjalankan test autentikasi, jalankan: shell$ tail -f /var/log/mail.log perhatikan keterangan di log tersebut untuk mengetahui bagian mana yang salah. Semoga membantu > > ./jays > -- Program Diploma Teknik Elektro Universitas Gadjah Mada Yogyakarta http://te.pdft.ugm.ac.id/~jaya
Re: [postfix-users] smtp auth
On Wed, May 05, 2004 at 02:40:53AM +0700, I Gede Wijaya S wrote: > > 250 8BITMIME > > auth mysql dGVzdABqYXlzQGluZm8uZ3VuYW51c2EuY28uaWRT ^ > > 535 Error: authentication failed > > quit > > 221 Bye ... > coba pada /etc/postfix/master.cf, edit baris pertama (yang tanpa > komentar) menjadi: > smtp inet n - n - - smtpd -v itu terlalu jauh, di atas, cara testingnya salah. coba baca lagi SASL_README. Salam, P.Y. Adi Prasaja
RE: [postfix-users] smtp auth
> -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of I > Gede Wijaya S > Sent: Tuesday, May 04, 2004 12:41 PM > To: [EMAIL PROTECTED] > Subject: Re: [postfix-users] smtp auth > > > On Tue, May 04, 2004 at 02:46:01PM -0700, Jays wrote: > > Hi all, > > > > saya coba mengaktifkan smtp auth dgn sasl. > > tapi saya coba telnet hasilnya spt ini. > > > > saya pake authsasl -> mysql. (dari techie.org) > > pls helpknapa failed. > > > > - > > Connected to localhost. > > Escape character is '^]'. > > 220 xxx.co.id ESMTP Postfix > > ehlo gue.com > > 250-xxx.co.id > > 250-PIPELINING > > 250-SIZE 102400 > > 250-ETRN > > 250-AUTH LOGIN PLAIN DIGEST-MD5 CRAM-MD5 > > 250-AUTH=LOGIN PLAIN DIGEST-MD5 CRAM-MD5 > > 250-XVERP > > 250 8BITMIME > > auth mysql dGVzdABqYXlzQGluZm8uZ3VuYW51c2EuY28uaWRT > > 535 Error: authentication failed > > quit > > 221 Bye > > Connection closed by foreign host. > coba pada /etc/postfix/master.cf, edit baris pertama (yang tanpa > komentar) menjadi: > smtp inet n - n - - smtpd -v > > -v di akhir itu untuk menyatakan "verbose", atau "keterangan lebih > lengkap". Keterangan ini yang di tampilkan di log. misal log mail anda > di /var/log/mail.log, maka sebelum menjalankan test autentikasi, > jalankan: > shell$ tail -f /var/log/mail.log > > perhatikan keterangan di log tersebut untuk mengetahui bagian > mana yang > salah. Semoga membantu > > saya sudah mencoba -v pada master.cf di bawah ini ada baris : May 5 08:18:48 info postfix/smtpd[17646]: warning: SASL authentication failure: Can only find author/en (no password) apa ini masalahnyatapi penyebabnya apa dan bagaimana resolve nya??? pls help ./jays ini log nya: May 5 08:18:28 info postfix/smtpd[17646]: connect from unknown[10.0.0.6] May 5 08:18:28 info postfix/smtpd[17646]: > unknown[10.0.0.6]: 220 mx1.info.xyz.co.id ESMTP Postfix May 5 08:18:28 info postfix/smtpd[17646]: watchdog_pat: 0x80b0698 May 5 08:18:39 info postfix/smtpd[17646]: < unknown[10.0.0.6]: ehlo info.xyz.co.id May 5 08:18:39 info postfix/smtpd[17646]: > unknown[10.0.0.6]: 250-mx1.info.xyz.co.id May 5 08:18:39 info postfix/smtpd[17646]: > unknown[10.0.0.6]: 250-PIPELINING May 5 08:18:39 info postfix/smtpd[17646]: > unknown[10.0.0.6]: 250-SIZE 102400 May 5 08:18:39 info postfix/smtpd[17646]: > unknown[10.0.0.6]: 250-ETRN May 5 08:18:39 info postfix/smtpd[17646]: > unknown[10.0.0.6]: 250-AUTH LOGIN PLAIN DIGEST-MD5 CRAM-MD5 May 5 08:18:39 info postfix/smtpd[17646]: > unknown[10.0.0.6]: 250-AUTH=LOGIN PLAIN DIGEST-MD5 CRAM-MD5 May 5 08:18:39 info postfix/smtpd[17646]: match_hostname: unknown ~? 127.0.0.0/8 May 5 08:18:39 info postfix/smtpd[17646]: match_hostaddr: 10.0.0.6 ~? 127.0.0.0/8 May 5 08:18:39 info postfix/smtpd[17646]: match_hostname: unknown ~? 202.158.28.0/28 May 5 08:18:39 info postfix/smtpd[17646]: match_hostaddr: 10.0.0.6 ~? 202.158.28.0/28 May 5 08:18:39 info postfix/smtpd[17646]: match_hostname: unknown ~? 10.0.0.0/24 May 5 08:18:39 info postfix/smtpd[17646]: match_hostaddr: 10.0.0.6 ~? 10.0.0.0/24 May 5 08:18:39 info postfix/smtpd[17646]: > unknown[10.0.0.6]: 250-XVERP May 5 08:18:39 info postfix/smtpd[17646]: > unknown[10.0.0.6]: 250 8BITMIME May 5 08:18:39 info postfix/smtpd[17646]: watchdog_pat: 0x80b0698 May 5 08:18:48 info postfix/smtpd[17646]: < unknown[10.0.0.6]: AUTH PLAIN amF5c0BpbmZvLmd1bmFudXNhLmNvLmlkAGpheXNAaW5mby5ndW5hbnVzYS5jby5pZFM= May 5 08:18:48 info postfix/smtpd[17646]: smtpd_sasl_authenticate: sasl_method PLAIN, init_response amF5c0BpbmZvLmd1bmFudXNhLmNvLmlkAGpheXNAaW5mby5ndW5hbnVzYS5jby5pZFM= May 5 08:18:48 info postfix/smtpd[17646]: smtpd_sasl_authenticate: decoded initial response [EMAIL PROTECTED] May 5 08:18:48 info postfix/smtpd[17646]: warning: SASL authentication failure: Can only find author/en (no password) May 5 08:18:48 info postfix/smtpd[17646]: warning: unknown[10.0.0.6]: SASL PLAIN authentication failed May 5 08:18:48 info postfix/smtpd[17646]: > unknown[10.0.0.6]: 535 Error: authentication failed May 5 08:18:49 info postfix/smtpd[17646]: watchdog_pat: 0x80b0698 May 5 08:18:52 info postfix/smtpd[17646]: < unknown[10.0.0.6]: quit May 5 08:18:52 info postfix/smtpd[17646]: > unknown[10.0.0.6]: 221 Bye May 5 08:18:52 info postfix/smtpd[17646]: disconnect from unknown[10.0.0.6] May 5 08:18:52 info postfix/smtpd[17646]: master_notify: status 1 May 5 08:18:52 info postfix/smtpd[17646]: connection closed May 5 08:18:52 info postfix/smtpd[17646]: watchdog_stop: 0x80b0698 May 5 08:18:52 info postfix/smtpd[17646]: watchdog_start: 0x80b0698 May 5 08:19:04 info postfix/smtpd[17646]: proxymap stream disconnect May 5 08:19:04 info postfix/smtpd[17646]: watchdog_stop: 0x80b0698 May 5 08:19:04 info postfix/smtpd[17646]: watchdog_start: 0x80b0698
Re: [postfix-users] smtp auth
hehe wrote: hi, mau nanya gimana cara bikin smtp auth? mslhnya saya sudah setup kolab server yg didalamnya sudah ada postfix, cyrus-imap, sasl, openldap dll di CentOS 4.0. saya sudah coba setting parameter di main.cf seperti smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_security_options = noanomymous broken_sasl_client = yes smtpd_recipient_restrictions = permit_mynetwork, permit_sasl_authenticated, check_relay_domains smtpd_sasl_password_maps = dbm:/etc/sasldb tapi tetap saja waktu saya telnet ke port 25 dan ketik ehlo domain.com tidak muncul message bahwa auth sudah ada. Pak mungkin file smtpd.conf yang dicari oleh Postfix tidak ditemukan, atau coba download saslfinger untuk memeriksa konfigurasi sasl dengan postfix. Sepertinya CentOS 4.3 sudah Postfixnya sudah support SASL: $ cat /etc/redhat-release CentOS release 4.3 (Final) $ rpm -qa | grep postfix postfix-2.1.5-4.2.RHEL4 $ ldd /usr/sbin/postfix | grep sasl libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x00288000) mungkin ngga' utk authentikasi melalui password yd ada di ldap? agar sso ceritanya. Bisa pakai cyrus-sasl dengan pam_ldap atau dengan cyrus-sasl auxprop ke ldap Asfihani
Re: [postfix-users] smtp-auth
On 2/26/09, jeng-lot wrote: > smtpd_sasl_authenticated_header = yes mending ' smtpd_sasl_authenticated_header = no' biar orang nggak bisa lihat user saslnya > isi file /usr/lib/sasl2/smtpd.conf > pwcheck_method: saslauthd > mech_list: plain login > bener 'smtpd.conf' atau 'smtp.conf' ? karena > smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
Re: [postfix-users] smtp-auth
On 2/26/09, setan langit wrote: > On 2/26/09, jeng-lot wrote: >> smtpd_sasl_authenticated_header = yes > > mending ' smtpd_sasl_authenticated_header = no' > biar orang nggak bisa lihat user saslnya > >> isi file /usr/lib/sasl2/smtpd.conf >> pwcheck_method: saslauthd >> mech_list: plain login >> > > bener 'smtpd.conf' atau 'smtp.conf' ? > karena >> smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd > maaf om, tujuannya smtpd auth atau smtp auth?
Re: [postfix-users] SMTP AUTH
- "Imam Cartealy" wrote: > mynetworks = 127.0.0.0/8 10.10.0.0/16 > smtpd_recipient_restrictions = > permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination Kalau diartikan secara harfiah, kira-kira restriksinya adalah sebagai berikut (orders matter): - Ijinkan user yang sukses authentikasi SASL (permit_sasl_authenticated) - Ijinkan user dari network 27.0.0.0/8 10.10.0.0/16 (permit_mynetworks) - Tolak ke tujuan (domain) yg tidak diijinkan (tidak terdaftar di mydestinations, relay_domains dll) Jadi, kalau mau dipaksa agar yang bisa menggunakan SMTP harus auth dulu ya tinggal dihilangkan permit_mynetworks :-). Kira-kira begitu. Rgds, Asfihani
Re: [postfix-users] SMTP AUTH
On Fri, May 01, 2009 at 07:15:05PM +0700, as...@its.ac.id wrote: > > mynetworks = 127.0.0.0/8 10.10.0.0/16 > > smtpd_recipient_restrictions = > > permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination > > Jadi, kalau mau dipaksa agar yang bisa menggunakan SMTP harus auth > dulu ya tinggal dihilangkan permit_mynetworks :-). > kalau ingin tetap restriksinya (& sebagai alternatif), bisa coba mengeset "mynetworks_style = host".
