vanedler
Well-Known Member
Hallo Leute,
ich will einen Mailserver mit MySQL Unterstützung haben. Ich habe nun Postfix mir Courier-Imap, MySQL 4.020, Sasl2 eingerichtet. Mein Problem ist, dass ich keine Authentifizierung hinbekomme. Genauer gesagt, es wird beim Anmelden mit dem Client der Server gefunden, Benutzer und Passwort werden gesendet. Es wird in der Datenbank der Benutzer und das Passwort abgefragt, aber zurückgewiesen. Meine Installation basiert auf:
http://genco.gen.tc/postfix_virtual.php#postfix , die ich für FreeBSD umgestrickt habe.
Also hier Schritt für Schritt, wie ich die Installation gemacht habe:
Meine MySQL-Log zeigt folgendes:
Weis jemand, wo der Fehler liegt? Ich glaube es ist PAM, aber damit kenne ich mich nicht wirklich aus.
Viele Grüße,
Vanessa
ich will einen Mailserver mit MySQL Unterstützung haben. Ich habe nun Postfix mir Courier-Imap, MySQL 4.020, Sasl2 eingerichtet. Mein Problem ist, dass ich keine Authentifizierung hinbekomme. Genauer gesagt, es wird beim Anmelden mit dem Client der Server gefunden, Benutzer und Passwort werden gesendet. Es wird in der Datenbank der Benutzer und das Passwort abgefragt, aber zurückgewiesen. Meine Installation basiert auf:
http://genco.gen.tc/postfix_virtual.php#postfix , die ich für FreeBSD umgestrickt habe.
Also hier Schritt für Schritt, wie ich die Installation gemacht habe:
Code:
##################################################
### Cyrus Authentifizierung installieren ###
Cyrus SASL2 Install
# cd /usr/ports/security/cyrus-sasl2
# make --with-dblib=berkeley -DWITH_MYSQL -DWITH_AUTHDAEMON -DWITHOUT_PGSQL -DWITHOUT_OTP -DWITHOUT_CRAM -DWITHOUT_DIGEST -DWITHOUT_NTLM
# make install clean
Cyrus SASL2 Authd Install
# cd /usr/ports/security/cyrus-sasl2-saslauthd
# make install clean
# edit /etc/rc.conf
# saslauthd_enable="YES"
##################################################
### OpenLdap Install ###
# cd /usr/ports/net/openldap22-sasl-server
# make install clean
##################################################
### Postfix Install ###
# cd /usr/ports/mail/postfix
# make install clean
----> Build with: PCRE, SASL2, MySQL, LDAP, TLS and BercleyDB4.2
----> Added group "postfix"
.
----> Would you like me to add it? [y]? y
----> Would you like to activate Postfix in /etc/mail/mailer.conf [n]? y
# edit /etc/rc.conf
### rc.conf Ausschnitt ###
sendmail_enable="YES"
sendmail_flags="-bd"
sendmail_pidfile="/var/spool/postfix/pid/master.pid"
sendmail_outbound_enable="NO"
sendmail_submit_enable="NO"
sendmail_msp_queue_enable="NO"
# edit /etc/periodic.conf
### periodic.conf ###
# Use Postfix
daily_clean_hoststat_enable="NO"
daily_status_mail_rejects_enable="NO"
daily_status_include_submit_mailq="NO"
daily_submit_queuerun="NO"
### Ende ###
----> User "postfix" zur Grupper "mail" hinzufügen
### Postfix Datenbank ###
# mysql -u root:rootpass
mysql>CREATE DATABASE mail;
mysql>GRANT all privileges on mail.* TO postfix@localhost IDENTIFIED BY 'postfixpass' ;
mysql>GRANT all privileges on mail.* TO postfix@127.0.0.1 IDENTIFIED BY 'postfixpass' ;
mysql>\q
# SQL-Skript
CREATE TABLE postfix_alias (
id int(11) unsigned NOT NULL auto_increment,
alias varchar(128) NOT NULL default '',
destination varchar(128) NOT NULL default '',
PRIMARY KEY (id)
) TYPE=MyISAM;
CREATE TABLE postfix_relocated (
id int(11) unsigned NOT NULL auto_increment,
email varchar(128) NOT NULL default '',
destination varchar(128) NOT NULL default '',
PRIMARY KEY (id)
) TYPE=MyISAM;
CREATE TABLE postfix_transport (
id int(11) unsigned NOT NULL auto_increment,
domain varchar(128) NOT NULL default '',
destination varchar(128) NOT NULL default '',
PRIMARY KEY (id),
UNIQUE KEY domain (domain)
) TYPE=MyISAM;
CREATE TABLE postfix_virtual_domains (
id int(11) unsigned NOT NULL auto_increment,
domain varchar(128) NOT NULL default '',
destination varchar(128) NOT NULL default '',
PRIMARY KEY (id),
UNIQUE KEY domain (domain)
) TYPE=MyISAM;
CREATE TABLE postfix_users (
id int(11) unsigned NOT NULL auto_increment,
email varchar(128) NOT NULL default '',
clear varchar(128) NOT NULL default '',
crypt varchar(128) NOT NULL default '',
name tinytext NOT NULL,
uid int(11) unsigned NOT NULL default '1001',
