Postfix
PostFix 和 Dovecot - 沒有 smtp 身份驗證
我使用本指南來設置我的郵件伺服器,一切正常,除了似乎沒有任何 smtp 身份驗證。不知道發生了什麼,因為 mail.log 或 mail.err 中沒有任何指示。希望這裡有人可以幫助我。
這就是我執行 telnet 命令時發生的情況(我換掉了域和電子郵件地址)。
telnet pro.domain.org 25 Trying 50.576.3.15... Connected to mail.domain.org. Escape character is '^]'. 220 pro.domain.org ESMTP Postfix (Ubuntu) ehlo example.com 250-pro.domain.org 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN mail from: <chris@gmail.com> 250 2.1.0 Ok rcpt to: <chris@domain.org> 250 2.1.5 Ok data 354 End data with <CR><LF>.<CR><LF> asd . 250 2.0.0 Ok: queued as 7C0F8D620 quit 221 2.0.0 Bye Connection closed by foreign host.
這是 postconf -n 輸出
alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases always_bcc = chris@domain.org append_dot_mydomain = no biff = no config_directory = /etc/postfix content_filter = smtp-amavis:[127.0.0.1]:10024 inet_interfaces = all mailbox_size_limit = 0 mydestination = localhost myhostname = pro.domain.org mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 myorigin = /etc/mailname readme_directory = no recipient_delimiter = + relayhost = smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/ssl/certs/dovecot.pem smtpd_tls_key_file = /etc/ssl/private/dovecot.pem smtpd_use_tls = yes virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf virtual_transport = lmtp:unix:private/dovecot-lmtp
這是 postconf -a 輸出
cyrus dovecot
這是 dovecot -n 輸出
# 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.9.2-x86_64-linode32 x86_64 Ubuntu 12.04.2 LTS ext3 auth_mechanisms = plain login mail_location = maildir:/var/mail/vhosts/%d/%n mail_privileged_group = mail passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocols = imap pop3 lmtp service auth-worker { user = vmail } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } unix_listener auth-userdb { mode = 0600 user = vmail } user = dovecot } service imap-login { inet_listener imap { port = 0 } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } service pop3-login { inet_listener pop3 { port = 0 } } ssl = required ssl_cert = </etc/ssl/certs/dovecot.pem ssl_key = </etc/ssl/private/dovecot.pem userdb { args = uid=vmail gid=vmail home=/var/mail/vhosts/%d/%n driver = static }
看來 dovecot 確實在創建套接字
ls -la /var/spool/postfix/private/auth srw-rw-rw- 1 postfix postfix 0 May 22 23:10 /var/spool/postfix/private/auth
關於現在做什麼的任何想法?
您應該配置使用
smtpd_tls_auth_only = yes
,因為這不允許明文發送密碼。但是,這意味著AUTH
只能通過加密通道獲得。你應該用openssl s_client -connect smtp.example.com:25 -starttls smtp -CApath /etc/ssl/certs/
查看您的 dovecot 配置,您有:
unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix
根據postfix的文件,你應該有一個套接字監聽而不是 unix_listener - 如果你正在做 unix_listener 你還應該有一個 TCP 套接字。所以你的 dovecot.conf 應該包含這個:
socket listen { client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } }
完成此操作後,重新啟動 dovecot 和 postfix。如果它仍然不起作用,請檢查您的後綴日誌(通常是 /var/log/mail.log)並從那裡發布任何資訊作為對原始問題的編輯。
原始答案,根據評論不適用
您將電子郵件發送到 $mydomain 中列出的收件人地址,並且您已將郵件伺服器配置為始終接受這些郵件。
要測試身份驗證,您需要從 $mynetwork 中未列出的網路進行連接,並將郵件發送給未列為允許的收件人域的收件人。
(事實上,如果你確實以正確的方式進行了測試,那麼弄清楚你是否沒有把你正在做的一半資訊弄明白會容易得多。)