Tengo un problema al autenticar usuarios usando postfix/dovecot con mysql en ubuntu LTS. Outlook se conectó al servidor pero obtuvo un error de autenticación.
A continuación se muestran los ajustes de configuración de posfix:
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
inet_interfaces = all
mailbox_size_limit = 0
message_size_limit = 0
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128, 144.122.116.0/24
mynetworks_style = host
myorigin = /etc/mailname
queue_directory = /var/spool/postfix
readme_directory = no
recipient_delimiter = +
relayhost = [smtp.buyorsell.it]:587
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, rej ect_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks,permit
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/ssl/certs/smtpd.cert
smtpd_tls_key_file = /etc/ssl/private/smtpd.key
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_limit = 0
virtual_mailbox_maps = proxy:mysql:$config_directory/mysql-virtual-mailbox-maps. cf
virtual_transport = dovecot
y luego la configuración del palomar se muestra así:
root@server:~# dovecot -n
# 2.0.19: /etc/dovecot/dovecot.conf
doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -n > dovecot-new.conf
doveconf: Warning: Obsolete setting in /etc/dovecot/conf.d/10-master.conf:124: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely
doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -n > dovecot-new.conf
doveconf: Warning: Obsolete setting in /etc/dovecot/conf.d/10-master.conf:124: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely
# OS: Linux 2.6.32-042stab088.4 x86_64 Ubuntu 12.04.5 LTS simfs
auth_mechanisms = plain login
disable_plaintext_auth = no
mail_location = maildir:/var/mail/vhosts/%d/%n
mail_privileged_group = mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
protocols = imap pop3 sieve
service auth-worker {
user = vmail
}
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0604
user = postfix
}
unix_listener /var/spool/postfix/private/dovecot-auth {
group = postfix
mode = 0660
user = postfix
}
unix_listener auth-userdb {
mode = 0600
user = vmails
}
user = dovecot
}
service imap-login {
inet_listener imap {
port = 143
}
inet_listener imaps {
port = 993
ssl = yes
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
protocol imap {
imap_client_workarounds = delay-newmail
mail_max_userip_connections = 10
}
protocol pop3 {
mail_max_userip_connections = 10
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
}
protocol lda {
deliver_log_format = msgid=%m: %$
mail_plugins = sieve
postmaster_address = postmaster
quota_full_tempfail = yes
rejection_reason = Your message to <%t> was automatically rejected:%n%r
}
Mi registro de errores es /var/log/mail.log:
Sep 30 08:22:10 server postfix/submission/smtpd[1466]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
Sep 30 08:22:10 server postfix/submission/smtpd[1466]: connect from unknown[182.186.87.163]
Sep 30 08:22:11 server postfix/submission/smtpd[1466]: warning: SASL: Connect to private/auth? Basic SPAM prevention failed: No such file or directory
Sep 30 08:22:11 server postfix/submission/smtpd[1466]: fatal: no SASL authentication mechanisms
Sep 30 08:22:12 server postfix/master[1448]: warning: process /usr/lib/postfix/smtpd pid 1466 exit status 1
Sep 30 08:22:12 server postfix/master[1448]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
Sep 30 08:22:45 server dovecot: auth-worker: mysql(127.0.0.1): Connected to database mailserver
Sep 30 08:23:05 server dovecot: imap-login: Disconnected (auth failed, 3 attempts): user=<[email protected]>, method=PLAIN, rip=182.186.87.163, lip=162.250.122.195, TLS
es master.cf
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
#smtp inet n - n - - smtpd
#smtp inet n - - - 1 postscreen
smtpd pass - - - - - smtpd
#dnsblog unix - - - - 0 dnsblog
#tlsproxy unix - - - - 0 tlsproxy
submission inet n - - - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
smtps inet n - - - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#submission inet n - - - - smtpd
#
##spamassassin unix - n n - - pipe
##user=spamd argv=/usr/bin/spamc -f -e
##usr/sbin/sendmail -oi -f ${sender} ${recipient}
# -o syslog_name=postfix/submission
# -o smtpd_tls_security_level=may
# -o smtpd_sasl_auth_enable=yes
# # -o content_filter=spamassassin
# #-o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject_unauth_destination
# -o milter_macro_daemon_name=ORIGINATING
#smtps inet n - n - - smtpd
## -o syslog_name=postfix/smtps
# -o smtpd_tls_wrappermode=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#628 inet n - - - - qmqpd
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - - - - showq
error unix - - - - - error
retry unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
# mailbox_transport = lmtp:inet:localhost
# virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus unix - n n - - pipe
# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
# Old example of delivery via Cyrus.
#
#old-cyrus unix - n n - - pipe
# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient}
Necesito que los correos entrantes/salientes comiencen a funcionar.
Respuesta1
Creo que ahora tienes un problema con la conexión MySQL (donde mantienes la base de datos del usuario, por lo que veo). Debe verificar los permisos en MySQL para que Dovecot se conecte (usuario vmail) a la base de datos adecuada.
conceda todos los privilegios en your_database.* a 'vmail'@'localhost';
(Suponiendo aquí que la base de datos es local para Dovecot, también todos los privilegios pueden ser demasiado amplios para lo que realmente necesita; supongo que seleccionar sería suficiente).
Respuesta2
En la linea
smtpd_sasl_path = private/auth Basic SPAM prevention
elimina eso "Basic SPAM prevention", dejando solo
smtpd_sasl_path = private/auth
Luego reinicie postfix.
Respuesta3
Dos acciones resuelven el problema.
Valor eliminado de:
relayhost = [smtp.buyorsell.it]:587
como
relayhost =
y descomentar
spamassassin unix - n n - - pipe
en maestro.cf