ich weiss, das wurde schon 1000 mal hier behandelt, aber irgendwie komme ich trotz Suche und Google nciht weiter.
Ich habe hier ein Debian sarge.
postfix 2.1.5-9
postfix-tls 2.1.5-9
libsasl2 2.1.19-1.5
libsasl2-gssapi-mit 2.1.19-1.1
libsasl2-modules 2.1.19-1.5
libsasl7 1.5.27-3.1woody5
sasl2-bin 2.1.19-1.5
folgend meine main.cf:
meine /etc/postfix/sasl2/smtpd.conf:# See /usr/share/postfix/main.cf.dist for a commented, more complete version
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
myhostname = foo.acme.net
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = foo.acme.net, localhost, localhost.localdomain, localhost
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
mailbox_command = /usr/bin/procmail
### CONFIXX POSTFIX ENTRY ###
virtual_maps = hash:/etc/postfix/confixx_virtualUsers, hash:/etc/postfix/confixx_localDomains
### /CONFIXX POSTFIX ENTRY ###
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_auth_enable = yes
amtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
und meine saslauth config (/etc/default/saslauthd)pwcheck_method: saslauthd
mech_list: plain login
so, nun dachte ich, ich hätte alles (gemäß den 100ten How-To's, aber irgendwie scheint Postfix / saslauthd nicht zu interessieren, das ich gegen die /etc/shadow authentifizieren will.# This needs to be uncommented before saslauthd will be run automatically
START=yes
# You must specify the authentication mechanisms you wish to use.
# This defaults to "pam" for PAM support, but may also include
# "shadow" or "sasldb", like this:
# MECHANISMS="pam shadow"
MECHANISMS="shadow"
Telnet localhost 25
dementsprechend tauchen auch die Fehlermeldungen in der mail.log auf:Trying ::1...
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 foo.acme.net ESMTP Postfix (Debian/GNU)
ehlo foo
250-foo.acme.net
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH NTLM LOGIN PLAIN DIGEST-MD5 CRAM-MD5 GSSAPI
250-AUTH=NTLM LOGIN PLAIN DIGEST-MD5 CRAM-MD5 GSSAPI
250 8BITMIME
Wie und wo bringe ich diesem Gespann also bei, gegen die /etc/shadow zu authentifizieren? Habe ich etwas übersehen?May 18 00:19:57 marvin postfix/smtpd[14769]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such
file or directory
May 18 00:19:57 marvin postfix/smtpd[14769]: warning: SASL authentication failure: no secret in database
May 18 00:19:57 marvin postfix/smtpd[14769]: warning: dsl-.berlikomm.net[xx.xx.xx.xx]: SASL NTLM authentication failed
May 18 00:19:58 marvin postfix/smtpd[14769]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such
file or directory
May 18 00:19:58 marvin postfix/smtpd[14769]: warning: SASL authentication failure: no secret in database
May 18 00:19:58 marvin postfix/smtpd[14769]: warning: dsl-.berlikomm.net[xx.xx.xx.xx]: SASL NTLM authentication failed
Vielen Dank im Voraus
Gruss
.ad