gid int(11) unsigned NOT NULL default '1001',
homedir tinytext NOT NULL,
maildir tinytext NOT NULL,
quota tinytext NOT NULL,
access enum('Y','N') NOT NULL default 'Y',
postfix enum('Y','N') NOT NULL default 'Y',
disablepop3 char(1) NOT NULL default '0',
disableimap char(1) NOT NULL default '0',
disablewebmail char(1) NOT NULL default '0',
sharedgroup varchar(128) NOT NULL default '0',
smtpaccess enum('Y','N') NOT NULL default 'Y',
PRIMARY KEY (id),
UNIQUE KEY email (email)
) TYPE=MyISAM;
CREATE TABLE postfix_virtual (
id int(11) unsigned NOT NULL auto_increment,
email varchar(128) NOT NULL default '',
destination varchar(128) NOT NULL default '',
PRIMARY KEY (id)
) TYPE=MyISAM;
CREATE TABLE postfix_access (
id int(10) unsigned NOT NULL auto_increment,
source varchar(128) NOT NULL default '',
access varchar(128) NOT NULL default '',
type enum('recipient','sender','client') NOT NULL default 'recipient',
PRIMARY KEY (id)
) TYPE=MyISAM ;
# Ende SQL-Skript
# Verzeichnis für Viruellen Mailuser einrichten, User vamil, Gruppe vmail
# mkdir /home/vmail
# chown vmail:vmail /home/vmail
# chmod 700 /home/vmail
# Konfigurationsdateien vom Postfix
# cd /usr/local/etc/postfix/
# edit master.cf
----> ändere:
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
----> in:
flags=R user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
# edit main.cf
----> füge folgendes ein:
myhostname = host.domain.tld
mydomain = domain.tld
mydestination = $myhostname
local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname
home_mailbox = Maildir/
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated, check_recipient_access mysql:/usr/local/etc/postfix/mysql-recipient.cf,reject_unauth_destination,permit
smtpd_sender_restrictions = check_sender_access mysql:/usr/local/etc/postfix/mysql-sender.cf
smtpd_client_restrictions = check_client_access mysql:/usr/local/etc/postfix/mysql-client.cf
alias_maps = mysql:/usr/local/etc/postfix/mysql-aliases.cf
relocated_maps = mysql:/usr/local/etc/postfix/mysql-relocated.cf
transport_maps = mysql:/usr/local/etc/postfix/mysql-transport.cf
maildrop_destination_recipient_limit = 1
virtual_transport = maildrop
virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql-virtual-domains.cf
virtual_alias_maps = mysql:/usr/local/etc/postfix/mysql-virtual.cf
virtual_mailbox_base = /home/vmail
virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql-virtual-maps.cf
virtual_uid_maps = mysql:/usr/local/etc/postfix/mysql-virtual-uid.cf
virtual_gid_maps = mysql:/usr/local/etc/postfix/mysql-virtual-gid.cf
smtpd_helo_required = yes
disable_vrfy_command = yes
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_etrn_restrictions = reject
----> MySQL-Maps
# edit mysql-aliases.cf
user = postfix
password = postfixpass
dbname = mail
table = postfix_alias
select_field = destination
where_field = alias
hosts = 127.0.0.1
--------------------------------------------------------------------------------
# edit mysql-relocated.cf
user = postfix
password = postfixpass
dbname = mail
table = postfix_relocated
select_field = destination
where_field = email
hosts = 127.0.0.1
--------------------------------------------------------------------------------
# edit mysql-transport.cf
user = postfix
password = postfixpass
dbname = mail
table = postfix_transport
select_field = destination
where_field = domain
hosts = 127.0.0.1
--------------------------------------------------------------------------------
# edit mysql-virtual-domains.cf
user = postfix
password = postfixpass
dbname = mail
table = postfix_virtual_domains
select_field = destination
where_field = domain
hosts = 127.0.0.1
--------------------------------------------------------------------------------
# edit mysql-virtual.cf
user = postfix
password = postfixpass
dbname = mail
table = postfix_virtual
select_field = destination
where_field = email
hosts = 127.0.0.1
--------------------------------------------------------------------------------
# edit mysql-recipient.cf
user = postfix
password = postfixpass
dbname = mail
table = postfix_access
select_field = access
where_field = source
additional_conditions = and type = 'recipient'
hosts = 127.0.0.1