Re: [postfix-users] SMTP AUTH
Om Asfik, Kalo log user SASL auth biar keliatan (baik yang gagal dan yang berhasil) apa yang harus di rubah ya? (tanpa verbos ya :D) hasilnya cuma seperti ini saja: May 13 15:18:24 mail postfix/smtpd[29850]: warning: x.x.x.x[202.x.x.x]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 yang saya mau, kelihatan user siapa yang gagal tsb :D mail# postconf -n | grep sasl broken_sasl_auth_clients = yes smtpd_recipient_restrictions = reject_unknown_sender_domain check_client_access hash:/usr/local/etc/postfix/client_checks check_sender_access regexp:/usr/local/etc/postfix/sender_access permit_mynetworks permit_sasl_authenticated check_recipient_access hash:/usr/local/etc/postfix/recipient_access reject_unknown_reverse_client_hostname reject_unknown_recipient_domainreject_unauth_destination reject_multi_recipient_bouncecheck_recipient_access hash:/usr/local/etc/postfix/roleaccount_exceptions reject_non_fqdn_senderreject_non_fqdn_recipient reject_non_fqdn_hostnamereject_invalid_hostname reject_unauth_pipeliningcheck_sender_access hash:/usr/local/etc/postfix/rhsbl_sender_exceptions check_policy_service inet:127.0.0.1:12525 reject_rhsbl_sender blackholes.mail-abuse.orgpermit smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sender_restrictions = permit_sasl_authenticated permit_mynetworks Thanks, Angky R as...@its.ac.id wrote: - "Imam Cartealy" wrote: mynetworks = 127.0.0.0/8 10.10.0.0/16 smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination Kalau diartikan secara harfiah, kira-kira restriksinya adalah sebagai berikut (orders matter): - Ijinkan user yang sukses authentikasi SASL (permit_sasl_authenticated) - Ijinkan user dari network 27.0.0.0/8 10.10.0.0/16 (permit_mynetworks) - Tolak ke tujuan (domain) yg tidak diijinkan (tidak terdaftar di mydestinations, relay_domains dll) Jadi, kalau mau dipaksa agar yang bisa menggunakan SMTP harus auth dulu ya tinggal dihilangkan permit_mynetworks :-). Kira-kira begitu. Rgds, Asfihani
Re: [postfix-users] smtp auth problem - dovecot-mysql
Tri Hanggoro wrote:
hi ..
saya mempunyai masalah untuk authentikasi smtp menggunakan dovecot
dengan database mysql, setelah melakukan configurasi
postfix+dovecot+mysql
saya melakukan test telnet port 25, menggunakan user yg ada di
passwd-file
dan berhasil, test kirim email ke user passwd-file dan sql, berhasil,
postfix
membaca user yang ada di mysql dan menyimpan email ke directory
yg telah di tentukan, test pop3 dengan user passwd-file dan sql juga
berhasil
tetapi untuk authentikasi smtp menggunakan user sql selalu gagal
berikut log error dovecot:
dovecot: Nov 23 16:10:52 Info: auth(default): client in: AUTH
1 plain service=smtpresp=AHVzZXIwMDRAZWxzZXdoZXJl
Lm9yZwozNDU=
dovecot: Nov 23 16:10:52 Info: auth(default): plain(?): invalid input
dovecot: Nov 23 16:10:54 Info: auth(default): client out: FAIL 1
dovecot: Nov 23 16:12:35 Info: auth(default): client in: AUTH
2 plain service=smtpresp=AHVzZXIwMDRAZWxzZXdoZXJl
Lm9yZwozNDU=
dovecot: Nov 23 16:12:35 Info: auth(default): plain(?): invalid input
dovecot: Nov 23 16:12:36 Info: auth(default): client out: FAIL 2
dovecot: Nov 23 16:15:25 Info: auth(default): client in: AUTH
1 plain service=smtpresp=AHVzZXIwMDRAZWxzZXdoZXJl
Lm9yZwozNDU=
mail log:
Nov 23 16:10:54 tuyul postfix/smtpd[17637]: warning:
localhost[127.0.0.1]: SASL plain authentication failed:
Nov 23 16:11:16 tuyul postfix/smtpd[17637]: disconnect from
localhost[127.0.0.1]
Nov 23 16:12:06 tuyul postfix/smtpd[17637]: connect from
localhost[127.0.0.1]
Nov 23 16:12:10 tuyul postfix/smtpd[17637]: disconnect from
localhost[127.0.0.1]
Nov 23 16:12:22 tuyul postfix/smtpd[17637]: connect from
localhost[127.0.0.1]
Nov 23 16:12:36 tuyul postfix/smtpd[17637]: warning:
localhost[127.0.0.1]: SASL plain authentication failed:
Nov 23 16:12:38 tuyul postfix/smtpd[17637]: disconnect from
localhost[127.0.0.1]
Nov 23 16:15:17 tuyul postfix/smtpd[17673]: connect from
localhost[127.0.0.1]
thanks
tri.h
configurasi main.cf:
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_authenticated_header = yes
broken_sasl_auth_clients = yes
smtpd_sasl_path = smtpd
smtpd_sasl_type = dovecot
smtpd_sasl_path = /var/run/dovecot/auth-client
unknown_local_recipient_reject_code = 550
virtual_alias_maps = mysql:/etc/postfix/mysql/virtual_alias_maps.cf
virtual_gid_maps = static:504
virtual_mailbox_base = /var/vmail/domains
virtual_mailbox_domains =
mysql:/etc/postfix/mysql/virtual_domains_maps.cf
virtual_mailbox_limit = 5120
virtual_mailbox_maps = mysql:/etc/postfix/mysql/virtual_mailbox_maps.cf
virtual_minimum_uid = 100
virtual_transport = virtual
virtual_uid_maps = static:503
--
dovecot.conf:
base_dir = /var/run/dovecot/
protocols = imap imaps pop3 pop3s
log_path = /var/log/dovecot.log
info_log_path = /var/log/dovecot-info.log
log_timestamp = "%b %d %H:%M:%S "
ssl_disable = yes
login_user = dovecot
mail_location = maildir:/var/vmail/domains/%d/%n
mail_extra_groups = postfix
mail_debug = yes
verbose_proctitle = yes
first_valid_uid = 500
first_valid_gid = 500
umask = 0077
maildir_copy_with_hardlinks = yes
protocol imap {
}
protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
}
protocol lda {
postmaster_address = [EMAIL PROTECTED]
}
auth_cache_size = 0
auth_verbose = yes
auth_debug = yes
auth_debug_passwords = yes
auth default {
mechanisms = plain login cram-md5
passdb pam {
}
passdb sql {
args = /etc/dovecot/dovecot-mysql.conf
}
userdb static {
args = uid=vmail gid=vmail home=/var/vmail/domains/%d/%n
}
userdb sql {
args = /etc/dovecot/dovecot-mysql.conf
}
user = root
socket listen {
client {
path = /var/run/dovecot/auth-client
mode = 0660
user = postfix
group = postfix
}
}
}
dict {
#quota = mysql:/etc/dovecot-dict-quota.conf
}
plugin {
}
Bisa lihat isi dovecot-mysql.conf nya?
--
- Cygnus -
Re: [postfix-users] smtp auth problem - dovecot-mysql
Bisa lihat isi dovecot-mysql.conf nya? # Database driver: mysql, pgsql driver = mysql # Currently supported schemes include PLAIN, PLAIN-MD5, DIGEST-MD5, and CRYPT. default_pass_scheme = PLAIN CRYPT PLAIN-MD5 DIGEST-MD5 # Database options connect = host=localhost dbname=postfix user= password= password_query = SELECT password FROM mailbox WHERE username = '%u' AND active = '1' user_query = SELECT maildir, 503 AS uid, 504 AS gid FROM mailbox WHERE username = '%u' AND active = '1' # eof
