Re: [postfix-users] smtp auth
On Tue, May 04, 2004 at 02:46:01PM -0700, Jays wrote: > Hi all, > > saya coba mengaktifkan smtp auth dgn sasl. > tapi saya coba telnet hasilnya spt ini. > > saya pake authsasl -> mysql. (dari techie.org) > pls helpknapa failed. > > - > Connected to localhost. > Escape character is '^]'. > 220 xxx.co.id ESMTP Postfix > ehlo gue.com > 250-xxx.co.id > 250-PIPELINING > 250-SIZE 102400 > 250-ETRN > 250-AUTH LOGIN PLAIN DIGEST-MD5 CRAM-MD5 > 250-AUTH=LOGIN PLAIN DIGEST-MD5 CRAM-MD5 > 250-XVERP > 250 8BITMIME > auth mysql dGVzdABqYXlzQGluZm8uZ3VuYW51c2EuY28uaWRT > 535 Error: authentication failed > quit > 221 Bye > Connection closed by foreign host. coba pada /etc/postfix/master.cf, edit baris pertama (yang tanpa komentar) menjadi: smtp inet n - n - - smtpd -v -v di akhir itu untuk menyatakan "verbose", atau "keterangan lebih lengkap". Keterangan ini yang di tampilkan di log. misal log mail anda di /var/log/mail.log, maka sebelum menjalankan test autentikasi, jalankan: shell$ tail -f /var/log/mail.log perhatikan keterangan di log tersebut untuk mengetahui bagian mana yang salah. Semoga membantu > > ./jays > -- Program Diploma Teknik Elektro Universitas Gadjah Mada Yogyakarta http://te.pdft.ugm.ac.id/~jaya
Re: [postfix-users] smtp auth
On Wed, May 05, 2004 at 02:40:53AM +0700, I Gede Wijaya S wrote: > > 250 8BITMIME > > auth mysql dGVzdABqYXlzQGluZm8uZ3VuYW51c2EuY28uaWRT ^ > > 535 Error: authentication failed > > quit > > 221 Bye ... > coba pada /etc/postfix/master.cf, edit baris pertama (yang tanpa > komentar) menjadi: > smtp inet n - n - - smtpd -v itu terlalu jauh, di atas, cara testingnya salah. coba baca lagi SASL_README. Salam, P.Y. Adi Prasaja
RE: [postfix-users] smtp auth
> -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of I > Gede Wijaya S > Sent: Tuesday, May 04, 2004 12:41 PM > To: [EMAIL PROTECTED] > Subject: Re: [postfix-users] smtp auth > > > On Tue, May 04, 2004 at 02:46:01PM -0700, Jays wrote: > > Hi all, > > > > saya coba mengaktifkan smtp auth dgn sasl. > > tapi saya coba telnet hasilnya spt ini. > > > > saya pake authsasl -> mysql. (dari techie.org) > > pls helpknapa failed. > > > > - > > Connected to localhost. > > Escape character is '^]'. > > 220 xxx.co.id ESMTP Postfix > > ehlo gue.com > > 250-xxx.co.id > > 250-PIPELINING > > 250-SIZE 102400 > > 250-ETRN > > 250-AUTH LOGIN PLAIN DIGEST-MD5 CRAM-MD5 > > 250-AUTH=LOGIN PLAIN DIGEST-MD5 CRAM-MD5 > > 250-XVERP > > 250 8BITMIME > > auth mysql dGVzdABqYXlzQGluZm8uZ3VuYW51c2EuY28uaWRT > > 535 Error: authentication failed > > quit > > 221 Bye > > Connection closed by foreign host. > coba pada /etc/postfix/master.cf, edit baris pertama (yang tanpa > komentar) menjadi: > smtp inet n - n - - smtpd -v > > -v di akhir itu untuk menyatakan "verbose", atau "keterangan lebih > lengkap". Keterangan ini yang di tampilkan di log. misal log mail anda > di /var/log/mail.log, maka sebelum menjalankan test autentikasi, > jalankan: > shell$ tail -f /var/log/mail.log > > perhatikan keterangan di log tersebut untuk mengetahui bagian > mana yang > salah. Semoga membantu > > saya sudah mencoba -v pada master.cf di bawah ini ada baris : May 5 08:18:48 info postfix/smtpd[17646]: warning: SASL authentication failure: Can only find author/en (no password) apa ini masalahnyatapi penyebabnya apa dan bagaimana resolve nya??? pls help ./jays ini log nya: May 5 08:18:28 info postfix/smtpd[17646]: connect from unknown[10.0.0.6] May 5 08:18:28 info postfix/smtpd[17646]: > unknown[10.0.0.6]: 220 mx1.info.xyz.co.id ESMTP Postfix May 5 08:18:28 info postfix/smtpd[17646]: watchdog_pat: 0x80b0698 May 5 08:18:39 info postfix/smtpd[17646]: < unknown[10.0.0.6]: ehlo info.xyz.co.id May 5 08:18:39 info postfix/smtpd[17646]: > unknown[10.0.0.6]: 250-mx1.info.xyz.co.id May 5 08:18:39 info postfix/smtpd[17646]: > unknown[10.0.0.6]: 250-PIPELINING May 5 08:18:39 info postfix/smtpd[17646]: > unknown[10.0.0.6]: 250-SIZE 102400 May 5 08:18:39 info postfix/smtpd[17646]: > unknown[10.0.0.6]: 250-ETRN May 5 08:18:39 info postfix/smtpd[17646]: > unknown[10.0.0.6]: 250-AUTH LOGIN PLAIN DIGEST-MD5 CRAM-MD5 May 5 08:18:39 info postfix/smtpd[17646]: > unknown[10.0.0.6]: 250-AUTH=LOGIN PLAIN DIGEST-MD5 CRAM-MD5 May 5 08:18:39 info postfix/smtpd[17646]: match_hostname: unknown ~? 127.0.0.0/8 May 5 08:18:39 info postfix/smtpd[17646]: match_hostaddr: 10.0.0.6 ~? 127.0.0.0/8 May 5 08:18:39 info postfix/smtpd[17646]: match_hostname: unknown ~? 202.158.28.0/28 May 5 08:18:39 info postfix/smtpd[17646]: match_hostaddr: 10.0.0.6 ~? 202.158.28.0/28 May 5 08:18:39 info postfix/smtpd[17646]: match_hostname: unknown ~? 10.0.0.0/24 May 5 08:18:39 info postfix/smtpd[17646]: match_hostaddr: 10.0.0.6 ~? 10.0.0.0/24 May 5 08:18:39 info postfix/smtpd[17646]: > unknown[10.0.0.6]: 250-XVERP May 5 08:18:39 info postfix/smtpd[17646]: > unknown[10.0.0.6]: 250 8BITMIME May 5 08:18:39 info postfix/smtpd[17646]: watchdog_pat: 0x80b0698 May 5 08:18:48 info postfix/smtpd[17646]: < unknown[10.0.0.6]: AUTH PLAIN amF5c0BpbmZvLmd1bmFudXNhLmNvLmlkAGpheXNAaW5mby5ndW5hbnVzYS5jby5pZFM= May 5 08:18:48 info postfix/smtpd[17646]: smtpd_sasl_authenticate: sasl_method PLAIN, init_response amF5c0BpbmZvLmd1bmFudXNhLmNvLmlkAGpheXNAaW5mby5ndW5hbnVzYS5jby5pZFM= May 5 08:18:48 info postfix/smtpd[17646]: smtpd_sasl_authenticate: decoded initial response [EMAIL PROTECTED] May 5 08:18:48 info postfix/smtpd[17646]: warning: SASL authentication failure: Can only find author/en (no password) May 5 08:18:48 info postfix/smtpd[17646]: warning: unknown[10.0.0.6]: SASL PLAIN authentication failed May 5 08:18:48 info postfix/smtpd[17646]: > unknown[10.0.0.6]: 535 Error: authentication failed May 5 08:18:49 info postfix/smtpd[17646]: watchdog_pat: 0x80b0698 May 5 08:18:52 info postfix/smtpd[17646]: < unknown[10.0.0.6]: quit May 5 08:18:52 info postfix/smtpd[17646]: > unknown[10.0.0.6]: 221 Bye May 5 08:18:52 info postfix/smtpd[17646]: disconnect from unknown[10.0.0.6] May 5 08:18:52 info postfix/smtpd[17646]: master_notify: status 1 May 5 08:18:52 info postfix/smtpd[17646]: connection closed May 5 08:18:52 info postfix/smtpd[17646]: watchdog_stop: 0x80b0698 May 5 08:18:52 info postfix/smtpd[17646]: watchdog_start: 0x80b0698 May 5 08:19:04 info postfix/smtpd[17646]: proxymap stream disconnect May 5 08:19:04 info postfix/smtpd[17646]: watchdog_stop: 0x80b0698 May 5 08:19:04 info postfix/smtpd[17646]: watchdog_start: 0x80b0698
Re: [postfix-users] smtp auth
hehe wrote: hi, mau nanya gimana cara bikin smtp auth? mslhnya saya sudah setup kolab server yg didalamnya sudah ada postfix, cyrus-imap, sasl, openldap dll di CentOS 4.0. saya sudah coba setting parameter di main.cf seperti smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_security_options = noanomymous broken_sasl_client = yes smtpd_recipient_restrictions = permit_mynetwork, permit_sasl_authenticated, check_relay_domains smtpd_sasl_password_maps = dbm:/etc/sasldb tapi tetap saja waktu saya telnet ke port 25 dan ketik ehlo domain.com tidak muncul message bahwa auth sudah ada. Pak mungkin file smtpd.conf yang dicari oleh Postfix tidak ditemukan, atau coba download saslfinger untuk memeriksa konfigurasi sasl dengan postfix. Sepertinya CentOS 4.3 sudah Postfixnya sudah support SASL: $ cat /etc/redhat-release CentOS release 4.3 (Final) $ rpm -qa | grep postfix postfix-2.1.5-4.2.RHEL4 $ ldd /usr/sbin/postfix | grep sasl libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x00288000) mungkin ngga' utk authentikasi melalui password yd ada di ldap? agar sso ceritanya. Bisa pakai cyrus-sasl dengan pam_ldap atau dengan cyrus-sasl auxprop ke ldap Asfihani
Re: [postfix-users] smtp-auth
On 2/26/09, jeng-lot wrote: > smtpd_sasl_authenticated_header = yes mending ' smtpd_sasl_authenticated_header = no' biar orang nggak bisa lihat user saslnya > isi file /usr/lib/sasl2/smtpd.conf > pwcheck_method: saslauthd > mech_list: plain login > bener 'smtpd.conf' atau 'smtp.conf' ? karena > smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
Re: [postfix-users] smtp-auth
On 2/26/09, setan langit wrote: > On 2/26/09, jeng-lot wrote: >> smtpd_sasl_authenticated_header = yes > > mending ' smtpd_sasl_authenticated_header = no' > biar orang nggak bisa lihat user saslnya > >> isi file /usr/lib/sasl2/smtpd.conf >> pwcheck_method: saslauthd >> mech_list: plain login >> > > bener 'smtpd.conf' atau 'smtp.conf' ? > karena >> smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd > maaf om, tujuannya smtpd auth atau smtp auth?
Re: [postfix-users] SMTP AUTH
- "Imam Cartealy" wrote: > mynetworks = 127.0.0.0/8 10.10.0.0/16 > smtpd_recipient_restrictions = > permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination Kalau diartikan secara harfiah, kira-kira restriksinya adalah sebagai berikut (orders matter): - Ijinkan user yang sukses authentikasi SASL (permit_sasl_authenticated) - Ijinkan user dari network 27.0.0.0/8 10.10.0.0/16 (permit_mynetworks) - Tolak ke tujuan (domain) yg tidak diijinkan (tidak terdaftar di mydestinations, relay_domains dll) Jadi, kalau mau dipaksa agar yang bisa menggunakan SMTP harus auth dulu ya tinggal dihilangkan permit_mynetworks :-). Kira-kira begitu. Rgds, Asfihani
Re: [postfix-users] SMTP AUTH
On Fri, May 01, 2009 at 07:15:05PM +0700, as...@its.ac.id wrote: > > mynetworks = 127.0.0.0/8 10.10.0.0/16 > > smtpd_recipient_restrictions = > > permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination > > Jadi, kalau mau dipaksa agar yang bisa menggunakan SMTP harus auth > dulu ya tinggal dihilangkan permit_mynetworks :-). > kalau ingin tetap restriksinya (& sebagai alternatif), bisa coba mengeset "mynetworks_style = host".
