环境:Centos
6.4 最小安装 ,所有软件系统自带。
需求:发送和接收邮件不使用系统密码,使用/etc/sasldb密码,/etc/sasldb与/etc/shadow用户名是相同的,只是密码不同。
过程:参考安装笔记
http://blog.sina.com.cn/s/blog_92dc41ea0101qxhk.html
结果:SMTP和POP、IMAP等验证时,系统密码能通过验证,sasldb密码不能通过验证。现列出配置如下(只显示与SASL认证有关内容):
[root@mail ~]# tail /etc/postfix/main.cf
smtpd_sasl_type = dovecot
smtpd_sasl_path =
private/authsmtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_sasl_local_domain = kingmed.com
smtpd_relay_restrictions =
permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
smtpd_client_restrictions = permit_sasl_authenticated
[root@mail ~]# cat /etc/sysconfig/saslauthd
SOCKETDIR=/var/run/saslauthd
#MECH=shadow
FLAGS=sasldb
[root@mail ~]# cat /etc/sasl2/smtpd.conf
pwcheck_method: auxprop
auxprop_plugin: sasldb
mech_list: PLAIN LOGIN
[root@mail ~]# ll /etc/sasldb2
-rw-r-----. 1 root postfix 12288 Aug 2 19:51
/etc/sasldb2
[root@mail ~]# dovecot -n
# 2.0.9: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-358.11.1.el6.i686 i686 CentOS release 6.4
(Final)
auth_mechanisms = plain login
disable_plaintext_auth = no
listen = *
mail_location = maildir:~/Maildir
mbox_write_locks = fcntl
passdb {
driver = pam
}
protocols = imap pop3
service auth {
unix_listener /var/spool/postfix/private/auth
{
group =
postfix
mode =
0666
user =
postfix
}
}
ssl = no
userdb {
driver = passwd
}
使用Foxmail7发送和接收邮件时,使用系统密码可通过验证并能收发邮件,但使用/etc/sasldb密码认证通不过,maillog日志显示如下:
postfix/smtpd[1806]: connect from unknown[10.6.3.26]
postfix/smtpd[1806]: warning: unknown[10.6.3.26]: SASL LOGIN
authentication failed: UGFzc3dvcmQ6
postfix/smtpd[1806]: warning: unknown[10.6.3.26]: SASL LOGIN
authentication failed: UGFzc3dvcmQ6
postfix/smtpd[1806]: lost connection after AUTH from
unknown[10.6.3.26]
postfix/smtpd[1806]: disconnect from unknown[10.6.3.26]
dovecot: pop3-login: Aborted login (auth failed, 1 attempts):
user=,
method=PLAIN, rip=10.6.3.26, lip=10.6.3.233
dovecot: pop3-login: Disconnected (auth failed, 1 attempts):
user=, method=PLAIN,
rip=10.6.3.26, lip=10.6.3.233
还有个现象,当把/etc/postfix/main.rc中的下面两行注释掉:
#smtpd_sasl_type = dovecot
#smtpd_sasl_path = private/auth
则SMTP能通过sasldb密码验证了,但POP,IMAP仍不能,请各位帮忙分析是什么原因,谢谢。