overovani sasl a Postfix

Pátek Květen 31 06:49:46 CEST 2002

Dobry den,

mam nainstalovany RedHat 7.3 a tesil jsem se, ze zde bude Postfix s nainstalovany overovanim uzivatele. Bohuzel se tak nestalo a tak jsem se jal zkompilovat si svuj s podporou sasl. Vse problehlo podle me korektne, bohuzel se mi stále nedari se overit ani jednou metodou. Zkousel jsem zadat
do smtpd.conf i dalsi zpusoby overovani, zmenil prava na /etc/shadow i /etc/sasldb na 0644 ale stale nic. Chtelo by to nejaky debug sasl, ale nevim jak. Prikladam relevantni vypisy:

uzivatel ma jmeno tomas a heslo "heslo"

[root na localhost sasl]# sasldblistusers
user: tomas realm: localhost.localdomain mech: PLAIN
user: tomas realm: localhost.localdomain mech: CRAM-MD5
user: tomas realm: localhost.localdomain mech: DIGEST-MD5

May 26 15:52:24 localhost postfix/smtpd[27945]: > unknown[127.0.0.1]: 220 localhost.localdomain ESMTP Postfix
May 26 15:52:24 localhost postfix/smtpd[27945]: connect from unknown[127.0.0.1]
May 26 15:52:24 localhost postfix/smtpd[27945]: watchdog_pat: 0x80733b0
May 26 15:52:24 localhost postfix/smtpd[27945]: < unknown[127.0.0.1]: EHLO localhost.localdomain
May 26 15:52:24 localhost postfix/smtpd[27945]: > unknown[127.0.0.1]: 250-localhost.localdomain
May 26 15:52:24 localhost postfix/smtpd[27945]: > unknown[127.0.0.1]: 250-PIPELINING
May 26 15:52:24 localhost postfix/smtpd[27945]: > unknown[127.0.0.1]: 250-SIZE 10240000
May 26 15:52:24 localhost postfix/smtpd[27945]: > unknown[127.0.0.1]: 250-VRFY
May 26 15:52:24 localhost postfix/smtpd[27945]: > unknown[127.0.0.1]: 250-ETRN
May 26 15:52:24 localhost postfix/smtpd[27945]: > unknown[127.0.0.1]: 250-AUTH PLAIN LOGIN DIGEST-MD5 CRAM-MD5
May 26 15:52:24 localhost postfix/smtpd[27945]: > unknown[127.0.0.1]: 250-XVERP
May 26 15:52:24 localhost postfix/smtpd[27945]: > unknown[127.0.0.1]: 250 8BITMIME
May 26 15:52:24 localhost postfix/smtpd[27945]: watchdog_pat: 0x80733b0
May 26 15:52:25 localhost postfix/smtpd[27945]: < unknown[127.0.0.1]: AUTH DIGEST-MD5
May 26 15:52:25 localhost postfix/smtpd[27945]: smtpd_sasl_authenticate: sasl_method DIGEST-MD5
May 26 15:52:25 localhost postfix/smtpd[27945]: smtpd_sasl_authenticate: uncoded challenge: realm="localhost.localdomain",nonce="QnZDZuurz8RL27LzcuxGCqJJWL+oEjHDzTMxDZqFQtw=",qop="auth,auth-int",charset=utf-8,algorithm=md5-sess
May 26 15:52:25 localhost postfix/smtpd[27945]: > unknown[127.0.0.1]: 334 cmVhbG09ImxvY2FsaG9zdC5sb2NhbGRvbWFpbiIsbm9uY2U9IlFuWkRadXVyejhSTDI3THpjdXhHQ3FKSldMK29FakhEelRNeERacUZRdHc9Iixxb3A9ImF1dGgsYXV0aC1pbnQiLGNoYXJzZXQ9dXRmLTgsYWxnb3JpdGhtPW1kNS1zZXNz
May 26 15:52:25 localhost postfix/smtpd[27945]: < unknown[127.0.0.1]: Y2hhcnNldD11dGYtOCx1c2VybmFtZT0idG9tYXMiLHJlYWxtPSJsb2NhbGhvc3QubG9jYWxkb21haW4iLG5vbmNlPSJRblpEWnV1cno4UkwyN0x6Y3V4R0NxSkpXTCtvRWpIRHpUTXhEWnFGUXR3PSIsbmM9MDAwMDAwMDEsY25vbmNlPSJPVEV4TmpVPSIsZGlnZXN0LXVyaT0ic210cC9sb2NhbGhvc3QubG9jYWxkb21haW4iLHJlc3BvbnNlPTgyMGFiMmRkOTAwY2VhYmJmN2RkNzU0NzlhNzE5YWYyLHFvcD1hdXRo
May 26 15:52:25 localhost postfix/smtpd[27945]: smtpd_sasl_authenticate: decoded response: charset=utf-8,username="tomas",realm="localhost.localdomain",nonce="QnZDZuurz8RL27LzcuxGCqJJWL+oEjHDzTMxDZqFQtw=",nc=00000001,cnonce="OTExNjU=",digest-uri="smtp/localhost.localdomain",response=820ab2dd900ceabbf7dd75479a719af2,qop=auth
May 26 15:52:25 localhost postfix/smtpd[27945]: warning: unknown[127.0.0.1]: SASL DIGEST-MD5 authentication failed
May 26 15:52:25 localhost postfix/smtpd[27945]: > unknown[127.0.0.1]: 535 Error: authentication failed
May 26 15:52:30 localhost postfix/smtpd[27945]: watchdog_pat: 0x80733b0
May 26 15:52:30 localhost postfix/smtpd[27945]: < unknown[127.0.0.1]:
May 26 15:52:30 localhost postfix/smtpd[27945]: > unknown[127.0.0.1]: 500 Error: bad syntax
May 26 15:52:35 localhost postfix/smtpd[27945]: watchdog_pat: 0x80733b0
May 26 15:52:35 localhost postfix/smtpd[27945]: < unknown[127.0.0.1]: QUIT
May 26 15:52:35 localhost postfix/smtpd[27945]: > unknown[127.0.0.1]: 221 Bye
May 26 15:52:35 localhost postfix/smtpd[27945]: disconnect from unknown[127.0.0.1]

/usr/lib/sasl/smtpd.conf
pwcheck_method:sasldb

/etc/postfix/main.cf
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,check_relay_domains
smtpd_sasl_security_options = noanonymous