Probleme mit Debian Backports Postfix, Cyrus

Postfix, QMail, Sendmail, Dovecot, Cyrus, Courier, Anti-Spam
tobi
Posts: 121
Joined: 2002-08-02 20:58
Location: München

Probleme mit Debian Backports Postfix, Cyrus

Post by tobi » 2004-05-28 11:31

Hallo,

hat von euch jemand ein Debian system mit Backport für Postfix2 und Cyrus21 von
laufen? Ich bin gerade dabei dies auf meinem neuen server zum laufen zubringen doch bekomme ich beim versenden von mail per SMTP noch anmeldeprobleme.

Bekomme folgenden Syslog eintrag:
postfix/smtpd[32518]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: Permission denied
postfix/smtpd[32518]: warning: SASL authentication failure: no secret in database
postfix/smtpd[32518]: warning: pXXXXXXX.dip0.t-ipconnect.de[XXX.XXX.XXX.XXX]: SASL CRAM-MD5 authentication failed
postfix/smtpd[32518]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: Permission denied
postfix/smtpd[32518]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: Permission denied
postfix/smtpd[32518]: warning: SASL authentication failure: no secret in database
postfix/smtpd[32518]: warning: pXXXXXXX.dip0.t-ipconnect.de[XXX.XXX.XXX.XXX]: SASL NTLM authentication failed
postfix/smtpd[32518]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: Permission denied
postfix/smtpd[32518]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: Permission denied
postfix/smtpd[32518]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
postfix/smtpd[32518]: warning: SASL authentication failure: Password verification failed
postfix/smtpd[32518]: warning: pXXXXXXX.dip0.t-ipconnect.de[XXX.XXX.XXX.XXX]: SASL PLAIN authentication failed
postfix/smtpd[32518]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: Permission denied
postfix/smtpd[32518]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: Permission denied
postfix/smtpd[32518]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
postfix/smtpd[32518]: warning: pXXXXXXX.dip0.t-ipconnect.de[XXX.XXX.XXX.XXX]: SASL LOGIN authentication failed
meine main.cf:
# see /usr/share/postfix/main.cf.dist for a commented, fuller
# version of this file.

# Do not change these directory settings - they are critical to Postfix
# operation.
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
program_directory = /usr/lib/postfix

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
setgid_group = postdrop
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no
myhostname = XXXXXXX.info
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = XXXXXXX.info, hXXXX.serverkompetenz.net, localhost
relayhost =
mynetworks = 127.0.0.0/8
#mailbox_command = procmail -a "$EXTENSION"
mailbox_transport = cyrus
mailbox_size_limit = 0
recipient_delimiter = +

#SMTPD Auth
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination

#smtpd_use_tls = yes
#smtpd_tls_key_file = /etc/apache/conf/ssl.key/server.key
#smtpd_tls_cert_file = /etc/apache/conf/ssl.crt/server.crt
#smtpd_tls_loglevel = 3
#tls_random_source = dev:/dev/urandom


### CONFIXX POSTFIX ENTRY ###

virtual_maps = hash:/etc/postfix/confixx_virtualUsers, hash:/etc/postfix/confixx_localDomains

### /CONFIXX POSTFIX ENTRY ###
Ich habe jetzt schon länger nach ner lösung gesucht doch leider keine richtige gefunden, über das thema wird zwar einiges geschrieben aber ne lösung fand ich keine. Vielleicht kann mir ja von euch jemand helfen.

duergner
RSAC
Posts: 976
Joined: 2003-08-20 11:30
Location: Pittsburgh, PA, USA

Re: Probleme mit Debian Backports Postfix, Cyrus

Post by duergner » 2004-05-28 11:47

Welche Zugriffsrechte hat die sasldb2 denn? Kann Postfix sie auch erreichen (chroot)?

tobi
Posts: 121
Joined: 2002-08-02 20:58
Location: München

Re: Probleme mit Debian Backports Postfix, Cyrus

Post by tobi » 2004-05-28 16:05

Hallo,

die datei hat folgende rechte:
-rw-rw---- 1 root sasl 12288 Feb 21 13:58 sasldb2
hier die master.cf
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd
#628 inet n - - - - qmqpd
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - - 300 1 qmgr
#qmgr fifo n - - 300 1 nqmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - - - - showq
error unix - - - - - error
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp

#
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# maildrop. See the Postfix MAILDROP_README file for details.
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
#
# The Cyrus deliver program has changed incompatibly, multiple times.
cyrus unix - n n - - pipe
flags=R user=cyrus argv=/usr/sbin/cyrdeliver -e -m "${extension}" ${user}
# Cyrus 2.1.5 (Amos Gouaux)
#cyrus unix - n n - - pipe
# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -d -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}

