Problema com auntenticação externa para enviar e-mails

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
12 messages Options
Reply | Threaded
Open this post in threaded view
|

Problema com auntenticação externa para enviar e-mails

Marcio L Santos
Bom dia pessoal, tenho um postfix + mysql + dovecot rodando em um centos 5.6
è uma máquina antiga "herdada" da antiga administração da TI.
Esta com os dias contados, pois sera atualizado ( hardware e soft).
Mas por enquanto tenho que ir levando como esta...
Tudo funcionava bem, ate que de uns dias pra ca começou a dar problema
na autenticação para envio de e-mails fora da rede ( ex celular), da
usuario e senha invalido para o smtpd.
Nos logs do postfix aparece isso na hora:
Feb 12 09:31:40 mail postfix/smtpd[333]: warning: 179.219.xxx.xxx:
hostname xxxx.virtua.com.br verification failed: Name or service not
known
Feb 12 09:31:40 mail postfix/smtpd[333]: connect from unknown[179.219.xxx.xxx]
Feb 12 09:31:40 mail postfix/smtpd[333]: warning: SASL authentication
failure: Password verification failed
Feb 12 09:31:40 mail postfix/smtpd[333]: warning: unknown[xxx.xxx]:
SASL PLAIN authentication failed:

Ja troquei a senha e nada, no webmail e no outlook na rede interna vai
tranquilo, de fora so recebe.

Vim uma sugestao nesse topico: https://www.virtualmin.com/node/12960

Well, the issue that appears to be occurring above looks like a
problem with Postfix talking to the saslauth daemon.

I've seen that occur on older Ubuntu/Debian installs (in theory, that
should be corrected with the current install.sh script).

However, to resolve it, run this command as root:

usermod -a -G sasl postfix

And then restart Saslauthd:

/etc/init.d/saslauthd restart

And then give it another shot, that should do the trick!

-Eric


Poderia ser essa uma solução? Nao quis testar sem antes ter uma segunda opiniao.
Obrigado.
_______________________________________________
Postfix-br mailing list
[hidden email]
http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
Reply | Threaded
Open this post in threaded view
|

Re: Problema com auntenticação externa para enviar e-mails

Julio Cesar Covolato
Olá Marcio.

Vc liberou a porta submission 587 ou smtps 465 para acessos externos?
Se não, adicione ao seu /etc/postfix/master.cf:

submission inet n       -       n       -       -       smtpd
   -o smtpd_enforce_tls=yes
   -o smtpd_sasl_auth_enable=yes
   -o
smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
#  -o content_filter=smtp-amavis:[127.0.0.1]:10026
   -o syslog_name=postfix/submission
#  -o receive_override_options=no_header_body_checks

smtps     inet  n       -       n       -       -       smtpd
   -o smtpd_tls_wrappermode=yes
   -o smtpd_sasl_auth_enable=yes
   -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o content_filter=smtp-amavis:[127.0.0.1]:10026


E configure seus clientes para enviarem numa dessas portas.

-----------------------------
     _    Engº Julio Cesar Covolato
    0v0   <[hidden email]>
   /(_)\  F: 55-11-3129-3366
    ^ ^   PSI INTERNET
-----------------------------

On 12/02/2015 11:28, Marcio L Santos wrote:

> Bom dia pessoal, tenho um postfix + mysql + dovecot rodando em um centos 5.6
> è uma máquina antiga "herdada" da antiga administração da TI.
> Esta com os dias contados, pois sera atualizado ( hardware e soft).
> Mas por enquanto tenho que ir levando como esta...
> Tudo funcionava bem, ate que de uns dias pra ca começou a dar problema
> na autenticação para envio de e-mails fora da rede ( ex celular), da
> usuario e senha invalido para o smtpd.
> Nos logs do postfix aparece isso na hora:
> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: 179.219.xxx.xxx:
> hostname xxxx.virtua.com.br verification failed: Name or service not
> known
> Feb 12 09:31:40 mail postfix/smtpd[333]: connect from unknown[179.219.xxx.xxx]
> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: SASL authentication
> failure: Password verification failed
> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: unknown[xxx.xxx]:
> SASL PLAIN authentication failed:
>
> Ja troquei a senha e nada, no webmail e no outlook na rede interna vai
> tranquilo, de fora so recebe.
>
> Vim uma sugestao nesse topico: https://www.virtualmin.com/node/12960
>
> Well, the issue that appears to be occurring above looks like a
> problem with Postfix talking to the saslauth daemon.
>
> I've seen that occur on older Ubuntu/Debian installs (in theory, that
> should be corrected with the current install.sh script).
>
> However, to resolve it, run this command as root:
>
> usermod -a -G sasl postfix
>
> And then restart Saslauthd:
>
> /etc/init.d/saslauthd restart
>
> And then give it another shot, that should do the trick!
>
> -Eric
>
>
> Poderia ser essa uma solução? Nao quis testar sem antes ter uma segunda opiniao.
> Obrigado.
> _______________________________________________
> Postfix-br mailing list
> [hidden email]
> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br