Re: [postfix-users] SMTP AUTH
Om Asfik, Kalo log user SASL auth biar keliatan (baik yang gagal dan yang berhasil) apa yang harus di rubah ya? (tanpa verbos ya :D) hasilnya cuma seperti ini saja: May 13 15:18:24 mail postfix/smtpd[29850]: warning: x.x.x.x[202.x.x.x]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 yang saya mau, kelihatan user siapa yang gagal tsb :D mail# postconf -n | grep sasl broken_sasl_auth_clients = yes smtpd_recipient_restrictions = reject_unknown_sender_domain check_client_access hash:/usr/local/etc/postfix/client_checks check_sender_access regexp:/usr/local/etc/postfix/sender_access permit_mynetworks permit_sasl_authenticated check_recipient_access hash:/usr/local/etc/postfix/recipient_access reject_unknown_reverse_client_hostname reject_unknown_recipient_domainreject_unauth_destination reject_multi_recipient_bouncecheck_recipient_access hash:/usr/local/etc/postfix/roleaccount_exceptions reject_non_fqdn_senderreject_non_fqdn_recipient reject_non_fqdn_hostnamereject_invalid_hostname reject_unauth_pipeliningcheck_sender_access hash:/usr/local/etc/postfix/rhsbl_sender_exceptions check_policy_service inet:127.0.0.1:12525 reject_rhsbl_sender blackholes.mail-abuse.orgpermit smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sender_restrictions = permit_sasl_authenticated permit_mynetworks Thanks, Angky R as...@its.ac.id wrote: - "Imam Cartealy" wrote: mynetworks = 127.0.0.0/8 10.10.0.0/16 smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination Kalau diartikan secara harfiah, kira-kira restriksinya adalah sebagai berikut (orders matter): - Ijinkan user yang sukses authentikasi SASL (permit_sasl_authenticated) - Ijinkan user dari network 27.0.0.0/8 10.10.0.0/16 (permit_mynetworks) - Tolak ke tujuan (domain) yg tidak diijinkan (tidak terdaftar di mydestinations, relay_domains dll) Jadi, kalau mau dipaksa agar yang bisa menggunakan SMTP harus auth dulu ya tinggal dihilangkan permit_mynetworks :-). Kira-kira begitu. Rgds, Asfihani
Re: [postfix-users] smtp auth problem - dovecot-mysql
Tri Hanggoro wrote: hi .. saya mempunyai masalah untuk authentikasi smtp menggunakan dovecot dengan database mysql, setelah melakukan configurasi postfix+dovecot+mysql saya melakukan test telnet port 25, menggunakan user yg ada di passwd-file dan berhasil, test kirim email ke user passwd-file dan sql, berhasil, postfix membaca user yang ada di mysql dan menyimpan email ke directory yg telah di tentukan, test pop3 dengan user passwd-file dan sql juga berhasil tetapi untuk authentikasi smtp menggunakan user sql selalu gagal berikut log error dovecot: dovecot: Nov 23 16:10:52 Info: auth(default): client in: AUTH 1 plain service=smtpresp=AHVzZXIwMDRAZWxzZXdoZXJl Lm9yZwozNDU= dovecot: Nov 23 16:10:52 Info: auth(default): plain(?): invalid input dovecot: Nov 23 16:10:54 Info: auth(default): client out: FAIL 1 dovecot: Nov 23 16:12:35 Info: auth(default): client in: AUTH 2 plain service=smtpresp=AHVzZXIwMDRAZWxzZXdoZXJl Lm9yZwozNDU= dovecot: Nov 23 16:12:35 Info: auth(default): plain(?): invalid input dovecot: Nov 23 16:12:36 Info: auth(default): client out: FAIL 2 dovecot: Nov 23 16:15:25 Info: auth(default): client in: AUTH 1 plain