'[postfix-users] sasl authentication..pls help'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       postfix-users-id
Subject:    [postfix-users] sasl authentication..pls help
From:       Muhammad Reza <reza () mra ! co ! id>
Date:       2003-11-14 12:39:28
[Download RAW message or body]

dear List..

saya mencoba menggunakan feature smtp authenicated dari postfix-2.0.16 
via cyrus-sasl2 (port instllation) di FreeBSD-4.8
tapi saya ada masalah dengan Relay Access nya
1. output dari postconf -n.

broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
header_checks = regexp:/etc/postfix/header_check
inet_interfaces = all
local_destination_concurrency_limit = 10
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
maximal_queue_lifetime = 2d
mydomain = mra.co.id
myhostname = mx3.mra.co.id
mynetworks = 127.0.0.0/8,  172.16.0.25/32, 172.16.32.25/32, 
172.16.64.25/32, 172
.16.128.25/32, 172.16.64.26/32
mynetworks_style = subnet
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = no
relay_domains = mra.co.id, beastie.mra.co.id
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpd_banner = $myhostname NO UCE ESMTP
smtpd_helo_required = yes
smtpd_recipient_limit = 1000
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 450

2. Test
$perl -MMIME::Base64 -e 'print encode_base64("user\0user\0password");'
YmVhc3RpZQBiZWFzdGllAHB3cmV6YQ==
# telnet 172.16.0.229 25 (dari 172.16.0.231)
Trying 172.16.0.229...
Connected to 172.16.0.229.
Escape character is '^]'.
220 mx3.mra.co.id NO UCE ESMTP
ehlo mx3.mra.co.id
250-mx3.mra.co.id
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME
auth plain YmVhc3RpZQBiZWFzdGllAHB3cmV6YQ==
235 Authentication successful
mail from:reza@mra.co.id
250 Ok
rcpt to:reza@infosaham.com
554 <reza@infosaham.com>: Relay access denied
421 Error: timeout exceeded
Connection closed by foreign host.

3. egrep '(reject|error|warning|fatal|panic):' /var/log/maillog | grep 
Nov 14 11:51:48 mx3 postfix/smtpd[33944]: 050FB2E2BA: reject: RCPT from 
unknown[172.16.0.231]: 554 <reza@infosaham.com>: Relay access denied; 
from=<reza@mra.co.id> to=<reza@infosaham.com> proto=ESMTP 
helo=<mx3.mra.co.id>infosaham.com

4. cuplikan dari main.cf
smtpd_recepient_restriction =
        permit_sasl_authenticated,
        permit_mynetworks,
        check_relay_domains,
        reject_unknown_recipient_domain,
        reject_non_fqdn_recipient,
        reject_rbl_client relays.ordb.org,
        reject_rbl_client bl.spamcop.net,#sasl config
#sasl config
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
enable_sasl_authentication = yes
        reject_rhsbl_sender  dsn.rfc-ignorant.org,
        permit

5. sasl konfigurasi

$ cat /usr/local/lib/sasl2/smtpd.conf
pwcheck_method: saslauthd
mech_list: plain login
$ ps ax | grep sasl
21451  ??  Is     0:00.00 /usr/local/sbin/saslauthd -a getpwent

Kira kira apa yang salah yah dengan setingan saya, saya sudah coba 
googling dan bertanya ke chanell.
Mungkin dari postfix-user ada pencerahan. Atau ada cara lain untuk SMTP 
authentikasi via postfix (minus pop before smtp ) ?

O ya kalau saya berhasil saya ingin 
mnerjemahkan.http://yocum.org/faqs/postfix-tls-sasl.html.

regards
.:CoeLoen:.








[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic