Postfix mit MySQL, Sasl2, Courier, POP3, Imap

vanedler

vanedler

Well-Known Member
Hallo Leute,

bin gerade dabei meinen Testserver für virtual Hosting aufzusetzten und mit Hilfe einiger Anleitungen und guten Tipps ist er nun fast fertig. Ich bin sehr zufrieden mit allen Diensten. Ein Problem aber bleibt. Ich möchte einen Maildienst haben, der mit Postfix, Courier-Imap mit POP3 und IMAP arbeitet, die Userdaten aus einer MySQL Datenbank holt. Ich sitze nun seit 3 Monaten an diesem Problem, habe alle möglichen Anleitungen durchgekaut und nach wie vor, wie am ersten Tag die gleichen Fehlermeldungen, die ich hier jetzt poste um euch um Hilfe zu bitten... :rolleyes:

Outlook Express meldet:
Code: 
Ein Problem ist bei der Anmeldung am Mailserver aufgetreten. Das Kennwort wurde zurückgewiesen. Konto: 'mail@domain.tld', Server: '192.168.1.4', Protokoll: POP3, Serverantwort: '-ERR Maildir: No such file or directory', Port: 110, Secure (SSL): Nein, Serverfehler: 0x800CCC90, Fehlernummer: 0x800CCC92

Habe dann mal ein MySQL Debug gemacht, ob die Userdaten abgefragt werden:
Code: 
041224 11:10:29	      3 Connect     ?postfixuser?@localhost on 
		      3 Init DB     ?postfixdb?
		      3 Query       SELECT username, password, "", '125', '125', '/usr/local/virtual', maildir, quota, name, CONCAT("disableimap=",disableimap,",disablepop3=",disablepop3,",disablewebmail=",disablewebmail,",sharedgroup=",sharedgroup) FROM mailbox WHERE username = "mail@domain.tld" AND (active='1')

Folgendes Maildienst-Relevantes ist installiert:

Mysql:
# cd /usr/ports/databases/mysql40-server
# make -DWITH_OPENSSL=yes -DBUILD_OPTIMIZED=yes install clean

Sasl2:
# cd /usr/ports/security/cyrus-sasl2
# make -DWITH_MYSQL -DWITH_AUTHDAEMON -DWITHOUT_PGSQL -DWITHOUT_OTP -DWITHOUT_CRAM -DWITHOUT_DIGEST -DWITHOUT_NTLM

Sasl2 authd:
# cd /usr/ports/security/cyrus-sasl2-saslauthd
# make install clean

Postfix:
# cd /usr/ports/mail/postfix
# make install clean

----> Build with: SASL2, MySQL, IPv6TLS, VDA

----> Added group "postfix"
.
----> Would you like me to add it? [y]? y

----> Would you like to activate Postfix in /etc/mail/mailer.conf [n]? y

Courier-IMAP:
# cd /usr/ports/mail/courier-imap
# make -DWITH_MYSQL install clean

Postfixadmin
# cd /usr/ports/mail/postfixadmin
# make install clean

Folgende Konfiguration habe ich:

Postfix main.cf:
Code: 
virtual_alias_maps = mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:125
virtual_mailbox_base = /usr/local/virtual
virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 51200000
virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 1005
virtual_transport = virtual
virtual_uid_maps = static:125
# Additional for quota support
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace, please try again later.
virtual_overquota_bounce = yes
#If you want to use MySQL also to store your Backup MX domains add this as well 
relay_domains = proxy:mysql:/usr/local/etc/postfix/mysql_relay_domains_maps.cf
#
readme_directory = /usr/local/share/doc/postfix
sample_directory = /usr/local/etc/postfix
sendmail_path = /usr/local/sbin/sendmail
html_directory = no
setgid_group = maildrop
command_directory = /usr/local/sbin
manpage_directory = /usr/local/man
daemon_directory = /usr/local/libexec/postfix
newaliases_path = /usr/local/bin/newaliases
mailq_path = /usr/local/bin/mailq
queue_directory = /var/spool/postfix
mail_owner = postfix
unknown_local_recipient_reject_code = 450
#
#
# Sasl2 inclusive einiger Spamfilter
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = 
  permit_mynetworks,
  permit_sasl_authenticated,
  reject_non_fqdn_hostname,
  reject_non_fqdn_sender,
  reject_non_fqdn_recipient,  
  reject_unauth_destination,
  reject_unauth_pipelining,   
  reject_invalid_hostname,
  reject_rbl_client opm.blitzed.org,
  reject_rbl_client list.dsbl.org,
  reject_rbl_client bl.spamcop.net,
  reject_rbl_client sbl-xbl.spamhaus.org
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous

Courier, z.B. pop3d:
Code: 
##VERSION: $Id: pop3d.dist.in,v 1.9 2004/04/18 15:54:39 mrsam Exp $
#
# pop3d created from pop3d.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
#  Copyright 1998 - 2002 Double Precision, Inc.  See COPYING for
#  distribution information.
#
#  Courier POP3 daemon configuration
#
##NAME: PIDFILE:0
#

PIDFILE=/var/run/pop3d.pid

##NAME: MAXDAEMONS:0
#
#  Maximum number of POP3 servers started
#

MAXDAEMONS=40

##NAME: MAXPERIP:4
#
#  Maximum number of connections to accept from the same IP address

MAXPERIP=4

##NAME: AUTHMODULES:0
#
#########################################################################
##
## Authentication modules which attempt to validate userid/password
## combinations.  See authpam(8) for more information.  The default set
## is installed at configuration time.  You may have to edit the following
## to remove unnecessary authentication modules.  In particular, if
## authpam is included in the list below, you will have to remove authpwd
## and authshadow, since their functionality is included in the authpam
## module.
##
#########################################################################
#
# If this is currently set to AUTHMODULES="authdaemon", DO NOT CHANGE IT.
# Instead, change the parameter authmodulelist in authdaemonrc.

AUTHMODULES="authdaemon"


##NAME: AUTHMODULES_ORIG:0
#
# This setting is for use with webadmin

AUTHMODULES_ORIG="authdaemon"

##NAME: DEBUG_LOGIN:0
#
# Dump additional login diagnostics to syslog
#
# DEBUG_LOGIN=0   - turn off login debugging
# DEBUG_LOGIN=1   - turn on login debugging
# DEBUG_LOGIN=2   - turn on login debugging + log passwords too
#
# Note that most information is sent to syslog at level 'debug', so
# you may need to modify your /etc/syslog.conf to be able to see it.

DEBUG_LOGIN=0

##NAME: POP3AUTH:1
#
# To advertise the SASL capability, per RFC 2449, uncomment the POP3AUTH
# variable:
#
# POP3AUTH="LOGIN"
#
# If you have configured the CRAM-MD5 or CRAM-SHA1, set POP3AUTH to something
# like this:
#
# POP3AUTH="LOGIN CRAM-MD5 CRAM-SHA1"

POP3AUTH=""

##NAME: POP3AUTH_ORIG:0
#
# For use by webadmin

POP3AUTH_ORIG="LOGIN CRAM-MD5 CRAM-SHA1"

##NAME: POP3AUTH_TLS:1
#
# To also advertise SASL PLAIN if SSL is enabled, uncomment the
# POP3AUTH_TLS environment variable:
#
# POP3AUTH_TLS="LOGIN PLAIN"

POP3AUTH_TLS=""

##NAME: POP3AUTH_TLS_ORIG:0
#
# For use by webadmin

POP3AUTH_TLS_ORIG="LOGIN PLAIN"

##NAME: PORT:1
#
# Port to listen on for connections.  The default is port 110.
#
#  Multiple port numbers can be separated by commas.  When multiple port
#  numbers are used it is possibly to select a specific IP address for a
#  given port as "ip.port".  For example, "127.0.0.1.900,192.68.0.1.900"
#  accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1
#  The ADDRESS setting is a default for ports that do not have a specified
#  IP address.

PORT=110

##NAME: ADDRESS:0
#
# IP address to listen on.  0 means all IP addresses.

ADDRESS=0

##NAME: TCPDOPTS:0
#
# Other couriertcpd(1) options.  The following defaults should be fine.
#

TCPDOPTS="-nodnslookup -noidentlookup"

##NAME: POP3DSTART:0
#
# POP3DSTART is not referenced anywhere in the standard Courier programs
# or scripts.  Rather, this is a convenient flag to be read by your system
# startup script in /etc/rc.d, like this:
#
#  . /usr/local/etc/courier-imap/pop3d
#  case x$POP3DSTART in
#  x[yY]*)
#        /usr/local/libexec/courier-imap/pop3d.rc start
#        ;;
#  esac
#
# The default setting is going to be NO, until Courier is shipped by default
# with enough platforms so that people get annoyed with having to flip it to
# YES every time.

POP3DSTART=YES

##NAME: MAILDIRPATH:0
#
# MAILDIRPATH - directory name of the maildir directory.
#
MAILDIRPATH=Maildir

smptd.conf unter /usr/local/lib/sasl2:
Code: 
pwcheck_method: auxprop
auxprop_plugin: sql
mech_list: login crypt
sql_engine: mysql
sql_hostnames: ?postfixmysqlhost?
sql_user: ?postfixuser?
sql_passwd: ?somepass2?
sql_database: ?postfixdb?
sql_select: select password from mailbox where username='%u@%r' and smtpaccess='1';

authdaemonrc:
Code: 
##VERSION: $Id: authdaemonrc.in,v 1.8 2001/10/07 02:16:22 mrsam Exp $
#
# Copyright 2000-2001 Double Precision, Inc.  See COPYING for
# distribution information.
#
# authdaemonrc created from authdaemonrc.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# This file configures authdaemond, the resident authentication daemon.
#
# Comments in this file are ignored.  Although this file is intended to
# be sourced as a shell script, authdaemond parses it manually, so
# the acceptable syntax is a bit limited.  Multiline variable contents,
# with the \ continuation character, are not allowed.  Everything must
# fit on one line.  Do not use any additional whitespace for indentation,
# or anything else.

##NAME: authmodulelist:0
#
# The authentication modules that are linked into authdaemond.  The
# default list is installed.  You may selectively disable modules simply
# by removing them from the following list.  The available modules you
# can use are: authcustom authuserdb authpam

authmodulelist="authmysql authpam"

##NAME: authmodulelistorig:1
#
# This setting is used by Courier's webadmin module, and should be left
# alone

authmodulelistorig="authcustom authuserdb authpam"

##NAME: daemons:0
#
# The number of daemon processes that are started.  authdaemon is typically
# installed where authentication modules are relatively expensive: such
# as authldap, or authmysql, so it's better to have a number of them running.
# PLEASE NOTE:  Some platforms may experience a problem if there's more than
# one daemon.  Specifically, SystemV derived platforms that use TLI with
# socket emulation.  I'm suspicious of TLI's ability to handle multiple
# processes accepting connections on the same filesystem domain socket.
#
# You may need to increase daemons if as your system load increases.  Symptoms
# include sporadic authentication failures.  If you start getting
# authentication failures, increase daemons.  However, the default of 5
# SHOULD be sufficient.  Bumping up daemon count is only a short-term
# solution.  The permanent solution is to add more resources: RAM, faster
# disks, faster CPUs...

daemons=5

##NAME: version:0
#
# When you have multiple versions of authdaemond.* installed, authdaemond
# just picks the first one it finds.  Set "version" to override that.
# For example:  version=authdaemond.plain

version=""

##NAME: authdaemonvar:0
#
# authdaemonvar is here, but is not used directly by authdaemond.  It's
# used by various configuration and build scripts, so don't touch it!

authdaemonvar=/usr/local/var/authdaemon

authmysqlrc:
Code: 
MYSQL_CRYPT_PWFIELD	password
MYSQL_DATABASE		?postfixdb?
MYSQL_GID_FIELD		'125'
MYSQL_HOME_FIELD	'/usr/local/virtual'
MYSQL_LOGIN_FIELD	username
MYSQL_MAILDIR_FIELD	maildir
MYSQL_NAME_FIELD	name
MYSQL_OPT		0
MYSQL_PASSWORD		?somepass2?
MYSQL_QUOTA_FIELD	quota
MYSQL_SERVER		?postfixmysqlhost?
MYSQL_UID_FIELD		'125'
MYSQL_USERNAME		?postfixuser?
MYSQL_USER_TABLE	mailbox
MYSQL_WHERE_CLAUSE      active='1'
MYSQL_AUXOPTIONS_FIELD 	CONCAT("disableimap=",disableimap,",disablepop3=",disablepop3,",disablewebmail=",disablewebmail,",sharedgroup=",sharedgroup)

mysql_relay_domains_maps.cf
Code: 
user = ?postfixuser?
password = ?somepass2?
hosts = ?postfixmysqlhost?
dbname = ?postfixdb?
table = domain
select_field = domain
where_field = domain
additional_conditions = and backupmx = '1'

mysql_virtual_alias_maps.cf
Code: 
user = ?postfixuser?
password = ?somepass2?
hosts = ?postfixmysqlhost?
dbname = ?postfixdb?
table = alias
select_field = goto
where_field = address

mysql_virtual_domains_maps.cf
Code: 
user = ?postfixuser?
password = ?somepass2?
hosts = ?postfixmysqlhost?
dbname = ?postfixdb?
table = domain
select_field = description
where_field = domain
additional_conditions = and backupmx = '0' and active = '1'

mysql_virtual_mailbox_limit_maps.cf
Code: 
user = ?postfixuser?
password = ?somepass2?
hosts = ?postfixmysqlhost?
dbname = ?postfixdb?
table = mailbox
select_field = quota
where_field = username
additional_conditions = and active = '1'

mysql_virtual_mailbox_maps.cf
Code: 
user = ?postfixuser?
password = ?somepass2?
hosts = ?postfixmysqlhost?
dbname = ?postfixdb?
table = mailbox
select_field = maildir
where_field = username
additional_conditions = and active = '1'

Wenn das noch nicht reichen sollte, bitte posten, dann füge ich noch die andern (imaps usw.) ein...

Bitte helft mir... Ach ja und frohe Weihnachten :D
Vanessa
 
Hallo vanedler,

vanedler schrieb:
Hat keiner eine Idee? :-(
Zum Vergrößern anklicken....

Ja habe ich :)
Du hast vergessen, das Verzeichnis $MAILDIRPATH anzulegen. Dazu im Homedirectory maildirmake $MAILDIRPATH als root ausführen.
$MAILDIRPATH entnimmst Du der POP3D-Konfiguration, letzte Zeile.

Viele Grüße

Jürgen
 
Hallo Juedan,

danke für deinen Post. Ich habe zu diesem Thema unter der Rubrik Freebse/Anwendungen einen neuen Post aufgemacht, weil hier keiner geantwortet hat... siehe Link: neuer post wo ich auch auf makemaildir eingegangen bin. Ich habe ein Maildir eingerichtet. Habe auch getestet, was passiert, wenn ich das lösche. Dann kommen andere Fehlermeldungen. Scheint ok zu sein. Trotzdem hat es glaube ich mit dem Maildir oder der Postfixkonfiguration zu tum. Siehe Logs in dem anderem Post...

Liebe Grüße,
Vanessa
 
Du musst dich einloggen oder registrieren, um hier zu antworten.
Zurück
Oben