關於postfix的sasl認證問題(已解決)
操作平台:red hat 9.0
我是按如下來進行編譯cyrus sasl(版本為cyrus-sasl-2.1.22)的
---------cyrus sasl---------------------------------------
./configure \
--enable-anon \
--enable-plain \
--enable-login \
--disable-krb4 \
--disable-otp \
--disable-cram \
--disable-digest \
--with-saslauthd=/var/run/saslauthd \
--with-pam=/lib/security \
--with-dblib=berkeley \
--with-bdb-libdir=/usr/local/bdb/lib \
--with-bdb-incdir=/usr/local/bdb/include \
--with-openssl=/usr/local/ssl \
--with-plugindir=/usr/local/lib/sasl2
make
make install
cd saslauthd
make testsaslauthd
cp testsaslauthd /usr/local/bin
echo /usr/local/lib/sasl2 >> /etc/ld.so.conf
ldconfig
ln -s /usr/local/lib/sasl2 /usr/lib/sasl2
編譯postfix 如下:
/etc/init.d/sendmail stop
chkconfig --level 0123456 sendmail off
mv /usr/bin/newaliases /usr/bin/newaliases.orig
mv /usr/bin/mailq /usr/bin/mailq.orig
mv /usr/sbin/sendmail /usr/sbin/sendmail.orig
groupadd -g 1000 postfix
groupadd -g 1001 postdrop
useradd -u 1000 -g 1000 -c postfix -M -d/no/where -s/no/shell postfix
make -f Makefile.init makefiles \
'CCARGS=-DUSE_SASL_AUTH -DUSE_CYRUS_SASL -DHAS_MYSQL -I/usr/local/mysql/include/mysql -I/usr/local/include/sasl' \
'AUXLIBS=-L/usr/local/mysql/lib/mysql -L/usr/local/lib/ -lsasl2 -lmysqlclient -lz -lm'
我的postfix(版本為postfix-2.4.5)配置如下:
----------------------------------base configuration--------------------------------------------
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
myhostname = mail.pp.com
mydomain = pp.com
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
unknown_local_recipient_reject_code = 550
mynetworks = 192.168.1.0/24, 127.0.0.0/8
relay_domains =
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/local/man
sample_directory = /etc/postfix
readme_directory = no
------------------------------------------sasl authenticated--------------------------------------------------
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_path = smtpd
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_banner = $myhostname ESMTP "Version not Available"
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_invalid_hostname,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
check_relay_domains,
permit
我的/usr/local/lib/sasl2/smtpd.conf的內容如下:
Pwcheck_method: saslauthd
Mech_list: PALIN LOGIN
Log_level: 3
經過上面的步驟之後,當我進行驗證的時候,卻出現下面的問題:(到這個地方就停住了,後面的信息出不來了)
#telnet 127.0.0.1 25
Trying 127.0.0.1.......
connected to 127.0.0.1.
Escape character is '^]'.
下面是postfix的日誌記錄:
Sep 26 07:26:30 mail postfix/postfix-script: starting the Postfix mail system
Sep 26 07:26:30 mail postfix/master: daemon started -- version 2.4.5, configuration /etc/postfix
Sep 26 07:26:56 mail postfix/smtpd: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
Sep 26 07:26:56 mail postfix/smtpd: fatal: parameter "smtpd_recipient_restrictions": specify at least one working instance of: check_relay_domains, reject_unauth_destination, reject, defer or defer_if_permit
Sep 26 07:26:57 mail postfix/master: warning: process /usr/libexec/postfix/smtpd pid 15498 exit status 1
Sep 26 07:26:57 mail postfix/master: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
Sep 26 07:27:57 mail postfix/smtpd: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
Sep 26 07:27:57 mail postfix/smtpd: fatal: parameter "smtpd_recipient_restrictions": specify at least one working instance of: check_relay_domains, reject_unauth_destination, reject, defer or defer_if_permit
Sep 26 07:27:58 mail postfix/master: warning: process /usr/libexec/postfix/smtpd pid 15547 exit status 1
Sep 26 07:27:58 mail postfix/master: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
Sep 26 07:28:57 mail postfix/postfix-script: stopping the Postfix mail system
Sep 26 07:28:57 mail postfix/master: terminating on signal 15
請大家幫我看看!謝謝了!
[ 本帖最後由 ypxns 於 2007-10-11 12:18 編輯 ]
《解決方案》
回復 #1 ypxns 的帖子
怎麼沒有人呢???大家有沒有碰到過這樣的情況啊!!!!
《解決方案》
原帖由 ypxns 於 2007-10-5 09:44 發表 http://bbs.chinaunix.net/images/common/back.gif
怎麼沒有人呢???大家有沒有碰到過這樣的情況啊!!!!
錯誤訊息不都告訴你了呢 ?
Sep 26 07:26:56 mail postfix/smtpd: fatal: parameter "smtpd_recipient_restrictions": specify at least one working instance of: check_relay_domains, reject_unauth_destination, reject, defer or defer_if_permit
check_relay_domains 在 postfix 2.x 已經過時了,應該使用其他 keyword 替代。而一般設定最後都是拒絕存取,所以配置會像是:
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination
而你的設定不正確還有就是,rejct_unauth_destination 後面還有其他東西,那些敘述根本檢查不到。
--
《解決方案》
回復 #3 kenduest 的帖子
我看了一下文檔,check_relay_domains 這個選項沒有再用了!這個選項是我當初看到日誌紀錄提示的信息加上去的!後來我改成下面的形式:
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sasl_path = smtpd
smtpd_banner = Welcome to my $myhostname ESMTP.Warning:Version not Available!
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_unknown_sender_domain,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
reject_unauth_destination
可是仍然出現上面的問題!
我把smtpd_recipient_restrictions 註釋掉,情況依然存在!
下面是我的日誌紀錄:
Oct 6 09:09:13 mail postfix/postfix-script: starting the Postfix mail system
Oct 6 09:09:14 mail postfix/master: daemon started -- version 2.4.5, configuration /etc/postfix
Oct 6 09:10:41 mail postfix/smtpd: running: PATH=/bin:/usr/bin:/usr/local/bin; (strace -p 1509 2>&1 | logger -p mail.info) & sleep 5
Oct 6 09:10:47 mail logger: wait4(1510, , 0, NULL) = 1510
Oct 6 09:10:47 mail logger: rt_sigaction(SIGINT, {SIG_DFL}, NULL, 8) = 0
Oct 6 09:10:47 mail logger: rt_sigaction(SIGQUIT, {SIG_DFL}, NULL, 8) = 0
Oct 6 09:10:47 mail logger: rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
Oct 6 09:10:47 mail logger: --- SIGCHLD (Child exited) @ 0 (0) ---
Oct 6 09:10:47 mail logger: open("pid/inet.smtp", O_RDWR) = 8
Oct 6 09:10:47 mail logger: fstat64(8, {st_mode=S_IFREG|0600, st_size=0, ...}) = 0
Oct 6 09:10:47 mail logger: lstat64("pid/inet.smtp", {st_mode=S_IFREG|0600, st_size=0, ...}) = 0
Oct 6 09:10:47 mail logger: fcntl64(8, F_GETFD) = 0
Oct 6 09:10:47 mail logger: fcntl64(8, F_SETFD, FD_CLOEXEC) = 0
Oct 6 09:10:47 mail logger: chdir("/var/spool/postfix") = 0
Oct 6 09:10:47 mail logger: getuid32() = 0
Oct 6 09:10:47 mail logger: access("private/proxymap", F_OK) = 0
Oct 6 09:10:47 mail logger: socket(PF_UNIX, SOCK_STREAM, 0) = 9
Oct 6 09:10:47 mail logger: fcntl64(9, F_GETFL) = 0x2 (flags O_RDWR)
Oct 6 09:10:47 mail logger: fcntl64(9, F_SETFL, O_RDWR) = 0
Oct 6 09:10:47 mail logger: connect(9, {sa_family=AF_UNIX, path="private/proxymap"}, 110) = 0
Oct 6 09:10:47 mail logger: gettimeofday({1191633047, 6649}, NULL) = 0
Oct 6 09:10:47 mail logger: fcntl64(9, F_GETFD) = 0
Oct 6 09:10:47 mail logger: fcntl64(9, F_SETFD, FD_CLOEXEC) = 0
Oct 6 09:10:47 mail logger: getrlimit(0x7, 0xbffff938) = 0
Oct 6 09:10:47 mail logger: setrlimit(RLIMIT_NOFILE, {rlim_cur=1024, rlim_max=1024}) = 0
Oct 6 09:10:47 mail logger: time() = 1191633047
Oct 6 09:10:47 mail last message repeated 2 times
Oct 6 09:10:47 mail logger: poll([{fd=9, events=POLLOUT, revents=POLLOUT}], 1, 3600000) = 1
Oct 6 09:10:47 mail logger: write(9, "request\0open\0table\0unix:passwd.b"..., 51) = 51
Oct 6 09:10:47 mail logger: gettimeofday({1191633047, 8501}, NULL) = 0
Oct 6 09:10:47 mail logger: poll([{fd=9, events=POLLIN, revents=POLLIN}], 1, 3600000) = 1
Oct 6 09:10:47 mail postfix/smtpd: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
Oct 6 09:10:47 mail logger: read(9, "status\0000\0flags\00016464\0\0", 4096) = 22
Oct 6 09:10:47 mail postfix/master: warning: process /usr/libexec/postfix/smtpd pid 1509 exit status 127
Oct 6 09:10:47 mail logger: gettimeofday({1191633047, 59442}, NULL) = 0
Oct 6 09:10:47 mail postfix/master: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
Oct 6 09:10:47 mail logger: open("/etc/aliases.db", O_RDONLY) = 10
Oct 6 09:10:47 mail logger: flock(10, LOCK_SH) = 0
Oct 6 09:10:47 mail logger: getpid() = 1509
Oct 6 09:10:47 mail logger: stat64("/etc/aliases.db", {st_mode=S_IFREG|0640, st_size=12288, ...}) = 0
Oct 6 09:10:47 mail logger: open("/etc/aliases.db", O_RDONLY|O_LARGEFILE) = 11
Oct 6 09:10:47 mail logger: fcntl64(11, F_SETFD, FD_CLOEXEC) = 0
Oct 6 09:10:47 mail logger: read(11, "\0\0\0\0\1\0\0\0\0\0\0\0a\25\6\0\10\0\0\0\0\20\0\0\0\10"..., 512) = 512
Oct 6 09:10:47 mail logger: getcwd("/var/spool/postfix", 1024) = 19
Oct 6 09:10:47 mail logger: stat64("DB_CONFIG", 0xbffff5f0) = -1 ENOENT (No such file or directory)
Oct 6 09:10:47 mail logger: open("DB_CONFIG", O_RDONLY|O_LARGEFILE) = -1 ENOENT (No such file or directory)
Oct 6 09:10:47 mail logger: stat64("/var/tmp", {st_mode=S_IFDIR|S_ISVTX|0777, st_size=4096, ...}) = 0
Oct 6 09:10:47 mail logger: time() = 1191633047
Oct 6 09:10:47 mail logger: gettimeofday({1191633047, 188916}, NULL) = 0
Oct 6 09:10:47 mail logger: brk(0) = 0x80a1000
Oct 6 09:10:47 mail logger: brk(0x80a2000) = 0x80a2000
Oct 6 09:10:47 mail logger: open("/etc/mtab", O_RDONLY) = 12
Oct 6 09:10:47 mail logger: fstat64(12, {st_mode=S_IFREG|0644, st_size=145, ...}) = 0
Oct 6 09:10:47 mail logger: mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40017000
Oct 6 09:10:47 mail logger: read(12, "/dev/sda3 / ext3 rw 0 0\nnone /pr"..., 4096) = 145
Oct 6 09:10:47 mail logger: close(12) = 0
Oct 6 09:10:47 mail logger: munmap(0x40017000, 4096) = 0
Oct 6 09:10:47 mail logger: open("/proc/stat", O_RDONLY) = 12
Oct 6 09:10:47 mail logger: fstat64(12, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
Oct 6 09:10:47 mail logger: mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40017000
Oct 6 09:10:47 mail logger: read(12, "cpu 315 0 2413 33104\ncpu0 315 0"..., 4096) = 217
Oct 6 09:10:47 mail logger: read(12, "", 4096) = 0
Oct 6 09:10:47 mail logger: close(12) = 0
Oct 6 09:10:47 mail logger: munmap(0x40017000, 4096) = 0
Oct 6 09:10:47 mail logger: stat64("__db.002", 0xbffff6a0) = -1 ENOENT (No such file or directory)
Oct 6 09:10:47 mail logger: mmap2(NULL, 237568, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40317000
Oct 6 09:10:47 mail logger: stat64("__db.003", 0xbffff630) = -1 ENOENT (No such file or directory)
Oct 6 09:10:47 mail logger: open("/etc/aliases.db", O_RDONLY|O_LARGEFILE) = 12
Oct 6 09:10:47 mail logger: fcntl64(12, F_SETFD, FD_CLOEXEC) = 0
Oct 6 09:10:47 mail logger: fstat64(12, {st_mode=S_IFREG|0640, st_size=12288, ...}) = 0
Oct 6 09:10:47 mail logger: brk(0) = 0x80a2000
Oct 6 09:10:47 mail logger: brk(0x80a3000) = 0x80a3000
Oct 6 09:10:47 mail logger: brk(0) = 0x80a3000
Oct 6 09:10:47 mail logger: brk(0x80a4000) = 0x80a4000
Oct 6 09:10:47 mail logger: pread(12, "\0\0\0\0\1\0\0\0\0\0\0\0a\25\6\0\10\0\0\0\0\20\0\0\0\10"..., 4096, 0) = 4096
Oct 6 09:10:47 mail logger: flock(10, LOCK_UN) = 0
Oct 6 09:10:47 mail logger: close(10) = 0
Oct 6 09:10:47 mail logger: fstat64(12, {st_mode=S_IFREG|0640, st_size=12288, ...}) = 0
Oct 6 09:10:47 mail logger: stat64("/etc/aliases", {st_mode=S_IFREG|0644, st_size=1343, ...}) = 0
Oct 6 09:10:47 mail logger: fcntl64(12, F_GETFD) = 0x1 (flags FD_CLOEXEC)
Oct 6 09:10:47 mail logger: fcntl64(12, F_SETFD, FD_CLOEXEC) = 0
Oct 6 09:10:47 mail logger: fcntl64(12, F_GETFD) = 0x1 (flags FD_CLOEXEC)
Oct 6 09:10:47 mail logger: fcntl64(12, F_SETFD, FD_CLOEXEC) = 0
Oct 6 09:10:47 mail logger: uname({sys="Linux", node="mail.pp.com", ...}) = 0
Oct 6 09:10:47 mail logger: brk(0) = 0x80a4000
Oct 6 09:10:47 mail logger: brk(0x80a6000) = 0x80a6000
Oct 6 09:10:47 mail logger: time() = 1191633047
Oct 6 09:10:47 mail logger: getpid() = 1509
Oct 6 09:10:47 mail logger: rt_sigaction(SIGPIPE, {0x420dac60, [], SA_RESTORER, 0x420275c8}, {SIG_IGN}, 8) = 0
Oct 6 09:10:47 mail logger: send(7, "<20>Oct 6 09:10:47 postfix/smtp"..., 111, 0) = 111
Oct 6 09:10:47 mail logger: rt_sigaction(SIGPIPE, {SIG_IGN}, NULL, 8) = 0
Oct 6 09:10:47 mail logger: writev(2, [{"smtpd", 5}, {": ", 2}, {"relocation error", 16}, {": ", 2}, {"smtpd", 5}, {": ", 2}, {"undefined symbol: sasl_version_i"..., 35}, {"", 0}, {"", 0}, {"\n", 1}], 10) = 68
Oct 6 09:10:47 mail logger: exit_group(127) = ?
《解決方案》
回復 #3 kenduest 的帖子
這個我在master.cf 裡面在smtp 這一行,將smtpd 該成smtpd -D(參見文檔)紀錄下來的:
Sep 27 02:49:05 mail postfix/postfix-script: starting the Postfix mail system
Sep 27 02:49:05 mail postfix/master: daemon started -- version 2.4.5, configuration /etc/postfix
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const mail
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const ipv4
Sep 27 02:49:16 mail postfix/smtpd: name_mask: ipv4
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const mail.pp.com
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const pp.com
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const Postfix
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const postfix
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const postfix
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const postdrop
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: expand $myhostname, localhost.$mydomain, localhost, $mydomain -> mail.pp.com, localhost.pp.com, localhost, pp.com
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: expand $mydomain -> pp.com
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const /usr/libexec/postfix
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const /usr/sbin
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const /var/spool/postfix
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const pid
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const all
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const double-bounce
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const nobody
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const hash:/etc/aliases
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 20070731
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 2.4.5
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const hash
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const deferred, defer
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: expand $mydestination -> mail.pp.com, localhost.pp.com, localhost, pp.com
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: expand $relay_domains -> mail.pp.com, localhost.pp.com, localhost, pp.com
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const TZ MAIL_CONFIG LANG
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG TZ XAUTHORITY DISPLAY LANG=C
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const subnet
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 127.0.0.1
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const +=
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const -=+
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqpd_authorized_clients,relay_domains,smtpd_access_maps
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const bounce
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const cleanup
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const defer
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const pickup
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const qmgr
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const rewrite
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const showq
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const error
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const flush
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const verify
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const trace
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 2
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 100s
Sep 27 02:49:16 mail last message repeated 3 times
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 3600s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 3600s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 5s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 5s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 1000s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 1000s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 10s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 10s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 1s
Sep 27 02:49:16 mail last message repeated 3 times
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 500s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 500s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 18000s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 18000s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 1s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 1s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 192.168.1.0/24, 127.0.0.0/8
Sep 27 02:49:16 mail postfix/smtpd: inet_addr_local: configured 2 IPv4 addresses
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 550
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: expand Welcome to my $myhostname ESMTP.Warning:Version not Available! -> Welcome to my mail.pp.com ESMTP.Warning:Version not Available!
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const resource, software
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const
Sep 27 02:49:16 mail last message repeated 2 times
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const permit_mynetworks, permit_sasl_authenticated, reject_invalid_hostname, reject_non_fqdn_hostname, reject_unknown_sender_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_unauth_destination
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const
Sep 27 02:49:16 mail last message repeated 4 times
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const postmaster
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const
Sep 27 02:49:16 mail last message repeated 2 times
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: expand $virtual_maps ->
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const hash:/etc/aliases, nis:mail.aliases
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: expand proxy:unix:passwd.byname $alias_maps -> proxy:unix:passwd.byname hash:/etc/aliases, nis:mail.aliases
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const noanonymous
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const smtpd
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: expand $myhostname -> mail.pp.com
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const
Sep 27 02:49:16 mail last message repeated 4 times
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const CONNECT GET POST
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const <>
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const postmaster
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: expand $authorized_verp_clients ->
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: expand $myhostname -> mail.pp.com
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const
Sep 27 02:49:16 mail last message repeated 2 times
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: expand ${smtpd_client_connection_limit_exceptions:$mynetworks} -> 192.168.1.0/24, 127.0.0.0/8
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const permit_inet_interfaces
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const
Sep 27 02:49:16 mail last message repeated 2 times
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: expand $smtpd_sasl_security_options -> noanonymous
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: expand $smtpd_tls_cert_file ->
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: expand $smtpd_tls_dcert_file ->
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const medium
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const ALL:!EXPORT:!LOW:+RC4:@STRENGTH
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const ALL:!EXPORT:+RC4:@STRENGTH
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const ALL:+RC4:@STRENGTH
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const eNULL:!aNULL
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const SSLv3, TLSv1
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const
Sep 27 02:49:16 mail last message repeated 2 times
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const cyrus
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const j {daemon_name} v
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const {tls_version} {cipher} {cipher_bits} {cert_subject} {cert_issuer}
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const i {auth_type} {auth_authen} {auth_author} {mail_addr}
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const i {rcpt_addr}
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const i
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const i
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 2
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const tempfail
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: expand $myhostname -> mail.pp.com
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: expand $mail_name $mail_version -> Postfix 2.4.5
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const yes
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const yes
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 300s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 300s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 1s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 0
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 0
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 100s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 100s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 3s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 3s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 100s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 100s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 300s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 300s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 1000s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 1000s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 300s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 300s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 3600s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 3600s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 30s
Sep 27 02:49:16 mail last message repeated 3 times
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 300s
Sep 27 02:49:16 mail postfix/smtpd: dict_eval: const 300s
Sep 27 02:49:16 mail postfix/smtpd: process generation: 3 (3)
Sep 27 02:49:16 mail postfix/smtpd: match_string: mynetworks ~? debug_peer_list
Sep 27 02:49:16 mail postfix/smtpd: match_string: mynetworks ~? fast_flush_domains
Sep 27 02:49:16 mail postfix/smtpd: match_string: mynetworks ~? mynetworks
Sep 27 02:49:16 mail postfix/smtpd: match_string: relay_domains ~? debug_peer_list
Sep 27 02:49:16 mail postfix/smtpd: match_string: relay_domains ~? fast_flush_domains
Sep 27 02:49:16 mail postfix/smtpd: match_string: relay_domains ~? mynetworks
Sep 27 02:49:16 mail postfix/smtpd: match_string: relay_domains ~? permit_mx_backup_networks
Sep 27 02:49:16 mail postfix/smtpd: match_string: relay_domains ~? qmqpd_authorized_clients
Sep 27 02:49:16 mail postfix/smtpd: match_string: relay_domains ~? relay_domains
Sep 27 02:49:16 mail postfix/smtpd: match_string: permit_mx_backup_networks ~? debug_peer_list
Sep 27 02:49:16 mail postfix/smtpd: match_string: permit_mx_backup_networks ~? fast_flush_domains
Sep 27 02:49:16 mail postfix/smtpd: match_string: permit_mx_backup_networks ~? mynetworks
Sep 27 02:49:16 mail postfix/smtpd: match_string: permit_mx_backup_networks ~? permit_mx_backup_networks
Sep 27 02:49:16 mail postfix/smtpd: connect to subsystem private/proxymap
Sep 27 02:49:16 mail postfix/smtpd: send attr request = open
Sep 27 02:49:16 mail postfix/smtpd: send attr table = unix:passwd.byname
Sep 27 02:49:16 mail postfix/smtpd: send attr flags = 16448
Sep 27 02:49:16 mail postfix/smtpd: private/proxymap socket: wanted attribute: status
Sep 27 02:49:16 mail postfix/smtpd: input attribute name: status
Sep 27 02:49:16 mail postfix/smtpd: input attribute value: 0
Sep 27 02:49:16 mail postfix/smtpd: private/proxymap socket: wanted attribute: flags
Sep 27 02:49:16 mail postfix/smtpd: input attribute name: flags
Sep 27 02:49:16 mail postfix/smtpd: input attribute value: 16464
Sep 27 02:49:16 mail postfix/smtpd: private/proxymap socket: wanted attribute: (list terminator)
Sep 27 02:49:16 mail postfix/smtpd: input attribute name: (end)
Sep 27 02:49:16 mail postfix/smtpd: dict_proxy_open: connect to map=unix:passwd.byname status=0 server_flags=fixed|lock|fold_fix
Sep 27 02:49:16 mail postfix/smtpd: dict_open: proxy:unix:passwd.byname
Sep 27 02:49:16 mail postfix/smtpd: Compiled against Berkeley DB: 4.4.20?
Sep 27 02:49:16 mail postfix/smtpd: Run-time linked against Berkeley DB: 4.4.20?
Sep 27 02:49:16 mail postfix/smtpd: dict_open: hash:/etc/aliases
Sep 27 02:49:16 mail postfix/smtpd: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
Sep 27 02:49:16 mail postfix/smtpd: dict_nis_init: NIS domain
Sep 27 02:49:16 mail postfix/smtpd: dict_open: nis:mail.aliases
Sep 27 02:49:16 mail postfix/smtpd: match_string: smtpd_access_maps ~? debug_peer_list
Sep 27 02:49:16 mail postfix/smtpd: match_string: smtpd_access_maps ~? fast_flush_domains
Sep 27 02:49:16 mail postfix/smtpd: match_string: smtpd_access_maps ~? mynetworks
Sep 27 02:49:16 mail postfix/smtpd: match_string: smtpd_access_maps ~? permit_mx_backup_networks
Sep 27 02:49:16 mail postfix/smtpd: match_string: smtpd_access_maps ~? qmqpd_authorized_clients
Sep 27 02:49:16 mail postfix/smtpd: match_string: smtpd_access_maps ~? relay_domains
Sep 27 02:49:16 mail postfix/smtpd: match_string: smtpd_access_maps ~? smtpd_access_maps
Sep 27 02:49:16 mail postfix/smtpd: match_string: debug_peer_list ~? debug_peer_list
Sep 27 02:49:16 mail postfix/master: warning: process /usr/libexec/postfix/smtpd pid 17765 exit status 127
Sep 27 02:49:16 mail postfix/master: warning: /usr/libexec/postfix/smtpd: bad command startup – throttling
《解決方案》
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_invalid_hostname,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
check_relay_domains,
permit
這個你的原來的格式就是這樣嗎?你把接下來的參數中的至少一個直接添加在「=」後面再試一下。即形如以下:
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_invalid_hostname,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
check_relay_domains,
permit
《解決方案》
回復 #6 marion 的帖子
後來我改成以下的形式,結果還是一樣!
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_unknown_sender_domain,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
reject_unauth_destination
不知道問題出在哪個地方!!!!
《解決方案》
回復 #6 marion 的帖子
那是以前的做法,後來我改了一下,關於POSTFIX 和CYRUS SASL的編譯和配置我是按照你的做法的,可是結果就不一樣!
我的操作平台是RED Hat linux 9.0
[ 本帖最後由 ypxns 於 2007-10-7 12:59 編輯 ]
《解決方案》
回復 #8 ypxns 的帖子
#newaliases ??
《解決方案》
回復 #9 marion 的帖子
這一段時間沒有來了,關於為什麼postfix驗證通不過,原來問題是出在sasl上面(經過將試驗成功的日誌和失敗的日誌進行對比)
Oct 6 09:10:47 mail logger: writev(2, [{"smtpd", 5}, {": ", 2}, {"relocation error", 16}, {": ", 2}, {"smtpd", 5}, {": ", 2}, {"undefined symbol: sasl_version_i"..., 35}, {"", 0}, {"", 0}, {"\n", 1}], 10) = 68
Oct 6 09:10:47 mail logger: exit_group(127) = ?
當初是按照你的做法進行的,由於Red hat 9.0存在sasl2,我 在鏈接的時候
ln -sv /usr/local/cyrus-sasl2/lib/* /usr/lib
提示sasl2已經存在,所以 就沒有管它,導致系統無法正確識別sasl2
在此感謝marion和 kenduest 的幫助!
