Página 2 de 3 PrimeiroPrimeiro 123 ÚltimoÚltimo
+ Responder ao Tópico



  1. Citação Postado originalmente por fabiano_guru
    poste seu main.cf aqui para poder ajudar melhor.
    Fabiano,

    Acabei de lembrar que eu tinha salvo o postconf -n dele:

    Código :
    [root@ns1 ~]# postconf -n
    alias_database = hash:/etc/postfix/aliases
    alias_maps = hash:/etc/postfix/aliases
    broken_sasl_auth_clients = yes
    command_directory = /usr/sbin
    command_time_limit = 1h
    config_directory = /etc/postfix
    daemon_directory = /usr/libexec/postfix
    debug_peer_level = 2
    header_checks = regexp:/etc/postfix/maps/header_checks
    html_directory = no
    inet_interfaces = all
    local_destination_concurrency_limit = 2
    mail_owner = postfix
    mail_spool_directory = /var/mail
    mailbox_size_limit = 20000000
    mailq_path = /usr/bin/mailq.postfix
    manpage_directory = /usr/share/man
    maximal_queue_lifetime = 1d
    mime_header_checks = regexp:/etc/postfix/maps/mime_header_checks
    mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, email.$mydomain, www.$mydomain
    mydomain = cnett.com.br
    myhostname = email.cnett.com.br
    myorigin = $mydomain
    newaliases_path = /usr/bin/newaliases.postfix
    queue_directory = /var/spool/postfix
    readme_directory = /usr/share/doc/postfix-2.1.5/README_FILES
    sample_directory = /usr/share/doc/postfix-2.1.5/samples
    sendmail_path = /usr/sbin/sendmail.postfix
    setgid_group = postdrop
    smtpd_client_restrictions = reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, permit_mynetworks, reject_unauth_destination, reject_invalid_hostname, reject_rbl_client cn-kr.blackholes.us, reject_rbl_client singapore.blackholes.us, reject_rbl_client malaysia.blackholes.us, reject_rbl_client nigeria.blackholes.us, reject_rhsbl_sender dsn.rfc-ignorant.org, reject_rbl_client ipwhois.rfc-ignorant.org
    smtpd_helo_required = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated, reject
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    unknown_local_recipient_reject_code = 550

    Versões do postfix e do cyrus-sasl são as mesmas tanto no servidor que tá ok (email.cnett.com.br, aqui o sasl funciona perfeitamente) quanto no outro servidor (que nao funciona e usa um ip da minha rede interna que passa pelo meu gateway fazendo nat).

    Código :
    [root@ns1 ~]# rpm -q postfix cyrus-sasl
    postfix-2.1.5-5
    cyrus-sasl-2.1.19-3

  2. Citação Postado originalmente por scorpion
    lembrou de colocar no seu main.cf do postfix essas confs

    Código :
    broken_sasl_auth_clients = yes
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options =  noanonymous
     
    smtpd_recipient_restrictions =
      permit_mynetworks,
      permit_sasl_authenticated,
      reject_unauth_destination
    Scorpion,

    Eu não coloquei dessa forma, mas sim, coloquei isso.



  3. adiciona

    smtpd_recipient_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    reject_unauth_destination


    e faz um teste

  4. Citação Postado originalmente por scorpion
    adiciona

    smtpd_recipient_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    reject_unauth_destination


    e faz um teste
    scorpion,

    Eu to limpando a maquina, vou refazer toda a instalação. Olha só, no servidor que está funcionando eu coloquei assim:

    smtpd_recipient_restrictions = permit_sasl_authenticated, reject

    E a linha mynetorks fica comentada.



  5. Citação Postado originalmente por scorpion
    adiciona

    smtpd_recipient_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    reject_unauth_destination


    e faz um teste
    Scorpion,

    Assim funcionou mas o problema é que mesmo desmarcada a opção de autenticar no SMTP ele envia as mensagens... e não quero isso. Quero que todos os meus clientes precisem autenticar para usar o SMTP.

    Vou te mostrar o processo com o servidor que funciona:

    LOG de uma tentativa desmarcado a opcao de autenticar no login smtp:
    Código :
    Jan 13 16:41:03 ns1 postfix/smtpd[32179]: connect from unknown[172.30.0.14]
    Jan 13 16:41:03 ns1 postfix/smtpd[32179]: NOQUEUE: reject: RCPT from unknown[172.30.0.14]: 554 <nata@cnett.psi.br>: Recipient address rejected: Access denied; from=<gerente@cnett.com.br> to=<nata@cnett.psi.br> proto=SMTP helo=<NATANIEL>
    Jan 13 16:41:03 ns1 postfix/smtpd[32179]: disconnect from unknown[172.30.0.14]

    LOG do mesmo email, agora com a autenticacao marcada no outlook
    Código :
    Jan 13 16:42:20 ns1 postfix/smtpd[32200]: connect from unknown[172.30.0.14]
    Jan 13 16:42:20 ns1 postfix/smtpd[32200]: 18D6E16B23C: client=unknown[172.30.0.14], sasl_method=LOGIN, sasl_username=gerente
    Jan 13 16:42:20 ns1 postfix/cleanup[32208]: 18D6E16B23C: message-id=<002c01c61871$15a4c9d0$0e001eac@NATANIEL>
    Jan 13 16:42:20 ns1 postfix/qmgr[32164]: 18D6E16B23C: from=<gerente@cnett.com.br>, size=1354, nrcpt=1 (queue active)
    Jan 13 16:42:20 ns1 postfix/smtpd[32200]: disconnect from unknown[172.30.0.14]
    Jan 13 16:42:20 ns1 spamd[30704]: connection from localhost.localdomain [127.0.0.1] at port 33872
    Jan 13 16:42:20 ns1 spamd[30704]: info: setuid to clamav succeeded
    Jan 13 16:42:20 ns1 spamd[30704]: checking message <002c01c61871$15a4c9d0$0e001eac@NATANIEL> for clamav:500.
    Jan 13 16:42:20 ns1 spamd[30704]: clean message (-5.8/5.0) for clamav:500 in 0.3 seconds, 1349 bytes.
    Jan 13 16:42:20 ns1 spamd[30704]: result: . -5 - ALL_TRUSTED,AWL,BAYES_00,HTML_90_100,HTML_MESSAGE scantime=0.3,size=1349,mid=<002c01c61871$15a4c9d0$0e001eac@NATANIEL>,bayes=0,autolearn=ham
    Jan 13 16:42:20 ns1 spamd[25860]: connection from localhost.localdomain [127.0.0.1] at port 33873
    Jan 13 16:42:20 ns1 spamd[25860]: info: setuid to clamav succeeded
    Jan 13 16:42:20 ns1 spamd[25860]: processing message <002c01c61871$15a4c9d0$0e001eac@NATANIEL> for clamav:500.
    Jan 13 16:42:20 ns1 spamd[25860]: clean message (-5.8/5.0) for clamav:500 in 0.2 seconds, 1349 bytes.
    Jan 13 16:42:20 ns1 spamd[25860]: result: . -5 - ALL_TRUSTED,AWL,BAYES_00,HTML_90_100,HTML_MESSAGE scantime=0.2,size=1349,mid=<002c01c61871$15a4c9d0$0e001eac@NATANIEL>,bayes=0,autolearn=unavailable
    Jan 13 16:42:20 ns1 postfix/pickup[32163]: EE52D16B23F: uid=500 from=<gerente@cnett.com.br>
    Jan 13 16:42:20 ns1 postfix/cleanup[32208]: EE52D16B23F: message-id=<002c01c61871$15a4c9d0$0e001eac@NATANIEL>
    Jan 13 16:42:20 ns1 postfix/pipe[32209]: 18D6E16B23C: to=<nata@cnett.psi.br>, relay=clamav, delay=0, status=sent (clamav)
    Jan 13 16:42:20 ns1 postfix/qmgr[32164]: 18D6E16B23C: removed
    Jan 13 16:42:20 ns1 postfix/qmgr[32164]: EE52D16B23F: from=<gerente@cnett.com.br>, size=1703, nrcpt=1 (queue active)
    Jan 13 16:42:28 ns1 postfix/smtpd[32179]: connect from 200-161-112-130.dsl.telesp.net.br[200.161.112.130]
    Jan 13 16:42:29 ns1 postfix/smtp[32170]: EE52D16B23F: to=<nata@cnett.psi.br>, relay=cnett.psi.br[200.250.168.70], delay=9, status=sent (250 OK id=1ExTsb-0003wy-Mq)
    Jan 13 16:42:29 ns1 postfix/qmgr[32164]: EE52D16B23F: removed

    Ou seja... Nesse servidor ta funcionando. Agora o postconf -n:

    Código :
    alias_database = hash:/etc/postfix/aliases
    alias_maps = hash:/etc/postfix/aliases
    broken_sasl_auth_clients = yes
    command_directory = /usr/sbin
    command_time_limit = 1h
    config_directory = /etc/postfix
    daemon_directory = /usr/libexec/postfix
    debug_peer_level = 2
    header_checks = regexp:/etc/postfix/maps/header_checks
    html_directory = no
    inet_interfaces = all
    local_destination_concurrency_limit = 2
    mail_owner = postfix
    mail_spool_directory = /var/mail
    mailbox_size_limit = 20000000
    mailq_path = /usr/bin/mailq.postfix
    manpage_directory = /usr/share/man
    maximal_queue_lifetime = 1d
    mime_header_checks = regexp:/etc/postfix/maps/mime_header_checks
    mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, email.$mydomain, www.$mydomain
    mydomain = cnett.com.br
    myhostname = email.cnett.com.br
    myorigin = $mydomain
    newaliases_path = /usr/bin/newaliases.postfix
    queue_directory = /var/spool/postfix
    readme_directory = /usr/share/doc/postfix-2.1.5/README_FILES
    sample_directory = /usr/share/doc/postfix-2.1.5/samples
    sendmail_path = /usr/sbin/sendmail.postfix
    setgid_group = postdrop
    smtpd_client_restrictions = reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, permit_mynetworks, reject_unauth_destination, reject_invalid_hostname, reject_rbl_client cn-kr.blackholes.us, reject_rbl_client singapore.blackholes.us, reject_rbl_client malaysia.blackholes.us, reject_rbl_client nigeria.blackholes.us, reject_rhsbl_sender dsn.rfc-ignorant.org, reject_rbl_client ipwhois.rfc-ignorant.org
    smtpd_helo_required = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated, reject
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    unknown_local_recipient_reject_code = 550

    Agora no outro servidor, no que não funciona quando eu habilito a autenticação SMTP está assim o postconf -n:

    Código :
    alias_database = hash:/etc/postfix/aliases
    alias_maps = hash:/etc/postfix/aliases
    broken_sasl_auth_clients = yes
    command_directory = /usr/sbin
    command_time_limit = 1h
    config_directory = /etc/postfix
    daemon_directory = /usr/libexec/postfix
    debug_peer_level = 2
    header_checks = regexp:/etc/postfix/maps/header_checks
    html_directory = no
    inet_interfaces = all
    local_destination_concurrency_limit = 2
    mail_owner = postfix
    mail_spool_directory = /var/mail
    mailbox_size_limit = 20000000
    mailq_path = /usr/bin/mailq.postfix
    manpage_directory = /usr/share/man
    maximal_queue_lifetime = 1d
    mime_header_checks = regexp:/etc/postfix/maps/mime_header_checks
    mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, email.$mydomain, www.$mydomain
    mydomain = cnett.com.br
    myhostname = email.cnett.com.br
    myorigin = $mydomain
    newaliases_path = /usr/bin/newaliases.postfix
    queue_directory = /var/spool/postfix
    readme_directory = /usr/share/doc/postfix-2.1.5/README_FILES
    sample_directory = /usr/share/doc/postfix-2.1.5/samples
    sendmail_path = /usr/sbin/sendmail.postfix
    setgid_group = postdrop
    smtpd_client_restrictions = reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, permit_mynetworks, reject_unauth_destination, reject_invalid_hostname, reject_rbl_client cn-kr.blackholes.us, reject_rbl_client singapore.blackholes.us, reject_rbl_client malaysia.blackholes.us, reject_rbl_client nigeria.blackholes.us, reject_rhsbl_sender dsn.rfc-ignorant.org, reject_rbl_client ipwhois.rfc-ignorant.org
    smtpd_helo_required = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated, reject
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    unknown_local_recipient_reject_code = 550

    E sempre ao tentar enviar email a mesma mensagem aparece:

    Código :
    Jan 13 10:45:53 localhost postfix/smtpd[3111]: connect from unknown[172.30.0.14]
    Jan 13 10:45:53 localhost postfix/smtpd[3111]: NOQUEUE: reject: RCPT from unknown[172.30.0.14]: 554 <nata@cnett.psi.br>: Recipient address rejected: Access denied; from=<nata@cnett.com.br> to=<nata@cnett.psi.br> proto=ESMTP helo=<NATANIEL>
    Jan 13 10:45:53 localhost postfix/smtpd[3111]: disconnect from unknown[172.30.0.14]

    Tentei parando o sasl e apareceui a mesma mensagem. Estou achando que o Postfix nao procura no SASL:

    Código :
    [root@localhost log]# /etc/rc.d/init.d/saslauthd stop
    Stopping saslauthd:                                        [  OK  ]
    [root@localhost log]# tail /var/log/maillog
    [root@localhost log]# tail /var/log/maillog -n 3
    Jan 13 10:46:28 localhost postfix/smtpd[3111]: connect from unknown[172.30.0.14]
    Jan 13 10:46:28 localhost postfix/smtpd[3111]: NOQUEUE: reject: RCPT from unknown[172.30.0.14]: 554 <nata@cnett.psi.br>: Recipient address rejected: Access denied; from=<nata@cnett.com.br> to=<nata@cnett.psi.br> proto=ESMTP helo=<NATANIEL>
    Jan 13 10:46:28 localhost postfix/smtpd[3111]: disconnect from unknown[172.30.0.14]
    [root@localhost log]#

    Fiz um teste mais sinistro mudei o arquivo /usr/lib/sasl2/smtpd.conf e mudei a linha tirando o ": saslauthd" e coloquei "= saslauthd", reiniciei o sasl sem problemas e tentei enviar novamente. No outlook ele fica conectando e não sai disso e no log apareceu assim:

    Código :
    Jan 13 10:51:33 localhost postfix/smtpd[3144]: fatal: SASL per-process initialization failed
    Jan 13 10:51:34 localhost postfix/master[3101]: warning: process /usr/libexec/postfix/smtpd pid 3144 exit status 1
    Jan 13 10:51:34 localhost postfix/master[3101]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling

    Sinceramente estou perdido... Se puder me dar uma mão eu agradeço.






Tópicos Similares

  1. Postfix + sasl = não funciona
    Por roggy no fórum Servidores de Rede
    Respostas: 4
    Último Post: 30-06-2010, 13:30
  2. POstfix não autentica
    Por tiagoalgodas no fórum Servidores de Rede
    Respostas: 3
    Último Post: 01-09-2007, 16:36
  3. Postfix + Sasl! Nao funciona!!
    Por thelast no fórum Servidores de Rede
    Respostas: 3
    Último Post: 30-01-2007, 14:10
  4. Postfix não autentica SMTP (novos dados)
    Por nataniel no fórum Servidores de Rede
    Respostas: 0
    Último Post: 20-01-2006, 09:20
  5. postfix maldito!!!!não autentica smtp...
    Por Leyzem no fórum Servidores de Rede
    Respostas: 7
    Último Post: 27-03-2003, 10:21

Visite: BR-Linux ·  VivaOLinux ·  Dicas-L