[Postfix-br] Problema com auntenticação externa para enviar e-mails
Julio Cesar Covolato
julio em psi.com.br
Quinta Fevereiro 12 13:34:14 BRST 2015
Ok. Configure um cliente externo para usar a porta 587 para envios...
-----------------------------
_ Engº Julio Cesar Covolato
0v0 <julio at psi.com.br>
/(_)\ F: 55-11-3129-3366
^ ^ PSI INTERNET
-----------------------------
On 12/02/2015 13:13, Marcio L Santos wrote:
> Ola Julio, obrigado pela ajuda, a principio esta sim..... O meu
> master.cf esta assim:
>
> smtp inet n - n - - smtpd
> submission inet n - n - - smtpd
> -o smtpd_enforce_tls=yes
> -o smtpd_sasl_auth_enable=yes
> -o smtpd_client_restrictions=permit_sasl_authenticated,reject
> smtps inet n - n - - smtpd
> -o smtpd_tls_wrappermode=yes
> -o smtpd_sasl_auth_enable=yes
> -o smtpd_client_restrictions=permit_sasl_authenticated,reject
> #628 inet n - n - - qmqpd
> pickup fifo n - n 60 1 pickup
> cleanup unix n - n - 0 cleanup
> qmgr fifo n - n 300 1 qmgr
> #qmgr fifo n - n 300 1 oqmgr
> tlsmgr unix - - n 1000? 1 tlsmgr
> rewrite unix - - n - - trivial-rewrite
> bounce unix - - n - 0 bounce
> defer unix - - n - 0 bounce
> trace unix - - n - 0 bounce
> verify unix - - n - 1 verify
> flush unix n - n 1000? 0 flush
> proxymap unix - - n - - proxymap
> smtp unix - - n - - smtp
> # When relaying mail as backup MX, disable fallback_relay to avoid MX loops
> relay unix - - n - - smtp
> -o fallback_relay=
> # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
> # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
> showq unix n - n - - showq
> error unix - - n - - error
> discard unix - - n - - discard
> local unix - n n - - local
> virtual unix - n n - - virtual
> lmtp unix - - n - - lmtp
> anvil unix - - n - 1 anvil
> scache unix - - n - 1 scache
> #
> # ====================================================================
> # Interfaces to non-Postfix software. Be sure to examine the manual
> # pages of the non-Postfix software to find out what options it wants.
> #
> # Many of the following services use the Postfix pipe(8) delivery
> # agent. See the pipe(8) man page for information about ${recipient}
> # and other message envelope options.
> # ====================================================================
> #
> # maildrop. See the Postfix MAILDROP_README file for details.
> # Also specify in main.cf: maildrop_destination_recipient_limit=1
> #
> maildrop unix - n n - - pipe
> flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
> ##maildrop unix - n n - - pipe
> ## flags=DRhu user=vmail argv=/usr/bin/env SENDER=${sender}
> ## RECIPIENT=${recipient} EXTENSION=${extension} /usr/bin/maildrop
> ## -w 90 -d ${user}@${nexthop} ${extension} ${recipient} ${user} ${nexthop}
> #
> # The Cyrus deliver program has changed incompatibly, multiple times.
> #
> old-cyrus unix - n n - - pipe
> flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m
> ${extension} ${user}
> # Cyrus 2.1.5 (Amos Gouaux)
> # Also specify in main.cf: cyrus_destination_recipient_limit=1
> #cyrus unix - n n - - pipe
> # user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m
> ${extension} ${user}
> #
> # See the Postfix UUCP_README file for configuration details.
> #
> uucp unix - n n - - pipe
> flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
> #
> # Other external delivery methods.
> #
> ifmail unix - n n - - pipe
> flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
> bsmtp unix - n n - - pipe
> flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
>
> # Vacation
> vacation unix - n n - - pipe
> flags=Rq user=vacation argv=/var/spool/vacation/vacation.pl -f
> $(sender) ${recipient}
>
> ## DOVECOT ##
> dovecot unix - n n - - pipe
> flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d $(recipient)
> ## Amavis ##
> amavisfeed unix - - n - 2 lmtp
> -o lmtp_data_done_timeout=1200
> -o lmtp_send_xforward_command=yes
> -o disable_dns_lookups=yes
> -o max_use=20
>
> 127.0.0.1:10025 inet n - n - - smtpd
> -o content_filter=
> -o smtpd_delay_reject=no
> -o smtpd_client_restrictions=permit_mynetworks,reject
> -o smtpd_helo_restrictions=
> -o smtpd_sender_restrictions=
> -o smtpd_recipient_restrictions=permit_mynetworks,reject
> -o smtpd_data_restrictions=reject_unauth_pipelining
> -o smtpd_end_of_data_restrictions=
> -o smtpd_restriction_classes=
> -o mynetworks=127.0.0.0/8
> -o smtpd_error_sleep_time=0
> -o smtpd_soft_error_limit=1001
> -o smtpd_hard_error_limit=1000
> -o smtpd_client_connection_count_limit=0
> -o smtpd_client_connection_rate_limit=0
> -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings
> -o local_header_rewrite_clients=
> -o smtpd_milters=
> -o local_recipient_maps=
> -o relay_recipient_maps=
>
> 2015-02-12 12:52 GMT-02:00 Julio Cesar Covolato <julio at psi.com.br>:
>> Olá Marcio.
>>
>> Vc liberou a porta submission 587 ou smtps 465 para acessos externos?
>> Se não, adicione ao seu /etc/postfix/master.cf:
>>
>> submission inet n - n - - smtpd
>> -o smtpd_enforce_tls=yes
>> -o smtpd_sasl_auth_enable=yes
>> -o
>> smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
>> # -o content_filter=smtp-amavis:[127.0.0.1]:10026
>> -o syslog_name=postfix/submission
>> # -o receive_override_options=no_header_body_checks
>>
>> smtps inet n - n - - smtpd
>> -o smtpd_tls_wrappermode=yes
>> -o smtpd_sasl_auth_enable=yes
>> -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>> # -o content_filter=smtp-amavis:[127.0.0.1]:10026
>>
>>
>> E configure seus clientes para enviarem numa dessas portas.
>>
>> -----------------------------
>> _ Engº Julio Cesar Covolato
>> 0v0 <julio at psi.com.br>
>> /(_)\ F: 55-11-3129-3366
>> ^ ^ PSI INTERNET
>> -----------------------------
>>
>>
>> On 12/02/2015 11:28, Marcio L Santos wrote:
>>> Bom dia pessoal, tenho um postfix + mysql + dovecot rodando em um centos
>>> 5.6
>>> è uma máquina antiga "herdada" da antiga administração da TI.
>>> Esta com os dias contados, pois sera atualizado ( hardware e soft).
>>> Mas por enquanto tenho que ir levando como esta...
>>> Tudo funcionava bem, ate que de uns dias pra ca começou a dar problema
>>> na autenticação para envio de e-mails fora da rede ( ex celular), da
>>> usuario e senha invalido para o smtpd.
>>> Nos logs do postfix aparece isso na hora:
>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: 179.219.xxx.xxx:
>>> hostname xxxx.virtua.com.br verification failed: Name or service not
>>> known
>>> Feb 12 09:31:40 mail postfix/smtpd[333]: connect from
>>> unknown[179.219.xxx.xxx]
>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: SASL authentication
>>> failure: Password verification failed
>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: unknown[xxx.xxx]:
>>> SASL PLAIN authentication failed:
>>>
>>> Ja troquei a senha e nada, no webmail e no outlook na rede interna vai
>>> tranquilo, de fora so recebe.
>>>
>>> Vim uma sugestao nesse topico: https://www.virtualmin.com/node/12960
>>>
>>> Well, the issue that appears to be occurring above looks like a
>>> problem with Postfix talking to the saslauth daemon.
>>>
>>> I've seen that occur on older Ubuntu/Debian installs (in theory, that
>>> should be corrected with the current install.sh script).
>>>
>>> However, to resolve it, run this command as root:
>>>
>>> usermod -a -G sasl postfix
>>>
>>> And then restart Saslauthd:
>>>
>>> /etc/init.d/saslauthd restart
>>>
>>> And then give it another shot, that should do the trick!
>>>
>>> -Eric
>>>
>>>
>>> Poderia ser essa uma solução? Nao quis testar sem antes ter uma segunda
>>> opiniao.
>>> Obrigado.
>>> _______________________________________________
>>> Postfix-br mailing list
>>> Postfix-br at listas.softwarelivre.org
>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>
>> _______________________________________________
>> Postfix-br mailing list
>> Postfix-br at listas.softwarelivre.org
>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
> _______________________________________________
> Postfix-br mailing list
> Postfix-br at listas.softwarelivre.org
> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
More information about the Postfix-br
mailing list