--------------------------------------------------------------------------------
# edit mysql-sender.cf
user = postfix
password = postfixpass
dbname = mail
table = postfix_access
select_field = access
where_field = source
additional_conditions = and type = 'sender'
hosts = 127.0.0.1
--------------------------------------------------------------------------------
# edit mysql-client.cf
user = postfix
password = postfixpass
dbname = mail
table = postfix_access
select_field = access
where_field = source
additional_conditions = and type = 'client'
hosts = 127.0.0.1
--------------------------------------------------------------------------------
# edit mysql-virtual-maps.cf
user = postfix
password = postfixpass
dbname = mail
table = postfix_users
select_field = maildir
where_field = email
additional_conditions = and postfix = 'y'
hosts = 127.0.0.1
--------------------------------------------------------------------------------
# edit mysql-virtual-uid.cf
user = postfix
password = postfixpass
dbname = mail
table = postfix_users
select_field = uid
where_field = email
additional_conditions = and postfix = 'y'
hosts = 127.0.0.1
--------------------------------------------------------------------------------
# edit mysql-virtual-gid.cf
user = postfix
password = postfixpass
dbname = mail
table = postfix_users
select_field = gid
where_field = email
additional_conditions = and postfix = 'y'
hosts = 127.0.0.1
----> Rechte ändern, da hier Passwörter zu sehen sind
# chmod 640 /usr/local/etc/postfix/mysql-*
# chgrp postfix /usr/local/etc/postfix/mysql-*
##################################################
### Courier-IMAP Install ###
# cd /usr/ports/mail/courier-imap
# make -DWITH_MYSQL
# make install clean
# cd /usr/local/etc/courier-imap
# cp authdaemonrc.dist authdaemonrc
----> ändere:
authmodulelist="authcustom authuserdb authmysql authpam"
----> in:
authmodulelist="authmysql authpam"
# cp authmysqlrc.dist authmysqlrc
# edit authmysqlrc
MYSQL_SERVER 127.0.0.1
MYSQL_USERNAME postfix
MYSQL_PASSWORD postfixpass
MYSQL_PORT 0
MYSQL_OPT 0
MYSQL_DATABASE mail
MYSQL_USER_TABLE postfix_users
MYSQL_CRYPT_PWFIELD crypt
MYSQL_CLEAR_PWFIELD clear
MYSQL_UID_FIELD uid
MYSQL_GID_FIELD gid
MYSQL_LOGIN_FIELD email
MYSQL_HOME_FIELD homedir
MYSQL_NAME_FIELD name
MYSQL_MAILDIR_FIELD maildir
MYSQL_QUOTA_FIELD quota
MYSQL_AUXOPTIONS_FIELD CONCAT("disableimap=",disableimap,",disablepop3=",disablepop3,",disablewebmail=",disablewebmail,",sharedgroup=",sharedgroup)
MYSQL_WHERE_CLAUSE access='y'
----> Rechte ändern
# chmod 600 authmysqlrc
##################################################
### Maildrop Install ###
# pw groupadd vmail -g 1001
# pw useradd vmail -u 1001 -g 1001
# cd /usr/ports/mail/maildrop
# make --prefix=/usr/local/etc/courier-imap --WITH_MAILDIRQUOTA=yes --WITH_TRASHQUOTA=yes --MAILDROP_SUID=1001 --MAILDROP_SGID=1001 --WITH_LDAP=yes --WITH_MYSQL=yes --with-mysqlconfig=/usr/local/etc/courier-imap/maildropmysql.config
# cd /usr/local/etc/courier-imap/
# cp imapd.dist imapd
# edit imapd
modify the following lines:
IMAP_CAPABILITY="IMAP4rev1 CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 IDLE"
IMAPDSTART=YES
# cp pop3d.dist pop3d
# edit pop3d
----> ändere in:
POP3DSTART=YES
# cp pop3d-ssl.dist pop3d-ssl
# edit pop3d-ssl
----> ändere in:
POP3DSSLSTART=YES
# cp imapd-ssl.dist imapd-ssl
# edit imapd-ssl
----> ändere in:
IMAPDSSLSTART=YES
# touch maildropmysql.config
# edit maildropmysql.config
hostname 127.0.0.1
port 3306
database mail
dbuser postfix
dbpw postfixpass
dbtable postfix_users
default_uidnumber 1001
default_gidnumber 1001
uid_field email
uidnumber_field uid
gidnumber_field gid
maildir_field maildir
homedirectory_field homedir
quota_field quota
mailstatus_field postfix
where_clause AND postfix = 'y'
----> Rechte ändern
# chown vmail:vmail maildropmysql.config
# chmod 400 maildropmysql.config
##################################################
### Spamassassin Install ###
# perl -MCPAN -e shell
# o conf prerequisites_policy ask
# install Mail::SpamAssassin
---> eurotool default is no --> into yes
# q
# touch /etc/maildroprc
# edit /etc/maildroprc
if ( $SIZE < 26144 )
{
exception {
