Konfiguracja Postfix/Dovecot - b

giaur · Post autor: **giaur** » 12 lipca 2012, 11:02

Witam,

Informacje o moim systemie:

root@SERWER:/home/michal# dpkg -l | grep postfix
ii  postfix                              2.9.3-2                            i386         High-performance mail transport agent
ii  postfix-doc                          2.9.3-2                            all          Documentation for Postfix

Kod: Zaznacz cały

root@SERWER:/home/michal# dpkg -l | grep dovecot
ii  dovecot-common                       1:2.1.7-2                          all          Transitional package for dovecot
ii  dovecot-core                         1:2.1.7-2                          i386         secure mail server that supports mbox, maildir, dbox and mdbox mailboxes
ii  dovecot-gssapi                       1:2.1.7-2                          i386         GSSAPI authentication support for Dovecot
ii  dovecot-imapd                        1:2.1.7-2                          i386         secure IMAP server that supports mbox, maildir, dbox and mdbox mailboxes
ii  dovecot-ldap                         1:2.1.7-2                          i386         LDAP support for Dovecot
ii  dovecot-mysql                        1:2.1.7-2                          i386         MySQL support for Dovecot
ii  dovecot-pgsql                        1:2.1.7-2                          i386         PostgreSQL support for Dovecot
ii  dovecot-pop3d                        1:2.1.7-2                          i386         secure POP3 server that supports mbox, maildir, dbox and mdbox mailboxes
ii  dovecot-sieve                        1:2.1.7-2                          i386         sieve filters support for Dovecot
ii  dovecot-sqlite                       1:2.1.7-2                          i386         SQLite support for Dovecot

Kod: Zaznacz cały

root@SERWER:/home/michal# uname --all
Linux SERWER 3.2.0-3-686-pae #1 SMP Thu Jun 28 08:56:46 UTC 2012 i686 GNU/Linux

Postepuje zgodnie z poradnikiem (pdf) z tego linka: http://debian.linux.pl/threads/7287-Pos ... nfiguracja

Pliki konfiguracyjne:

/etc/postfix/main.cf:

Kod: Zaznacz cały

command_directory = /usr/sbin 
mail_owner = postfix 
mydomain = poczta.3-a.net
myhostname = poczta.3-a.net
myorigin = /etc/mailname 
alias_maps = hash:/etc/aliases 
alias_database = hash:/etc/aliases 
mydestination = $mydomain, $myhostname, localhost, localhost.localdomain, 
mynetworks = 127.0.0.0/8 
inet_interfaces = all 
inet_protocols = ipv4 
home_mailbox = Maildir/ 
mail_spool_directory = /home/ 
smtpd_banner = ESMTP on $myhostname ! 
mailbox_size_limit = 0 
recipient_delimiter = + 
biff = no 
append_dot_mydomain = no 
relayhost =


#AUTH SMTP 
smtpd_sasl_type = dovecot 
smtpd_sasl_path = private/auth 
smtpd_sasl_auth_enable = yes 
smtpd_sasl2_auth_enable = yes 
smtpd_sasl_security_options = noanonymous 
broken_sasl_auth_clients = yes 
smtpd_sasl_local_domain = $myhostname 


smtpd_recipient_restrictions = 
	permit_mynetworks, 
	permit_sasl_authenticated, 
	reject_unauth_destination, 
	reject_unknown_recipient_domain, 
	reject_non_fqdn_recipient 


smtpd_client_restrictions = 
	permit_sasl_authenticated, 
	#reject_unknown_client, 
	reject_rbl_client dul.dnsbl.sorbs.net, 
	reject_rbl_client list.dsbl.org, 
	reject_rbl_client sbl.spamhaus.org, 
	reject_rbl_client cbl.abuseat.org 


smtpd_sender_restrictions = 
	permit_sasl_authenticated, 
	reject_unknown_sender_domain, 
	reject_non_fqdn_sender, 
	reject_unknown_address 


#TLS 
smtpd_tls_auth_only = yes 
smtp_use_tls = yes 
smtpd_use_tls = yes 
smtp_tls_note_starttls_offer = yes 
smtpd_tls_key_file = /etc/postfix/ssl/mail.pem 
smtpd_tls_cert_file = /etc/postfix/ssl/mail.pem 
smtpd_tls_CAfile = /etc/postfix/ssl/mail.pem 
smtpd_tls_loglevel = 1 
smtpd_tls_received_header = yes 
smtpd_tls_session_cache_timeout = 3600s 
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache 
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache 
tls_random_source = dev:/dev/urandom

/etc/dovecot/dovecot.conf

Kod: Zaznacz cały

base_dir = /var/run/dovecot/ 
protocols = imap imaps pop3 pop3s 
listen = * 
disable_plaintext_auth = no 
shutdown_clients = yes 
#logi 
log_path=/var/log/dovecot.log 
info_log_path = /var/log/mail.log 
log_timestamp = "%Y-%m-%d %H:%M:%S " 
syslog_facility = mail 
login_process_size = 64 
login_greeting = Welcome. I’m ready ... 
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c 
login_log_format = %$: %s 
login_chroot = no 
login_user = dovecot 
login_process_per_connection = yes 
login_processes_count = 3 
login_max_processes_count = 128 
mail_location = maildir:~/Maildir 
#SSL 
ssl_disable = no 
ssl_cert_file = /etc/postfix/ssl/mail.pem 
ssl_key_file = /etc/postfix/ssl/mail.pem 
verbose_ssl = yes 
mail_access_groups = postfix 
protocol imap { 
} 
protocol pop3 { 
pop3_uidl_format = %08Xu%08Xv 
} 
protocol lda {
postmaster_address = [email protected] 
} 
auth_verbose = yes 
auth_debug = yes 
auth default { 
mechanisms = plain login 
passdb pam { 
} 
userdb passwd { 
} 
user = root 
socket listen { 
client { 
path = /var/spool/postfix/private/auth 
mode = 0660 
user = postfix 
group = postfix 
} 
} 
}

Startowanie dovecot (brak bledow, sa ostrzezenia):

Kod: Zaznacz cały

doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -n > dovecot-new.conf
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:2: 'imaps' protocol is no longer necessary, remove it
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:2: 'pop3s' protocol is no longer necessary, remove it
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:11: login_process_size has been replaced by service { vsz_limit }
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:15: login_chroot has been replaced by service { chroot }
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:16: login_user has been replaced by service { user }
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:17: login_process_per_connection has been replaced by service { service_count }
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:18: login_processes_count has been replaced by service { process_min_avail }
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:19: login_max_processes_count has been replaced by service { process_limit }
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:22: ssl_disable has been renamed to ssl
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:23: ssl_cert_file has been replaced by ssl_cert = <file
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:24: ssl_key_file has been replaced by ssl_key = <file
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:37: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:39: passdb pam {} has been replaced by passdb { driver=pam }
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:41: userdb passwd {} has been replaced by userdb { driver=passwd }
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:43: auth_user has been replaced by service auth { user }
[....] Starting IMAP/POP3 mail server: dovecotdoveconf: Warning: NOTE: You can get a new clean config file with: doveconf -n > dovecot-new.conf
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:2: 'imaps' protocol is no longer necessary, remove it
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:2: 'pop3s' protocol is no longer necessary, remove it
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:11: login_process_size has been replaced by service { vsz_limit }
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:15: login_chroot has been replaced by service { chroot }
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:16: login_user has been replaced by service { user }
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:17: login_process_per_connection has been replaced by service { service_count }
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:18: login_processes_count has been replaced by service { process_min_avail }
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:19: login_max_processes_count has been replaced by service { process_limit }
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:22: ssl_disable has been renamed to ssl
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:23: ssl_cert_file has been replaced by ssl_cert = <file
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:24: ssl_key_file has been replaced by ssl_key = <file
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:37: add auth_ prefix to all settings inside auth {} and remove the auth {} section completely
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:39: passdb pam {} has been replaced by passdb { driver=pam }
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:41: userdb passwd {} has been replaced by userdb { driver=passwd }
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:43: auth_user has been replaced by service auth { user }
. ok