service=smtpresp=AHVzZXIwMDRAZWxzZXdoZXJl Lm9yZwozNDU= mail log: Nov 23 16:10:54 tuyul postfix/smtpd[17637]: warning: localhost[127.0.0.1]: SASL plain authentication failed: Nov 23 16:11:16 tuyul postfix/smtpd[17637]: disconnect from localhost[127.0.0.1] Nov 23 16:12:06 tuyul postfix/smtpd[17637]: connect from localhost[127.0.0.1] Nov 23 16:12:10 tuyul postfix/smtpd[17637]: disconnect from localhost[127.0.0.1] Nov 23 16:12:22 tuyul postfix/smtpd[17637]: connect from localhost[127.0.0.1] Nov 23 16:12:36 tuyul postfix/smtpd[17637]: warning: localhost[127.0.0.1]: SASL plain authentication failed: Nov 23 16:12:38 tuyul postfix/smtpd[17637]: disconnect from localhost[127.0.0.1] Nov 23 16:15:17 tuyul postfix/smtpd[17673]: connect from localhost[127.0.0.1] thanks tri.h configurasi main.cf: smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = $myhostname smtpd_sasl_authenticated_header = yes broken_sasl_auth_clients = yes smtpd_sasl_path = smtpd smtpd_sasl_type = dovecot smtpd_sasl_path = /var/run/dovecot/auth-client unknown_local_recipient_reject_code = 550 virtual_alias_maps = mysql:/etc/postfix/mysql/virtual_alias_maps.cf virtual_gid_maps = static:504 virtual_mailbox_base = /var/vmail/domains virtual_mailbox_domains = mysql:/etc/postfix/mysql/virtual_domains_maps.cf virtual_mailbox_limit = 5120 virtual_mailbox_maps = mysql:/etc/postfix/mysql/virtual_mailbox_maps.cf virtual_minimum_uid = 100 virtual_transport = virtual virtual_uid_maps = static:503 -- dovecot.conf: base_dir = /var/run/dovecot/ protocols = imap imaps pop3 pop3s log_path = /var/log/dovecot.log info_log_path = /var/log/dovecot-info.log log_timestamp = "%b %d %H:%M:%S " ssl_disable = yes login_user = dovecot mail_location = maildir:/var/vmail/domains/%d/%n mail_extra_groups = postfix mail_debug = yes verbose_proctitle = yes first_valid_uid = 500 first_valid_gid = 500 umask = 0077 maildir_copy_with_hardlinks = yes protocol imap { } protocol pop3 { pop3_uidl_format = %08Xu%08Xv pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s } protocol lda { postmaster_address = [EMAIL PROTECTED] } auth_cache_size = 0 auth_verbose = yes auth_debug = yes auth_debug_passwords = yes auth default { mechanisms = plain login cram-md5 passdb pam { } passdb sql { args = /etc/dovecot/dovecot-mysql.conf } userdb static { args = uid=vmail gid=vmail home=/var/vmail/domains/%d/%n } userdb sql { args = /etc/dovecot/dovecot-mysql.conf } user = root socket listen { client { path = /var/run/dovecot/auth-client mode = 0660 user = postfix group = postfix } } } dict { #quota = mysql:/etc/dovecot-dict-quota.conf } plugin { } Bisa lihat isi dovecot-mysql.conf nya? -- - Cygnus -
Re: [postfix-users] smtp auth problem - dovecot-mysql
Bisa lihat isi dovecot-mysql.conf nya? # Database driver: mysql, pgsql driver = mysql # Currently supported schemes include PLAIN, PLAIN-MD5, DIGEST-MD5, and CRYPT. default_pass_scheme = PLAIN CRYPT PLAIN-MD5 DIGEST-MD5 # Database options connect = host=localhost dbname=postfix user= password= password_query = SELECT password FROM mailbox WHERE username = '%u' AND active = '1' user_query = SELECT maildir, 503 AS uid, 504 AS gid FROM mailbox WHERE username = '%u' AND active = '1' # eof