From: Fateyev Grigory <greg@anastasia.ru>
To: community@altlinux.ru
Subject: Re: [Comm] postfix+sasl
Date: Thu, 10 Jun 2004 12:49:16 +0400
Message-ID: <20040610124916.231dc627.greg@anastasia.ru> (raw)
In-Reply-To: <40C7E7AB.80709@junior.esoo.ru>
[-- Attachment #1: Type: text/plain, Size: 1986 bytes --]
Здравствуйте, Anton Kvashin!
10 Июня 2004г. в 10:46 Вы написали:
> Fateyev Grigory пишет:
>
> >Я пересобрал данный пакет но файла /usr/lib/postfix/smtp-sasl таки не
> >появился! Может его и не должно быть?
> >
> >
> Для smtp-аутентификации используется cyrus-sasl. Чтобы использовать
> этот модуль, необходимо в /etc/postfix/main.cf
> smtpd_sasl_auth_enable = yes
> В /usr/lib/sasl2/smtpd.conf (SASL version 2) вам необходимо определить
>
> как сервер будет проверять валидность паролей пользователей.
>
> postfix/smtpd[5860]: 97030E4E1: client=****[****], sasl_method=PLAIN,
> sasl_username=username
> ^^^^^^
> вот что должно быть
А какую из строк?
# -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
# -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
Открыл первую строку и...
# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host.
и в логах появились ошибки:
Jun 10 12:08:21 home postfix/smtpd[9503]: TLS engine: do need at least
RSA _or_ DSA cert/key data Jun 10 12:08:21 home postfix/smtpd[9503]:
connect from localhost.localdomain[127.0.0.1] Jun 10 12:08:21 home
postfix/smtpd[9503]: tls_engine not running
Так понял нет ключа.
Создал его по этой статье:
http://yocum.org/faqs/postfix-tls-sasl.html
Jun 10 12:40:07 home postfix/smtpd[11889]: connect from
localhost.localdomain[127.0.0.1] Jun 10 12:40:07 home
postfix/smtpd[11889]: setting up TLS connection from
localhost.localdomain[127.0.0.1] Jun 10 12:40:16 home
postfix/smtpd[11889]: SSL_accept error from
localhost.localdomain[127.0.0.1]: -1 Jun 10 12:40:16 home
postfix/smtpd[11889]: 11889:error:140760FC:SSL
routines:SSL23_GET_CLIENT_HELLO:unknown protocol:s23_srvr.c:641:
Я так понимаю моя главная проблема "connect from
localhost.localdomain[127.0.0.1]" -- а должен быть мой домен.
Что я не докрутил?
/etc/postfix/main.cf прикреплён к письму.
--
Всего наилучшего!
greg@anastasia.ru Григорий.
[-- Attachment #2: main.txt --]
[-- Type: text/plain, Size: 1840 bytes --]
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
mail_owner = postfix
default_privs = postman
myhostname = home.greg.com.ru
mydomain = greg.com.ru
myorigin = $mydomain
inet_interfaces = $myhostname, localhost
mydestination = localhost, $myhostname, localhost.$mydomain, $config_directory/mydestination
mynetworks = 62.33.35.36, 127.0.0.0/8
canonical_maps = hash:/etc/postfix/canonical
default_transport = smtp
alias_maps = hash:/etc/postfix/aliases
alias_database = hash:/etc/postfix/aliases
mailbox_command = /usr/bin/procmail -a $DOMAIN -d $LOGNAME
mailbox_transport = cyrus
disable_vrfy_command = yes
smtpd_banner = $myhostname ESMTP $mail_name
debug_peer_level = 2
debugger_command =
allow_mail_to_commands = alias
smtpd_etrn_restrictions = permit_mynetworks, reject
smtpd_helo_required = yes
notify_classes = policy,protocol,resource,software
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = postdrop
manpage_directory = /usr/share/man
sample_directory = /etc/postfix/samples
readme_directory = /etc/postfix/README_FILES
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/saslpass
smtp_sasl_password_options = noplaintext
smtpd_recipient_restrictions =
permit_sasl_authenticated,
permit_mynetworks,
reject_unauth_destination
unknown_local_recipient_reject_code = 450
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.pem
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.pem
smtpd_tls_CAfile = /etc/postfix/ssl/smtpd.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
next prev parent reply other threads:[~2004-06-10 8:49 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-06-06 15:10 Fateyev Grigory
2004-06-07 7:31 ` Reshmakov Roman
2004-06-07 9:48 ` Anton Kvashin
2004-06-07 16:50 ` sergey ivanov
2004-06-08 7:02 ` Anton Kvashin
2004-06-08 21:45 ` sergey ivanov
2004-06-09 5:45 ` Anton Kvashin
2004-06-09 12:17 ` Fateyev Grigory
2004-06-09 13:30 ` Alexei Takaseev
2004-06-10 4:46 ` Anton Kvashin
2004-06-10 8:49 ` Fateyev Grigory [this message]
2004-06-10 9:54 ` Anton Kvashin
2004-06-10 12:19 ` Fateyev Grigory
2004-06-11 5:58 ` Anton Kvashin
2004-06-12 10:57 ` Fateyev Grigory
2004-06-15 9:24 ` Anton Kvashin
2004-06-16 11:18 ` Fateyev Grigory
2004-06-16 11:45 ` Anton Kvashin
2004-06-19 10:18 ` Fateyev Grigory
2004-06-20 12:37 ` Fateyev Grigory
2004-06-20 13:35 ` Fateyev Grigory
2004-06-09 13:28 ` Alexei Takaseev
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20040610124916.231dc627.greg@anastasia.ru \
--to=greg@anastasia.ru \
--cc=community@altlinux.ru \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
ALT Linux Community general discussions
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/community/0 community/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 community community/ http://lore.altlinux.org/community \
mandrake-russian@linuxteam.iplabs.ru community@lists.altlinux.org community@lists.altlinux.ru community@lists.altlinux.com
public-inbox-index community
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.community
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git