Startowanie postfix:

Kod: Zaznacz cały

root@SERWER:/home/michal# /etc/init.d/postfix start
[....] Starting Postfix Mail Transport Agent: postfixpostconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl2_auth_enable=yes
postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl2_auth_enable=yes
postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl2_auth_enable=yes
postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl2_auth_enable=yes
postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl2_auth_enable=yes
postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl2_auth_enable=yes
/usr/sbin/postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl2_auth_enable=yes
/usr/sbin/postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl2_auth_enable=yes
/usr/sbin/postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl2_auth_enable=yes
/usr/sbin/postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl2_auth_enable=yes
/usr/sbin/postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl2_auth_enable=yes
/usr/sbin/postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl2_auth_enable=yes
/usr/sbin/postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl2_auth_enable=yes
/usr/sbin/postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl2_auth_enable=yes
/usr/sbin/postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl2_auth_enable=yes
/usr/sbin/postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl2_auth_enable=yes
/usr/sbin/postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl2_auth_enable=yes
/usr/sbin/postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl2_auth_enable=yes
/usr/sbin/postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl2_auth_enable=yes
/usr/sbin/postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl2_auth_enable=yes
/usr/sbin/postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl2_auth_enable=yes
/usr/sbin/postconf: warning: /etc/postfix/main.cf: unused parameter: smtpd_sasl2_auth_enable=yes
. ok

Oto co wykryl thunderbird na Windows 7 przy probie dodania konta pocztowego:

Załącznik 1111.jpg nie jest już dostępny

Jak widac, twierdzi ze jest blad autoryzacji - oczywiscie uzytkownik istnieje i haslo podawane jest dobre. Podpowiecie mi w czym problem?

gajosew · Post autor: **gajosew** » 13 lipca 2012, 20:51

A masz możliwość zalogowanie się lokalnie na pocztę przez jakiegoś klienta poczty?

giaur · Post autor: **giaur** » 14 lipca 2012, 11:47

Właśnie to sprawdziłem. Tak, lokalnie działa, ale pod warunkiem że łączę się na localhosta. Czyli, gdy w Thunderbirdzie podam localhost zamiast mojej domeny, to działa. Gdy podam moją domenę to nie działa nawet lokalnie - błąd autoryzacji. Webmaila już postawiłem (Roundcube), ale żeby działał musiałem podać localhost. Dodatkowo, konfiguracja w tamtym opisie jest błędna - gdy włączyłem ograniczenia antyspamowe tak jak było to tam opisane, odrzucał mi maile od wszystkich nadawców (żadna poczta do mnie nie dochodziła).

W czym może być problem? Czemu nie działa gdy łączę się przez moją domenę?

Dodatkowo, gdy już uporam się z powyższym, warto by włączyć szyfrowanie dla IMAP i POP3 i jakąś lepszą metodę uwierzytelniania - jeśli ma to być wystawione na zewnątrz. SSL też by się przydał, chociaż tutaj już kiepska sprawa bo i tak certyfikat nie będzi podpisany.

gajosew · Post autor: **gajosew** » 14 lipca 2012, 17:24

[LEFT]mydestination = $mydomain, $myhostname, localhost, localhost.localdomain, [/LEFT]

zmień na

mydestination = [LEFT]poczta.3-a.net[/LEFT]
, localhost, localhost.localdomain

może coś da

giaur · Post autor: **giaur** » 15 lipca 2012, 15:01

Nic to niestety nie zmieniło.

Konfiguracja Postfix/Dovecot - b

Konfiguracja Postfix/Dovecot - błąd autoryzacji użytkownika