Linux

Dovecot 不使用 postfix cyrus(用於 sasl 身份驗證)和 centos 7 中的 dovecot 對郵件伺服器中的客戶端進行身份驗證

  • February 14, 2021

由於我一直在建構郵件伺服器,因此我有另一個問題正在處理中,我無法在Google中找到,所以我期待我會在這裡得到答案

所以更新是我創建了一個帶有後綴的郵件伺服器,使用 cyrus 使用 sasl 進行身份驗證,現在我在其中附加了一個 imap 伺服器,所以對於我使用 dovecot 的過程。

到目前為止,我發現我的 smtp 設置很好並且可以按我的意願工作,但是 dovecot 是否存在一些錯誤

我的配置如下

postconf -n

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
html_directory = no
inet_interfaces = localhost, <interface ip>
inet_protocols = ipv4
local_recipient_maps = mysql:/etc/postfix/mysql-local.cf
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mydomain = ossnepal.com
myhostname = fqdn.mydomain.com
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
sample_directory = /usr/share/doc/postfix-2.10.1/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = smtpd
smtpd_sasl_security_options = noanonymous, noplaintext
smtpd_sasl_tls_security_options = noanonymous
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/letsencrypt/live/fqdn.mydomain.com/cert.pem
smtpd_tls_key_file = /etc/letsencrypt/live/fqdn.mydomain.com/privkey.pem
smtpd_tls_security_level = encrypt
smtpd_use_tls = yes
unknown_local_recipient_reject_code = 550
virtual_alias_maps = mysql:/etc/postfix/mysql-alias.cf, mysql:/etc/postfix/mysql-check_email.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-users.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp

百勝安裝鴿舍*

鴿舍-n

# 2.2.36 (1f10bfa63): /etc/dovecot/dovecot.conf
   # Pigeonhole version 0.4.24 (124e06aa)
   # OS: Linux 3.10.0-1160.15.2.el7.x86_64 x86_64 CentOS Linux release 7.9.2009 (Core) xfs
   # Hostname: fqdn.mydomain.com
   auth_mechanisms = plain login
   first_valid_uid = 1000
   mail_gid = vmail
   mail_location = maildir:/var/vmail/%d/%n
   mail_privileged_group = vmail
   mail_uid = vmail
   managesieve_notify_capability = mailto
   managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext
   mbox_write_locks = fcntl
   namespace inbox {
     inbox = yes
     location = 
     mailbox Drafts {
       special_use = \Drafts
     }
     mailbox Junk {
       special_use = \Junk
     }
     mailbox Sent {
       special_use = \Sent
     }
     mailbox "Sent Messages" {
       special_use = \Sent
     }
     mailbox Trash {
       special_use = \Trash
     }
     prefix = 
   }
   passdb {
     driver = pam
   }
   passdb {
     args = /etc/dovecot/dovecot-sql.conf.ext
     driver = sql
   }
   plugin {
     sieve = file:~/sieve;active=~/.dovecot.sieve
   }
   service auth-worker {
     user = vmail
   }
   service auth {
     unix_listener /var/spool/postfix/private/auth {
       group = postfix
       mode = 0600
       user = postfix
     }
     unix_listener auth-userdb {
       mode = 0600
       user = vmail
     }
     user = dovecot
   }
   service imap-login {
     inet_listener imaps {
       port = 993
       ssl = yes
     }
   }
   service lmtp {
     unix_listener /var/spool/postfix/private/dovecot-lmtp {
       group = postfix
       mode = 0600
       user = postfix
     }
   }
   service pop3-login {
     inet_listener pop3s {
       port = 995
       ssl = yes
     }
   }
   ssl = required
   ssl_cert = </etc/letsencrypt/live/fqdn.mydomain.com/fullchain.pem
   ssl_key =  # hidden, use -P to show it
   userdb {
     driver = passwd
   }
   userdb {
     args = uid=vmail gid=vmail home=/var/vmail/%d/%n allow_all_users=yes
     driver = static
   }

貓 /etc/dovecot/dovecot-sql.conf.ext

driver = mysql
connect = host=127.0.0.1 dbname=mailserver user=user password=secret
default_pass_scheme = SHA512-CRYPT
password_query = SELECT email as user, password FROM users WHERE email='%u';