_______________________________________________
Postfix-br mailing list
[hidden email]
http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
Reply | Threaded
Open this post in threaded view
|

Re: Problema com auntenticação externa para enviar e-mails

Marcio L Santos
Ola Julio, obrigado pela ajuda, a principio esta sim..... O meu
master.cf esta assim:

smtp      inet  n       -       n       -       -       smtpd
submission inet n       -       n       -       -       smtpd
  -o smtpd_enforce_tls=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
smtps     inet  n       -       n       -       -       smtpd
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#628      inet  n       -       n       -       -       qmqpd
pickup    fifo  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       n       1000?   1       tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       n       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       n       -       -       smtp
        -o fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
discard   unix  -       -       n       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
scache    unix  -       -       n       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
 flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
##maildrop  unix  -       n       n       -       -       pipe
##  flags=DRhu user=vmail argv=/usr/bin/env SENDER=${sender}
##  RECIPIENT=${recipient} EXTENSION=${extension} /usr/bin/maildrop
##  -w 90 -d ${user}@${nexthop} ${extension} ${recipient} ${user} ${nexthop}
#
# The Cyrus deliver program has changed incompatibly, multiple times.
#
old-cyrus unix  -       n       n       -       -       pipe
  flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m
${extension} ${user}
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#cyrus     unix  -       n       n       -       -       pipe
#  user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m
${extension} ${user}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient

# Vacation
vacation  unix  -       n       n       -       -       pipe
     flags=Rq user=vacation argv=/var/spool/vacation/vacation.pl -f
$(sender) ${recipient}

## DOVECOT ##
dovecot unix - n n - - pipe
  flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d $(recipient)
## Amavis ##
amavisfeed unix    -       -       n        -      2     lmtp
    -o lmtp_data_done_timeout=1200
    -o lmtp_send_xforward_command=yes
    -o disable_dns_lookups=yes
    -o max_use=20

127.0.0.1:10025 inet n    -       n       -       -     smtpd
    -o content_filter=
    -o smtpd_delay_reject=no
    -o smtpd_client_restrictions=permit_mynetworks,reject
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o smtpd_data_restrictions=reject_unauth_pipelining
    -o smtpd_end_of_data_restrictions=
    -o smtpd_restriction_classes=
    -o mynetworks=127.0.0.0/8
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000
    -o smtpd_client_connection_count_limit=0
    -o smtpd_client_connection_rate_limit=0
    -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings
    -o local_header_rewrite_clients=
    -o smtpd_milters=
    -o local_recipient_maps=
    -o relay_recipient_maps=

2015-02-12 12:52 GMT-02:00 Julio Cesar Covolato <[hidden email]>:

> Olá Marcio.
>
> Vc liberou a porta submission 587 ou smtps 465 para acessos externos?
> Se não, adicione ao seu /etc/postfix/master.cf:
>
> submission inet n       -       n       -       -       smtpd
>   -o smtpd_enforce_tls=yes
>   -o smtpd_sasl_auth_enable=yes
>   -o
> smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
> #  -o content_filter=smtp-amavis:[127.0.0.1]:10026
>   -o syslog_name=postfix/submission
> #  -o receive_override_options=no_header_body_checks
>
> smtps     inet  n       -       n       -       -       smtpd
>   -o smtpd_tls_wrappermode=yes
>   -o smtpd_sasl_auth_enable=yes
>   -o smtpd_client_restrictions=permit_sasl_authenticated,reject
> #  -o content_filter=smtp-amavis:[127.0.0.1]:10026
>
>
> E configure seus clientes para enviarem numa dessas portas.
>
> -----------------------------
>     _    Engº Julio Cesar Covolato
>    0v0   <[hidden email]>
>   /(_)\  F: 55-11-3129-3366
>    ^ ^   PSI INTERNET
> -----------------------------
>
>
> On 12/02/2015 11:28, Marcio L Santos wrote:
>>
>> Bom dia pessoal, tenho um postfix + mysql + dovecot rodando em um centos
>> 5.6
>> è uma máquina antiga "herdada" da antiga administração da TI.
>> Esta com os dias contados, pois sera atualizado ( hardware e soft).
>> Mas por enquanto tenho que ir levando como esta...
>> Tudo funcionava bem, ate que de uns dias pra ca começou a dar problema
>> na autenticação para envio de e-mails fora da rede ( ex celular), da
>> usuario e senha invalido para o smtpd.
>> Nos logs do postfix aparece isso na hora:
>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: 179.219.xxx.xxx:
>> hostname xxxx.virtua.com.br verification failed: Name or service not
>> known
>> Feb 12 09:31:40 mail postfix/smtpd[333]: connect from
>> unknown[179.219.xxx.xxx]
>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: SASL authentication
>> failure: Password verification failed
>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: unknown[xxx.xxx]:
>> SASL PLAIN authentication failed:
>>
>> Ja troquei a senha e nada, no webmail e no outlook na rede interna vai
>> tranquilo, de fora so recebe.
>>
>> Vim uma sugestao nesse topico: https://www.virtualmin.com/node/12960
>>
>> Well, the issue that appears to be occurring above looks like a
>> problem with Postfix talking to the saslauth daemon.
>>
>> I've seen that occur on older Ubuntu/Debian installs (in theory, that
>> should be corrected with the current install.sh script).
>>
>> However, to resolve it, run this command as root:
>>
>> usermod -a -G sasl postfix
>>
>> And then restart Saslauthd:
>>
>> /etc/init.d/saslauthd restart
>>
>> And then give it another shot, that should do the trick!
>>
>> -Eric
>>
>>
>> Poderia ser essa uma solução? Nao quis testar sem antes ter uma segunda
>> opiniao.
>> Obrigado.
>> _______________________________________________
>> Postfix-br mailing list
>> [hidden email]
>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>
>
> _______________________________________________
> Postfix-br mailing list
> [hidden email]
> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
_______________________________________________
Postfix-br mailing list
[hidden email]
http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
Reply | Threaded
Open this post in threaded view
|

Re: Problema com auntenticação externa para enviar e-mails

Julio Cesar Covolato
Ok. Configure um cliente externo para usar a porta 587 para envios...

-----------------------------
     _    Engº Julio Cesar Covolato
    0v0   <[hidden email]>
   /(_)\  F: 55-11-3129-3366
    ^ ^   PSI INTERNET
-----------------------------

On 12/02/2015 13:13, Marcio L Santos wrote:

> Ola Julio, obrigado pela ajuda, a principio esta sim..... O meu
> master.cf esta assim:
>
> smtp      inet  n       -       n       -       -       smtpd
> submission inet n       -       n       -       -       smtpd
>    -o smtpd_enforce_tls=yes
>    -o smtpd_sasl_auth_enable=yes
>    -o smtpd_client_restrictions=permit_sasl_authenticated,reject
> smtps     inet  n       -       n       -       -       smtpd
>    -o smtpd_tls_wrappermode=yes
>    -o smtpd_sasl_auth_enable=yes
>    -o smtpd_client_restrictions=permit_sasl_authenticated,reject
> #628      inet  n       -       n       -       -       qmqpd
> pickup    fifo  n       -       n       60      1       pickup
> cleanup   unix  n       -       n       -       0       cleanup
> qmgr      fifo  n       -       n       300     1       qmgr
> #qmgr     fifo  n       -       n       300     1       oqmgr
> tlsmgr    unix  -       -       n       1000?   1       tlsmgr
> rewrite   unix  -       -       n       -       -       trivial-rewrite
> bounce    unix  -       -       n       -       0       bounce
> defer     unix  -       -       n       -       0       bounce
> trace     unix  -       -       n       -       0       bounce
> verify    unix  -       -       n       -       1       verify
> flush     unix  n       -       n       1000?   0       flush
> proxymap  unix  -       -       n       -       -       proxymap
> smtp      unix  -       -       n       -       -       smtp
> # When relaying mail as backup MX, disable fallback_relay to avoid MX loops
> relay     unix  -       -       n       -       -       smtp
>          -o fallback_relay=
> #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
> #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
> showq     unix  n       -       n       -       -       showq
> error     unix  -       -       n       -       -       error
> discard   unix  -       -       n       -       -       discard
> local     unix  -       n       n       -       -       local
> virtual   unix  -       n       n       -       -       virtual
> lmtp      unix  -       -       n       -       -       lmtp
> anvil     unix  -       -       n       -       1       anvil
> scache    unix  -       -       n       -       1       scache
> #
> # ====================================================================
> # Interfaces to non-Postfix software. Be sure to examine the manual
> # pages of the non-Postfix software to find out what options it wants.
> #
> # Many of the following services use the Postfix pipe(8) delivery
> # agent.  See the pipe(8) man page for information about ${recipient}
> # and other message envelope options.
> # ====================================================================
> #
> # maildrop. See the Postfix MAILDROP_README file for details.
> # Also specify in main.cf: maildrop_destination_recipient_limit=1
> #
> maildrop  unix  -       n       n       -       -       pipe
>   flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
> ##maildrop  unix  -       n       n       -       -       pipe
> ##  flags=DRhu user=vmail argv=/usr/bin/env SENDER=${sender}
> ##  RECIPIENT=${recipient} EXTENSION=${extension} /usr/bin/maildrop
> ##  -w 90 -d ${user}@${nexthop} ${extension} ${recipient} ${user} ${nexthop}
> #
> # The Cyrus deliver program has changed incompatibly, multiple times.
> #
> old-cyrus unix  -       n       n       -       -       pipe
>    flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m
> ${extension} ${user}
> # Cyrus 2.1.5 (Amos Gouaux)
> # Also specify in main.cf: cyrus_destination_recipient_limit=1
> #cyrus     unix  -       n       n       -       -       pipe
> #  user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m
> ${extension} ${user}
> #
> # See the Postfix UUCP_README file for configuration details.
> #
> uucp      unix  -       n       n       -       -       pipe
>    flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
> #
> # Other external delivery methods.
> #
> ifmail    unix  -       n       n       -       -       pipe
>    flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
> bsmtp     unix  -       n       n       -       -       pipe
>    flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
>
> # Vacation
> vacation  unix  -       n       n       -       -       pipe
>       flags=Rq user=vacation argv=/var/spool/vacation/vacation.pl -f
> $(sender) ${recipient}
>
> ## DOVECOT ##
> dovecot unix - n n - - pipe
>    flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d $(recipient)
> ## Amavis ##
> amavisfeed unix    -       -       n        -      2     lmtp
>      -o lmtp_data_done_timeout=1200
>      -o lmtp_send_xforward_command=yes
>      -o disable_dns_lookups=yes
>      -o max_use=20
>
> 127.0.0.1:10025 inet n    -       n       -       -     smtpd
>      -o content_filter=
>      -o smtpd_delay_reject=no
>      -o smtpd_client_restrictions=permit_mynetworks,reject
>      -o smtpd_helo_restrictions=
>      -o smtpd_sender_restrictions=
>      -o smtpd_recipient_restrictions=permit_mynetworks,reject
>      -o smtpd_data_restrictions=reject_unauth_pipelining
>      -o smtpd_end_of_data_restrictions=
>      -o smtpd_restriction_classes=
>      -o mynetworks=127.0.0.0/8
>      -o smtpd_error_sleep_time=0
>      -o smtpd_soft_error_limit=1001
>      -o smtpd_hard_error_limit=1000
>      -o smtpd_client_connection_count_limit=0
>      -o smtpd_client_connection_rate_limit=0
>      -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings
>      -o local_header_rewrite_clients=
>      -o smtpd_milters=
>      -o local_recipient_maps=
>      -o relay_recipient_maps=
>
> 2015-02-12 12:52 GMT-02:00 Julio Cesar Covolato <[hidden email]>:
>> Olá Marcio.
>>
>> Vc liberou a porta submission 587 ou smtps 465 para acessos externos?
>> Se não, adicione ao seu /etc/postfix/master.cf:
>>
>> submission inet n       -       n       -       -       smtpd
>>    -o smtpd_enforce_tls=yes
>>    -o smtpd_sasl_auth_enable=yes
>>    -o
>> smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
>> #  -o content_filter=smtp-amavis:[127.0.0.1]:10026
>>    -o syslog_name=postfix/submission
>> #  -o receive_override_options=no_header_body_checks
>>
>> smtps     inet  n       -       n       -       -       smtpd
>>    -o smtpd_tls_wrappermode=yes
>>    -o smtpd_sasl_auth_enable=yes
>>    -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>> #  -o content_filter=smtp-amavis:[127.0.0.1]:10026
>>
>>
>> E configure seus clientes para enviarem numa dessas portas.
>>
>> -----------------------------
>>      _    Engº Julio Cesar Covolato
>>     0v0   <[hidden email]>
>>    /(_)\  F: 55-11-3129-3366
>>     ^ ^   PSI INTERNET
>> -----------------------------
>>
>>
>> On 12/02/2015 11:28, Marcio L Santos wrote:
>>> Bom dia pessoal, tenho um postfix + mysql + dovecot rodando em um centos
>>> 5.6
>>> è uma máquina antiga "herdada" da antiga administração da TI.
>>> Esta com os dias contados, pois sera atualizado ( hardware e soft).
>>> Mas por enquanto tenho que ir levando como esta...
>>> Tudo funcionava bem, ate que de uns dias pra ca começou a dar problema
>>> na autenticação para envio de e-mails fora da rede ( ex celular), da
>>> usuario e senha invalido para o smtpd.
>>> Nos logs do postfix aparece isso na hora:
>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: 179.219.xxx.xxx:
>>> hostname xxxx.virtua.com.br verification failed: Name or service not
>>> known
>>> Feb 12 09:31:40 mail postfix/smtpd[333]: connect from
>>> unknown[179.219.xxx.xxx]
>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: SASL authentication
>>> failure: Password verification failed
>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: unknown[xxx.xxx]:
>>> SASL PLAIN authentication failed:
>>>
>>> Ja troquei a senha e nada, no webmail e no outlook na rede interna vai
>>> tranquilo, de fora so recebe.
>>>
>>> Vim uma sugestao nesse topico: https://www.virtualmin.com/node/12960
>>>
>>> Well, the issue that appears to be occurring above looks like a
>>> problem with Postfix talking to the saslauth daemon.
>>>
>>> I've seen that occur on older Ubuntu/Debian installs (in theory, that
>>> should be corrected with the current install.sh script).
>>>
>>> However, to resolve it, run this command as root:
>>>
>>> usermod -a -G sasl postfix
>>>
>>> And then restart Saslauthd:
>>>
>>> /etc/init.d/saslauthd restart
>>>
>>> And then give it another shot, that should do the trick!
>>>
>>> -Eric
>>>
>>>
>>> Poderia ser essa uma solução? Nao quis testar sem antes ter uma segunda
>>> opiniao.
>>> Obrigado.
>>> _______________________________________________
>>> Postfix-br mailing list
>>> [hidden email]
>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>
>> _______________________________________________
>> Postfix-br mailing list
>> [hidden email]
>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
> _______________________________________________
> Postfix-br mailing list
> [hidden email]
> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br

