Sziasztok!
Nem tudom osszeloni a postfix-et-es a saslauthd-t.
Azt szeretnem megoldani, hogy a saslauthd a pam-bol vagy a shadow file-bol azonositsa a user-eket,
es ne csak a mynetworks-bol lehessen kuldeni levelet, hanem a user auth utan barhonnan.
Ha levelet kuldok, akkor nem is probal meg autentikalni a 25-os porton, hanem rogton a connect utan relay access denied jon.
A kliensben be van allitva, hogy autentikaljon a szerverrel.
A tobbi resze jo a postfixnek, a szerverre lehet levelet kuldeni.
A konfig:
master.cf:
smtp inet n - n - - smtpd
smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
587 inet n - n - - smtpd -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
main.cf
# sasl
smtpd_sasl_path = private/auth
smtpd_recipient_restrictions = permit_auth_destination,
permit_sasl_authenticated,
permit_mynetworks,
reject_unauth_destination
# smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain =
smtpd_sasl_type = dovecot
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
#tls:
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
smtpd_use_tls=yes
smtpd_tls_loglevel = 1
smtpd_tls_auth_only = no
smtp_use_tls = yes
/etc/sysconfig/saslauthd
# Directory in which to place saslauthd's listening socket, pid file, and so
# on. This directory must already exist.
SOCKETDIR=/var/run/saslauthd
# Mechanism to use when checking passwords. Run "saslauthd -v" to get a list
# of which mechanism your installation was compiled with the ablity to use.
MECH=pam
# Additional flags to pass to saslauthd on the command line. See saslauthd(8)
# for the list of accepted flags.
FLAGS=
Ez ha atallitom shadow-ra akkor megy a saslauthd autentikacio, de pam-al nem.
[root@alepsy-ora sysconfig]# testsaslauthd -u user -p passwd
0: OK "Success."
/etc/sasl2/smtpd.conf
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
saslauthd_path: /var/run/saslauthd/mux
log_level: 3
/var/run/saslauthd
[root]# ls -al
Ăśsszesen 20
drwxr-xr-x 2 root root 4096 okt 22 12.52 .
drwxr-xr-x 22 root root 4096 okt 22 12.56 ..
srwxrwxrwx 1 root root 0 okt 22 12.52 mux
-rw------- 1 root root 0 okt 22 12.52 mux.accept
-rw------- 1 root root 6 okt 22 12.52 saslauthd.pid
[root]# ls -al /var/spool/postfix/var/run/
Ăśsszesen 8
drwxr-xr-x 2 postfix root 4096 okt 22 12.37 .
drwxr-xr-x 3 postfix root 4096 okt 22 12.05 ..
lrwxrwxrwx 1 root root 18 okt 22 12.37 saslauthd -> /var/run/saslauthd
Elore is koszi, ha van barmi tippetek.
- 1694 megtekintés