tail -f / var / log / maillog

Feb 12 16:02:42 fqdn postfix/smtpd[9116]: connect from unknown[212.70.149.71]
Feb 12 16:02:43 fqdn postfix/smtpd[9116]: disconnect from unknown[212.70.149.71]
Feb 12 16:03:14 fqdn postfix/smtpd[9135]: connect from unknown[192.168.1.1]
Feb 12 16:03:14 fqdn postfix/smtpd[9131]: connect from unknown[192.168.1.1]
Feb 12 16:03:14 fqdn postfix/smtpd[9147]: connect from unknown[192.168.1.1]
Feb 12 16:03:14 fqdn postfix/smtpd[9137]: connect from unknown[192.168.1.1]
Feb 12 16:03:15 fqdn postfix/smtpd[9116]: connect from unknown[192.168.1.1]
Feb 12 16:03:15 fqdn postfix/smtpd[9136]: connect from unknown[192.168.1.1]
Feb 12 16:03:15 fqdn dovecot: imap-login: Aborted login (no auth attempts in 1 secs): user=<>, rip=192.168.1.1, lip=111.11.11.22, session=</BNE9CC7qOl0WuTK>
Feb 12 16:03:15 fqdn postfix/smtpd[9135]: improper command pipelining after EHLO from unknown[192.168.1.1]: QUIT\r\n
Feb 12 16:03:15 fqdn postfix/smtpd[9131]: improper command pipelining after EHLO from unknown[192.168.1.1]: QUIT\r\n
Feb 12 16:03:15 fqdn postfix/smtpd[9131]: disconnect from unknown[192.168.1.1]
Feb 12 16:03:15 fqdn postfix/smtpd[9135]: disconnect from unknown[192.168.1.1]
Feb 12 16:03:15 fqdn dovecot: imap-login: Aborted login (no auth attempts in 1 secs): user=<>, rip=192.168.1.1, lip=111.11.11.22, session=<LBZE9CC7qul0WuTK>
Feb 12 16:03:15 fqdn postfix/smtpd[9137]: improper command pipelining after EHLO from unknown[192.168.1.1]: QUIT\r\n
Feb 12 16:03:15 fqdn postfix/smtpd[9147]: improper command pipelining after EHLO from unknown[192.168.1.1]: QUIT\r\n
Feb 12 16:03:15 fqdn postfix/smtpd[9136]: improper command pipelining after EHLO from unknown[192.168.1.1]: QUIT\r\n
Feb 12 16:03:15 fqdn postfix/smtpd[9116]: improper command pipelining after EHLO from unknown[192.168.1.1]: QUIT\r\n
Feb 12 16:03:15 fqdn postfix/smtpd[9147]: disconnect from unknown[192.168.1.1]
Feb 12 16:03:15 fqdn postfix/smtpd[9136]: disconnect from unknown[192.168.1.1]
Feb 12 16:03:15 fqdn postfix/smtpd[9137]: disconnect from unknown[192.168.1.1]
Feb 12 16:03:15 fqdn postfix/smtpd[9116]: disconnect from unknown[192.168.1.1]
Feb 12 16:03:15 fqdn postfix/smtpd[9135]: connect from unknown[192.168.1.1]
Feb 12 16:03:15 fqdn postfix/smtpd[9148]: connect from unknown[192.168.1.1]
Feb 12 16:03:15 fqdn dovecot: pop3-login: Aborted login (no auth attempts in 1 secs): user=<>, rip=192.168.1.1, lip=111.11.11.22, session=<xxxE9CC7qel0WuTK>
Feb 12 16:03:15 fqdn postfix/smtpd[9135]: lost connection after CONNECT from unknown[192.168.1.1]
Feb 12 16:03:15 fqdn postfix/smtpd[9148]: lost connection after CONNECT from unknown[192.168.1.1]
Feb 12 16:03:15 fqdn postfix/smtpd[9135]: disconnect from unknown[192.168.1.1]
Feb 12 16:03:15 fqdn postfix/smtpd[9148]: disconnect from unknown[192.168.1.1]
Feb 12 16:03:15 fqdn dovecot: pop3-login: Aborted login (no auth attempts in 0 secs): user=<>, rip=192.168.1.1, lip=111.11.11.22, session=<ME1E9CC7q+l0WuTK>



Feb 12 16:03:56 fqdn dovecot: imap-login: Disconnected (auth failed, 3 attempts in 20 secs): user=<user>, method=PLAIN, rip=192.168.1.1, lip=111.11.11.22, TLS, session=<KPmR9SC7tOl0WuTK>
Feb 12 16:04:16 fqdn dovecot: imap-login: Disconnected (auth failed, 3 attempts in 20 secs): user=<user@domain.com>, method=PLAIN, rip=192.168.1.1, lip=111.11.11.22, TLS, session=<BRG99iC7tel0WuTK>

我已允許數據庫 993,995,143,80,443,25,587,465,110 中的每個必需埠…..

我的表結構與此站點一樣

http://blog.vettore.org/centos-7-or-rhel-very-simple-configuration-of-a-mailserver-with-postfix-dovecot-mysql-part-1/

我已按照本文進行設置

https://www.linode.com/docs/guides/email-with-postfix-dovecot-and-mariadb-on-centos-7/

我想我又得到了你的錯誤……哈哈

我很確定您已經弄亂了有關如何查找表格的表格配置,很好地解決了您的問題並觀看了您提供的站點解決方案,我發現您可能混合了兩個站點的配置,其中兩個站點具有相同的解決方案,但問題是您可能已經將 dovecot 的 uplook 機制定義為在表中使用密碼機製作為 cram sha5 進行搜尋,但到目前為止,我猜您已將密碼放在表中,所以只需更改密碼查找機制dovecot /etc/dovecot/dovecot-sql-conf.ext(你dovecot sql查找查詢)並將表格查看機制從sha更改為plain …我猜它會完成工作

謝謝 ;-)

引用自:https://serverfault.com/questions/1053393