_______________________________________________
Postfix-br mailing list
[hidden email]
http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
Reply | Threaded
Open this post in threaded view
|

Re: Problema com auntenticação externa para enviar e-mails

Marcio L Santos
Mesmo erro....testei no celular com a porta 587, com autenticacao e
tls e tambem sem o tls....
Sempre da no celular quando vou configurar a saida:
535 5.7.0 Error; authentication failed: authentication failure
E os logs do postfix (maillog) a mesma coisa de antes
Feb 12 13:34:17 mail postfix/smtpd[4065]: warning: 179.219.xxx.xxx:
hostname xxx.virtua.com.br verification failed: Name or service not
known
Feb 12 13:34:17 mail postfix/smtpd[4065]: connect from unknown[179.219.xxx.xxx]
Feb 12 13:34:18 mail postfix/smtpd[4065]: warning: SASL authentication
failure: Password verification failed
Feb 12 13:34:18 mail postfix/smtpd[4065]: warning:
unknown[179.219.xxx.xxx]: SASL PLAIN authentication failed:
authentication failure

2015-02-12 13:34 GMT-02:00 Julio Cesar Covolato <[hidden email]>:

> Ok. Configure um cliente externo para usar a porta 587 para envios...
>
> -----------------------------
>     _    Engº Julio Cesar Covolato
>    0v0   <[hidden email]>
>   /(_)\  F: 55-11-3129-3366
>    ^ ^   PSI INTERNET
> -----------------------------
>
> On 12/02/2015 13:13, Marcio L Santos wrote:
>>
>> Ola Julio, obrigado pela ajuda, a principio esta sim..... O meu
>> master.cf esta assim:
>>
>> smtp      inet  n       -       n       -       -       smtpd
>> submission inet n       -       n       -       -       smtpd
>>    -o smtpd_enforce_tls=yes
>>    -o smtpd_sasl_auth_enable=yes
>>    -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>> smtps     inet  n       -       n       -       -       smtpd
>>    -o smtpd_tls_wrappermode=yes
>>    -o smtpd_sasl_auth_enable=yes
>>    -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>> #628      inet  n       -       n       -       -       qmqpd
>> pickup    fifo  n       -       n       60      1       pickup
>> cleanup   unix  n       -       n       -       0       cleanup
>> qmgr      fifo  n       -       n       300     1       qmgr
>> #qmgr     fifo  n       -       n       300     1       oqmgr
>> tlsmgr    unix  -       -       n       1000?   1       tlsmgr
>> rewrite   unix  -       -       n       -       -       trivial-rewrite
>> bounce    unix  -       -       n       -       0       bounce
>> defer     unix  -       -       n       -       0       bounce
>> trace     unix  -       -       n       -       0       bounce
>> verify    unix  -       -       n       -       1       verify
>> flush     unix  n       -       n       1000?   0       flush
>> proxymap  unix  -       -       n       -       -       proxymap
>> smtp      unix  -       -       n       -       -       smtp
>> # When relaying mail as backup MX, disable fallback_relay to avoid MX
>> loops
>> relay     unix  -       -       n       -       -       smtp
>>          -o fallback_relay=
>> #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
>> #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
>> showq     unix  n       -       n       -       -       showq
>> error     unix  -       -       n       -       -       error
>> discard   unix  -       -       n       -       -       discard
>> local     unix  -       n       n       -       -       local
>> virtual   unix  -       n       n       -       -       virtual
>> lmtp      unix  -       -       n       -       -       lmtp
>> anvil     unix  -       -       n       -       1       anvil
>> scache    unix  -       -       n       -       1       scache
>> #
>> # ====================================================================
>> # Interfaces to non-Postfix software. Be sure to examine the manual
>> # pages of the non-Postfix software to find out what options it wants.
>> #
>> # Many of the following services use the Postfix pipe(8) delivery
>> # agent.  See the pipe(8) man page for information about ${recipient}
>> # and other message envelope options.
>> # ====================================================================
>> #
>> # maildrop. See the Postfix MAILDROP_README file for details.
>> # Also specify in main.cf: maildrop_destination_recipient_limit=1
>> #
>> maildrop  unix  -       n       n       -       -       pipe
>>   flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
>> ##maildrop  unix  -       n       n       -       -       pipe
>> ##  flags=DRhu user=vmail argv=/usr/bin/env SENDER=${sender}
>> ##  RECIPIENT=${recipient} EXTENSION=${extension} /usr/bin/maildrop
>> ##  -w 90 -d ${user}@${nexthop} ${extension} ${recipient} ${user}
>> ${nexthop}
>> #
>> # The Cyrus deliver program has changed incompatibly, multiple times.
>> #
>> old-cyrus unix  -       n       n       -       -       pipe
>>    flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m
>> ${extension} ${user}
>> # Cyrus 2.1.5 (Amos Gouaux)
>> # Also specify in main.cf: cyrus_destination_recipient_limit=1
>> #cyrus     unix  -       n       n       -       -       pipe
>> #  user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m
>> ${extension} ${user}
>> #
>> # See the Postfix UUCP_README file for configuration details.
>> #
>> uucp      unix  -       n       n       -       -       pipe
>>    flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
>> ($recipient)
>> #
>> # Other external delivery methods.
>> #
>> ifmail    unix  -       n       n       -       -       pipe