xfilter "/usr/local/bin/spamassassin --prefspath=$HOME/$DEFAULT/.spamassassin/user_prefs"
}
}
if (/^X-Spam-Flag: *YES/)
{
exception {
to "$HOME/$DEFAULT/.Spam/"
}
}
else
{
exception {
to "$HOME/$DEFAULT"
}
}
##################################################
### smtp.conf einrichten ###
# touch /usr/local/lib/sasl2/smtpd.conf
# edit /usr/local/lib/sasl2/smtpd.conf
pwcheck_method: auxprop
auxprop_plugin: sql
mech_list: plain login
sql_engine: mysql
sql_hostnames: localhost
sql_user: postfix
sql_passwd: postfixpass
sql_database: mail
sql_select: select clear from postfix_users where email='%u@%r' and smtpaccess='Y';
----> Rechte ändern
# chown postfix:postfix /usr/local/lib/sasl2/smtpd.conf
# chmod 400 /usr/local/lib/sasl2/smtpd.conf
##################################################
### Neuen Mailuser einrichten ###
----> neuen user in Datenbank eintragen
#mysql -u postfix -ppostfixpass
mysql>use mail;
mysql>INSERT INTO postfix_virtual_domains VALUES (' ','domain.tld','maildrop:') ;
mysql> INSERT INTO postfix_users (email,clear,name,homedir,maildir,quota) VALUES
('user@domain.tld','somepass','Vorname Nachname','/home/vmail/','domain.tld/user/Maildir/','10000000') ;
mysql>\q
#Create user home directory and set quota 10 MB.
# su - vmail
# mkdir -p /home/vmail/domain.tld/user
# /usr/local/bin/maildirmake /home/vmail/domain.tld/user/Maildir
# /usr/local/bin/maildirmake -q 10000000S /home/vmail/domain.tld/user/Maildir
----> Server sarten
# /usr/local/libexec/courier-imap/authlib/authdaemond start
# /usr/local/libexec/courier-imap/imapd.rc start
# /usr/local/libexec/courier-imap/pop3d.rc start
# postfix start
##################################################
### PAM Install ###
# cd /usr/ports/security/pam-mysql
# make install clean
# cp /usr/local/lib/pam_mysql.so /usr/lib/pam_mysql.so
# cd /etc
# edit pam.conf
### pam.conf ###
login auth sufficient pam_skey.so
login auth sufficient pam_opie.so no_fake_prompts
login auth requisite pam_cleartext_pass_ok.so
login auth required pam_unix.so try_first_pass
login account required pam_unix.so
login password required pam_permit.so
login session required pam_permit.so
sshd auth sufficient pam_skey.so
sshd auth sufficient pam_opie.so no_fake_prompts
sshd auth required pam_unix.so try_first_pass
sshd account required pam_unix.so
sshd password required pam_permit.so
sshd session required pam_permit.so
telnetd auth required pam_unix.so try_first_pass
xserver auth required pam_permit.so
xdm auth required pam_unix.so
xdm account required pam_unix.so try_first_pass
xdm session required pam_deny.so
xdm password required pam_deny.so
gdm auth required pam_unix.so
gdm account required pam_unix.so try_first_pass
gdm session required pam_permit.so
gdm password required pam_deny.so
other auth sufficient pam_skey.so
other auth required pam_unix.so try_first_pass
other account required pam_unix.so try_first_pass
##################################################
Meine MySQL-Log zeigt folgendes:
Code:
----> Mailabfrage mit Outlook Express, pop3 oder imap ergibt:
041024 15:09:02 3 Connect [email]postfix@localhost.domain.tld[/email] on
3 Init DB mail
3 Query SELECT email, crypt, clear, uid, gid, homedir, "", "", name, CONCAT("disableimap=",disableimap,",disablepop3=",disablepop3,",disablewebmail=",disablewebmail,",sharedgroup=",sharedgroup) FROM postfix_users WHERE email = "user@domain.tld" AND (access='y')
----> Email an [email]user@domain.tld[/email] von einem anderen Mailserver aus, adressse [email]ich@domain.tld[/email] ergibt folgende Eintrage:
041024 15:10:23 4 Connect [email]postfix@localhost.domain.tld[/email] on mail
4 Query select destination from postfix_transport where domain = '*'
4 Query select destination from postfix_transport where domain = '*'
5 Connect [email]postfix@localhost.domain.tld[/email] on mail
5 Query select destination from postfix_virtual where email = 'domain.tld'
6 Connect [email]postfix@localhost.domain.tld[/email] on mail
6 Query select destination from postfix_virtual_domains where domain = 'domain.tld'
4 Query select destination from postfix_transport where domain = 'ich@domain.tld'
4 Query select destination from postfix_transport where domain = 'domain.tld'
4 Query select destination from postfix_transport where domain = '.tld'
7 Connect [email]postfix@localhost.domain.tld[/email] on mail
7 Query select destination from postfix_relocated where email = 'ich@domain.tld'
7 Query select destination from postfix_relocated where email = '@domain.tld'
5 Query select destination from postfix_virtual where email = 'domain.tld'
6 Query select destination from postfix_virtual_domains where domain = 'domain.tld'
4 Query select destination from postfix_transport where domain = 'user@domain.tld'
4 Query select destination from postfix_transport where domain = 'domain.tld'
4 Query select destination from postfix_transport where domain = '.tld'
7 Query select destination from postfix_relocated where email = 'user@domain.tld'
7 Query select destination from postfix_relocated where email = '@domain.tld'
8 Connect [email]postfix@localhost.domain.tld[/email] on mail
8 Query select access from postfix_access where source = 'unknown' and type = 'client'
8 Query select access from postfix_access where source = '213.70.63.69' and type = 'client'
8 Query select access from postfix_access where source = '213.70.63' and type = 'client'
8 Query select access from postfix_access where source = '213.70' and type = 'client'
8 Query select access from postfix_access where source = '213' and type = 'client'
9 Connect [email]postfix@localhost.domain.tld[/email] on mail
9 Query select access from postfix_access where source = 'ich@domain.tld' and type = 'sender'
9 Query select access from postfix_access where source = 'domain.tld' and type = 'sender'
9 Query select access from postfix_access where source = 'tld' and type = 'sender'
9 Query select access from postfix_access where source = 'ich@' and type = 'sender'
10 Connect [email]postfix@localhost.domain.tld[/email] on mail
10 Query select destination from postfix_virtual where email = 'user@domain.tld'
10 Query select destination from postfix_virtual where email = '@domain.tld'
11 Connect [email]postfix@localhost.domain.tld[/email] on mail
11 Query select maildir from postfix_users where email = 'user@domain.tld' and postfix = 'y'
041024 15:10:24 12 Connect [email]postfix@localhost.domain.tld[/email] on mail
12 Query select destination from postfix_virtual where email = 'user@domain.tld'
12 Query select destination from postfix_virtual where email = '@domain.tld'
5 Query select destination from postfix_virtual where email = 'domain.tld'
6 Query select destination from postfix_virtual_domains where domain = 'domain.tld'
4 Query select destination from postfix_transport where domain = 'user@domain.tld'
4 Query select destination from postfix_transport where domain = 'domain.tld'
4 Query select destination from postfix_transport where domain = '.tld'
7 Query select destination from postfix_relocated where email = 'user@domain.tld'
7 Query select destination from postfix_relocated where email = '@domain.tld'
12 Query select destination from postfix_virtual where email = 'ich@domain.tld'
12 Query select destination from postfix_virtual where email = '@domain.tld'
5 Query select destination from postfix_virtual where email = 'domain.tld'
6 Query select destination from postfix_virtual_domains where domain = 'domain.tld'
4 Query select destination from postfix_transport where domain = 'ich@domain.tld'
4 Query select destination from postfix_transport where domain = 'domain.tld'
4 Query select destination from postfix_transport where domain = '.tld'
7 Query select destination from postfix_relocated where email = 'ich@domain.tld'
7 Query select destination from postfix_relocated where email = '@domain.tld'
----> Mail kommt von Postfix an Absender zurük mit der Meldung:
This is the Postfix program at host host.domain.tld.
I'm sorry to have to inform you that your message could not be
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to <postmaster>
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The Postfix program
<user@domain.tld>: user unknown. Command output: Invalid user specified.
Weis jemand, wo der Fehler liegt? Ich glaube es ist PAM, aber damit kenne ich mich nicht wirklich aus.
Viele Grüße,
Vanessa
Zuletzt bearbeitet: