Postfix+TLS+SASL

Martin Hudec corwin at aeternal.net
Mon Jan 26 16:43:48 CET 2004


Ahojte,

Snazim sa pouzit KMail s TLS + DIGEST-MD5 na odosielanie emailov, pricom ako 
user pracujem lokalne s postfixom, nastavil som:

saslpasswd2 -a postfix -u aeternal.net -c corwin

vytvori mi to sasldb2.db ale logfile mi zahlasi:

Jan 26 14:40:02 amber saslpasswd2: setpass succeeded for corwin
Jan 26 14:40:02 amber saslpasswd2: Couldn't update db

sasldblistusers2 vylistuje:
corwin at aeternal.net: userPassword

Preco mi ale log povie ze nevie updatnut db?

Druha vec je, ze neviem nastavit KMail, resp. postfix, resp. SASL na odoslanie 
mailov pomocou KMailoveho TLS+DIGEST-MD5..

V logoch vidim toto:
Jan 26 14:52:23 amber postfix/smtpd[16912]: connect from localhost[127.0.0.1]
Jan 26 14:52:23 amber postfix/smtpd[16912]: setting up TLS connection from 
localhost[127.0.0.1]
Jan 26 14:52:24 amber postfix/smtpd[16912]: TLS connection established from 
localhost[127.0.0.1]: TLSv1 with cipher RC4-MD5 (128/128 bits)
Jan 26 14:52:24 amber postfix/smtpd[16912]: warning: SASL authentication 
failure: no user in db
Jan 26 14:52:24 amber postfix/smtpd[16912]: warning: SASL authentication 
failure: client response doesn't match what we generated
Jan 26 14:52:24 amber postfix/smtpd[16912]: warning: localhost[127.0.0.1]: 
SASL DIGEST-MD5 authentication failed
Jan 26 14:52:25 amber postfix/smtpd[16912]: disconnect from 
localhost[127.0.0.1]

Budem vdacny za akukolvek pomoc, dnes sa tomu venujem uz cely den a neviem sa 
vysomarit..dakujem krasne..


/usr/local/lib/sasl2/smtpd.conf:
----------------------------------
pwcheck_method:saslauthd

/etc/postfix/main.cf:
---------------------
# sasl config
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = aeternal.net

smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, 
reject_unauth_destination

# tls config
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_startssl_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.pem
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.pem
smtpd_tls_CA_file = /etc/postfix/ssl/smtpd.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom


-- 
:
:. kind regards
:..                      Martin Hudec
:.:
:.: =w= http://www.aeternal.net
:.: =m= +421.907.303393
:.: =@= corwin at aeternal.net
:.:
:.: "When you want something, all the universe 
:.:   conspires in helping you to achieve it."
:.:                   - The Alchemist (Paulo Coelho)




More information about the Users-l mailing list