Linux
mysql 未使用 cyrus 進行身份驗證以進行後綴身份驗證
所以我一直在建構一個郵件伺服器,我已經設置了 postfix 和一個數據庫,現在我想要的是 cyrus 應該從我已經設置了一個數據庫的數據庫中驗證我的郵件伺服器使用者,現在我遇到了一些問題
yum -y install cyrus-sasl*
我的後綴 -n 看起來像這樣
alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix cyrus_sasl_config_path = /etc/sasl2/ daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 html_directory = no inet_interfaces = localhost, 192.168.1.1 inet_protocols = ipv4 local_recipient_maps = mysql:/etc/postfix/mysql-local.cf mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain mydomain = domain.com myhostname = my.domain.com myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES sample_directory = /usr/share/doc/postfix-2.10.1/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_tls_security_level = may smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous, noplaintext smtpd_sasl_tls_security_options = noanonymous smtpd_sasl_type = cyrus smtpd_tls_auth_only = no smtpd_tls_cert_file = /etc/postfix/ssl/server.crt smtpd_tls_key_file = /etc/postfix/ssl/server.key smtpd_tls_security_level = may smtpd_use_tls = yes unknown_local_recipient_reject_code = 550 virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-aliases.cf virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-domains.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-users.cf
我的 postconf -M 看起來像這樣
smtp inet n - n - - smtpd submission inet n - n - - smtpd -o smtpd_sasl_security_options=noanonymous -o smtpd_sasl_auth_enable=yes -o broken_sasl_auth_clients=yes -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING smtps inet n - n - - smtpd -o smtpd_sasl_security_options=noanonymous -o smtpd_sasl_auth_enable=yes -o broken_sasl_auth_clients=yes -o syslog_name=postfix/smtps -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING pickup unix n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr unix n - n 300 1 qmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - n - - smtp relay unix - - n - - smtp showq unix n - n - - showq error unix - - n - - error retry unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache
}
貓 /etc/sasl2/smtpd.conf
{
pwcheck_method: saslauthd auxprop_plugin: mysql mech_list: PLAIN LOGIN sql_engine: mysql sql_hostnames: 127.0.0.1, localhost sql_user: postfix sql_passwd: password sql_database: server sql_select: SELECT password FROM users WHERE email = '%u'
}
現在的問題是當我嘗試從 mysql 時,我無法驗證數據庫的使用者
貓 /etc/imapd.conf
configdirectory: /var/lib/imap partition-default: /var/spool/imap admins: cyrus sievedir: /var/lib/imap/sieve sendmail: /usr/sbin/sendmail hashimapspool: true sasl_pwcheck_method: saslauthd sasl_mech_list: PLAIN LOGIN allowplaintext: no defaultdomain: mail tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt # uncomment this if you're operating in a DSCP environment (RFC-4594) # qosmarking: af13
貓 /etc/cyrus.conf
# standard standalone server implementation START { # do not delete this entry! recover cmd="ctl_cyrusdb -r" # this is only necessary if using idled for IMAP IDLE idled cmd="idled" } # UNIX sockets start with a slash and are put into /var/lib/imap/sockets SERVICES { # add or remove based on preferences imap cmd="imapd" listen="imap" prefork=5 imaps cmd="imapd -s" listen="imaps" prefork=1 pop3 cmd="pop3d" listen="pop3" prefork=3 pop3s cmd="pop3d -s" listen="pop3s" prefork=1 sieve cmd="timsieved" listen="sieve" prefork=0 # these are only necessary if receiving/exporting usenet via NNTP # nntp cmd="nntpd" listen="nntp" prefork=3 # nntps cmd="nntpd -s" listen="nntps" prefork=1 # at least one LMTP is required for delivery # lmtp cmd="lmtpd" listen="lmtp" prefork=0 lmtpunix cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1 # this is only necessary if using notifications # notify cmd="notifyd" listen="/var/lib/imap/socket/notify" proto="udp" prefork=1 } EVENTS { # this is required checkpoint cmd="ctl_cyrusdb -c" period=30 # this is only necessary if using duplicate delivery suppression, # Sieve or NNTP delprune cmd="cyr_expire -E 3" at=0400 # this is only necessary if caching TLS sessions tlsprune cmd="tls_prune" at=0400 }
所以任何人都可以讓我擺脫這個問題謝謝….
問題可能出在
/etc/sasl2/smtpd.conf
pwcheck_method = auxprop
如果
saslauthd
使用,那麼它將查看 pam 方法數據庫並忽略指向 sql 的所有其他設置。此外,如果您只是嘗試在不設置 imap 的情況下發送郵件,則無法從郵件客戶端連接,因為郵件客戶端需要完整設置郵件伺服器,因此您需要手動設置郵件客戶端並將 smtp 設置為使用 StartTLS 埠 587,標準密碼身份驗證確保在郵件客戶端詢問您時提供正確的密碼。基本上,如果您想使用
saslauthd
機制更好地安裝pam_mysql
模組並設置/etc.pam.d/smtp
以查找 mysql 數據庫。希望這可以幫助