# only used by postfix-tls
#tlsmgr fifo - - n 300 1 tlsmgr
#smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
#587 inet n - n - - smtpd -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
hier nochmal ein log auszug:
May 28 15:57:11 xxxxxxx modprobe: modprobe: Can't locate module char-major-4
May 28 15:57:42 xxxxxxx last message repeated 19 times
May 28 15:57:52 xxxxxxx last message repeated 10 times
May 28 15:58:01 xxxxxxx /USR/SBIN/CRON[7076]: (root) CMD (/root/confixx/confixx_counterscript.pl; /opt/programs/cyrus-control/test.pl)
May 28 15:58:01 xxxxxxx init: Id "3" respawning too fast: disabled for 5 minutes
May 28 15:58:02 xxxxxxx init: Id "1" respawning too fast: disabled for 5 minutes
May 28 15:58:02 xxxxxxx init: Id "2" respawning too fast: disabled for 5 minutes
May 28 15:58:02 xxxxxxx init: Id "4" respawning too fast: disabled for 5 minutes
May 28 15:58:02 xxxxxxx init: Id "5" respawning too fast: disabled for 5 minutes
May 28 15:58:02 xxxxxxx init: Id "6" respawning too fast: disabled for 5 minutes
May 28 15:58:32 xxxxxxx cyrus/master[7087]: about to exec /usr/lib/cyrus/bin/imapd
May 28 15:58:32 xxxxxxx cyrus/imap[7087]: executed
May 28 15:58:32 xxxxxxx cyrus/imapd[7087]: accepted connection
May 28 15:58:33 xxxxxxx cyrus/imapd[7087]: login: pXXXXXXX.dip0.t-ipconnect.de[::ffff:xxx.xxx.xxx.xxx] web1p1 plaintext
May 28 15:58:33 xxxxxxx cyrus/imapd[7087]: skiplist: recovered /var/lib/cyrus/user/w/web1p1.seen (9 records, 10560 bytes) in 0 seconds
May 28 15:58:33 xxxxxxx cyrus/imapd[7087]: seen_db: user web1p1 opened /var/lib/cyrus/user/w/web1p1.seen
May 28 15:58:33 xxxxxxx cyrus/imapd[7087]: open: user web1p1 opened INBOX.spdllde
May 28 15:59:01 xxxxxxx /USR/SBIN/CRON[7089]: (root) CMD (/root/confixx/confixx_counterscript.pl; /opt/programs/cyrus-control/test.pl)
May 28 15:59:17 xxxxxxx postfix/smtpd[7093]: connect from pXXXXXXX.dip0.t-ipconnect.de[xxx.xxx.xxx.xxx]
May 28 15:59:19 xxxxxxx postfix/smtpd[7093]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: Permission denied
May 28 15:59:19 xxxxxxx postfix/smtpd[7093]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: Permission denied
May 28 15:59:19 xxxxxxx postfix/smtpd[7093]: warning: SASL authentication failure: no secret in database
May 28 15:59:19 xxxxxxx postfix/smtpd[7093]: warning: pXXXXXXX.dip0.t-ipconnect.de[xxx.xxx.xxx.xxx]: SASL CRAM-MD5 authentication failed
May 28 15:59:20 xxxxxxx postfix/smtpd[7093]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: Permission denied
May 28 15:59:20 xxxxxxx postfix/smtpd[7093]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: Permission denied
May 28 15:59:20 xxxxxxx postfix/smtpd[7093]: warning: SASL authentication failure: no secret in database
May 28 15:59:20 xxxxxxx postfix/smtpd[7093]: warning: pXXXXXXX.dip0.t-ipconnect.de[xxx.xxx.xxx.xxx]: SASL NTLM authentication failed
May 28 15:59:22 xxxxxxx postfix/smtpd[7093]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: Permission denied
May 28 15:59:22 xxxxxxx postfix/smtpd[7093]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: Permission denied
May 28 15:59:22 xxxxxxx postfix/smtpd[7093]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
May 28 15:59:22 xxxxxxx postfix/smtpd[7093]: warning: SASL authentication failure: Password verification failed
May 28 15:59:22 xxxxxxx postfix/smtpd[7093]: warning: pXXXXXXX.dip0.t-ipconnect.de[xxx.xxx.xxx.xxx]: SASL PLAIN authentication failed
May 28 15:59:23 xxxxxxx postfix/smtpd[7093]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: Permission denied
May 28 15:59:23 xxxxxxx postfix/smtpd[7093]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: Permission denied
May 28 15:59:23 xxxxxxx postfix/smtpd[7093]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
May 28 15:59:23 xxxxxxx postfix/smtpd[7093]: warning: pXXXXXXX.dip0.t-ipconnect.de[xxx.xxx.xxx.xxx]: SASL LOGIN authentication failed
danke

tobi
Posts: 121
Joined: 2002-08-02 20:58
Location: München

Re: Probleme mit Debian Backports Postfix, Cyrus

Post by tobi » 2004-05-28 16:10

nachtrag, es schein egal zusein ob ich in der master.cf bei smtp chroot auf n, - oder y setzte bekomme immer die gleichen syslog meldungen.

theomega
Userprojekt
Userprojekt
Posts: 704
Joined: 2003-01-27 14:36

Re: Probleme mit Debian Backports Postfix, Cyrus

Post by theomega » 2004-05-28 17:00

ja, ich hatte das schon am laufen, mach einfach mal ein chmod 777 /etc/sasldb2 dann sollte es mal testweiße gehen. Die Lösung ist aber nicht gut, weil jeder dann die Passwörter auslesen kann.
Das hat für mich damals keine Rolle gespielt da ich die Nachrichten nicht konvertiert (von cyrus 1.x) bekommen habe und somit wieder zur alten Version gehen mußte.

tobi
Posts: 121
Joined: 2002-08-02 20:58
Location: München

Re: Probleme mit Debian Backports Postfix, Cyrus

Post by tobi » 2004-05-28 19:01

hilfe leider nix

duergner
RSAC
Posts: 976
Joined: 2003-08-20 11:30
Location: Pittsburgh, PA, USA

Re: Probleme mit Debian Backports Postfix, Cyrus

Post by duergner » 2004-05-28 19:12

Was haben denn die Verezichnisse auf dem Pfad dahin für Rechte?

tobi
Posts: 121
Joined: 2002-08-02 20:58
Location: München

Re: Probleme mit Debian Backports Postfix, Cyrus

Post by tobi » 2004-05-28 19:19

drwxr-xr-x 56 root root 4096 May 26 21:17 etc
und die datei:
-rwxrwxrwx 1 root sasl 12288 Feb 21 13:58 sasldb2