>>    flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
>> bsmtp     unix  -       n       n       -       -       pipe
>>    flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop
>> $recipient
>>
>> # Vacation
>> vacation  unix  -       n       n       -       -       pipe
>>       flags=Rq user=vacation argv=/var/spool/vacation/vacation.pl -f
>> $(sender) ${recipient}
>>
>> ## DOVECOT ##
>> dovecot unix - n n - - pipe
>>    flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d
>> $(recipient)
>> ## Amavis ##
>> amavisfeed unix    -       -       n        -      2     lmtp
>>      -o lmtp_data_done_timeout=1200
>>      -o lmtp_send_xforward_command=yes
>>      -o disable_dns_lookups=yes
>>      -o max_use=20
>>
>> 127.0.0.1:10025 inet n    -       n       -       -     smtpd
>>      -o content_filter=
>>      -o smtpd_delay_reject=no
>>      -o smtpd_client_restrictions=permit_mynetworks,reject
>>      -o smtpd_helo_restrictions=
>>      -o smtpd_sender_restrictions=
>>      -o smtpd_recipient_restrictions=permit_mynetworks,reject
>>      -o smtpd_data_restrictions=reject_unauth_pipelining
>>      -o smtpd_end_of_data_restrictions=
>>      -o smtpd_restriction_classes=
>>      -o mynetworks=127.0.0.0/8
>>      -o smtpd_error_sleep_time=0
>>      -o smtpd_soft_error_limit=1001
>>      -o smtpd_hard_error_limit=1000
>>      -o smtpd_client_connection_count_limit=0
>>      -o smtpd_client_connection_rate_limit=0
>>      -o
>> receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings
>>      -o local_header_rewrite_clients=
>>      -o smtpd_milters=
>>      -o local_recipient_maps=
>>      -o relay_recipient_maps=
>>
>> 2015-02-12 12:52 GMT-02:00 Julio Cesar Covolato <[hidden email]>:
>>>
>>> Olá Marcio.
>>>
>>> Vc liberou a porta submission 587 ou smtps 465 para acessos externos?
>>> Se não, adicione ao seu /etc/postfix/master.cf:
>>>
>>> submission inet n       -       n       -       -       smtpd
>>>    -o smtpd_enforce_tls=yes
>>>    -o smtpd_sasl_auth_enable=yes
>>>    -o
>>>
>>> smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
>>> #  -o content_filter=smtp-amavis:[127.0.0.1]:10026
>>>    -o syslog_name=postfix/submission
>>> #  -o receive_override_options=no_header_body_checks
>>>
>>> smtps     inet  n       -       n       -       -       smtpd
>>>    -o smtpd_tls_wrappermode=yes
>>>    -o smtpd_sasl_auth_enable=yes
>>>    -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>>> #  -o content_filter=smtp-amavis:[127.0.0.1]:10026
>>>
>>>
>>> E configure seus clientes para enviarem numa dessas portas.
>>>
>>> -----------------------------
>>>      _    Engº Julio Cesar Covolato
>>>     0v0   <[hidden email]>
>>>    /(_)\  F: 55-11-3129-3366
>>>     ^ ^   PSI INTERNET
>>> -----------------------------
>>>
>>>
>>> On 12/02/2015 11:28, Marcio L Santos wrote:
>>>>
>>>> Bom dia pessoal, tenho um postfix + mysql + dovecot rodando em um centos
>>>> 5.6
>>>> è uma máquina antiga "herdada" da antiga administração da TI.
>>>> Esta com os dias contados, pois sera atualizado ( hardware e soft).
>>>> Mas por enquanto tenho que ir levando como esta...
>>>> Tudo funcionava bem, ate que de uns dias pra ca começou a dar problema
>>>> na autenticação para envio de e-mails fora da rede ( ex celular), da
>>>> usuario e senha invalido para o smtpd.
>>>> Nos logs do postfix aparece isso na hora:
>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: 179.219.xxx.xxx:
>>>> hostname xxxx.virtua.com.br verification failed: Name or service not
>>>> known
>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: connect from
>>>> unknown[179.219.xxx.xxx]
>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: SASL authentication
>>>> failure: Password verification failed
>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: unknown[xxx.xxx]:
>>>> SASL PLAIN authentication failed:
>>>>
>>>> Ja troquei a senha e nada, no webmail e no outlook na rede interna vai
>>>> tranquilo, de fora so recebe.
>>>>
>>>> Vim uma sugestao nesse topico: https://www.virtualmin.com/node/12960
>>>>
>>>> Well, the issue that appears to be occurring above looks like a
>>>> problem with Postfix talking to the saslauth daemon.
>>>>
>>>> I've seen that occur on older Ubuntu/Debian installs (in theory, that
>>>> should be corrected with the current install.sh script).
>>>>
>>>> However, to resolve it, run this command as root:
>>>>
>>>> usermod -a -G sasl postfix
>>>>
>>>> And then restart Saslauthd:
>>>>
>>>> /etc/init.d/saslauthd restart
>>>>
>>>> And then give it another shot, that should do the trick!
>>>>
>>>> -Eric
>>>>
>>>>
>>>> Poderia ser essa uma solução? Nao quis testar sem antes ter uma segunda
>>>> opiniao.
>>>> Obrigado.
>>>> _______________________________________________
>>>> Postfix-br mailing list
>>>> [hidden email]
>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>>
>>>
>>> _______________________________________________
>>> Postfix-br mailing list
>>> [hidden email]
>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>
>> _______________________________________________
>> Postfix-br mailing list
>> [hidden email]
>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>
>
> _______________________________________________
> Postfix-br mailing list
> [hidden email]
> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
_______________________________________________
Postfix-br mailing list
[hidden email]
http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
Reply | Threaded
Open this post in threaded view
|

Re: Problema com auntenticação externa para enviar e-mails

Marcio L Santos
Julio, aquela opção que comentei no primeiro post e reproduzo abaixo,
poderia ajudar? Ou nao tem nada a ver?
Nao executei pois tenho receio de piorar ao inves de ajudar .....

https://www.virtualmin.com/node/12960

Well, the issue that appears to be occurring above looks like a
problem with Postfix talking to the saslauth daemon.

I've seen that occur on older Ubuntu/Debian installs (in theory, that
should be corrected with the current install.sh script).

However, to resolve it, run this command as root:

usermod -a -G sasl postfix

And then restart Saslauthd:

/etc/init.d/saslauthd restart

2015-02-12 13:47 GMT-02:00 Marcio L Santos <[hidden email]>:

> Mesmo erro....testei no celular com a porta 587, com autenticacao e
> tls e tambem sem o tls....
> Sempre da no celular quando vou configurar a saida:
> 535 5.7.0 Error; authentication failed: authentication failure
> E os logs do postfix (maillog) a mesma coisa de antes
> Feb 12 13:34:17 mail postfix/smtpd[4065]: warning: 179.219.xxx.xxx:
> hostname xxx.virtua.com.br verification failed: Name or service not
> known
> Feb 12 13:34:17 mail postfix/smtpd[4065]: connect from unknown[179.219.xxx.xxx]
> Feb 12 13:34:18 mail postfix/smtpd[4065]: warning: SASL authentication
> failure: Password verification failed
> Feb 12 13:34:18 mail postfix/smtpd[4065]: warning:
> unknown[179.219.xxx.xxx]: SASL PLAIN authentication failed:
> authentication failure
>
> 2015-02-12 13:34 GMT-02:00 Julio Cesar Covolato <[hidden email]>:
>> Ok. Configure um cliente externo para usar a porta 587 para envios...
>>
>> -----------------------------
>>     _    Engº Julio Cesar Covolato
>>    0v0   <[hidden email]>
>>   /(_)\  F: 55-11-3129-3366
>>    ^ ^   PSI INTERNET
>> -----------------------------
>>
>> On 12/02/2015 13:13, Marcio L Santos wrote:
>>>
>>> Ola Julio, obrigado pela ajuda, a principio esta sim..... O meu
>>> master.cf esta assim:
>>>
>>> smtp      inet  n       -       n       -       -       smtpd
>>> submission inet n       -       n       -       -       smtpd
>>>    -o smtpd_enforce_tls=yes
>>>    -o smtpd_sasl_auth_enable=yes
>>>    -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>>> smtps     inet  n       -       n       -       -       smtpd
>>>    -o smtpd_tls_wrappermode=yes
>>>    -o smtpd_sasl_auth_enable=yes
>>>    -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>>> #628      inet  n       -       n       -       -       qmqpd
>>> pickup    fifo  n       -       n       60      1       pickup
>>> cleanup   unix  n       -       n       -       0       cleanup
>>> qmgr      fifo  n       -       n       300     1       qmgr
>>> #qmgr     fifo  n       -       n       300     1       oqmgr
>>> tlsmgr    unix  -       -       n       1000?   1       tlsmgr
>>> rewrite   unix  -       -       n       -       -       trivial-rewrite
>>> bounce    unix  -       -       n       -       0       bounce
>>> defer     unix  -       -       n       -       0       bounce
>>> trace     unix  -       -       n       -       0       bounce
>>> verify    unix  -       -       n       -       1       verify
>>> flush     unix  n       -       n       1000?   0       flush
>>> proxymap  unix  -       -       n       -       -       proxymap
>>> smtp      unix  -       -       n       -       -       smtp
>>> # When relaying mail as backup MX, disable fallback_relay to avoid MX
>>> loops
>>> relay     unix  -       -       n       -       -       smtp
>>>          -o fallback_relay=
>>> #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
>>> #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
>>> showq     unix  n       -       n       -       -       showq
>>> error     unix  -       -       n       -       -       error
>>> discard   unix  -       -       n       -       -       discard
>>> local     unix  -       n       n       -       -       local
>>> virtual   unix  -       n       n       -       -       virtual
>>> lmtp      unix  -       -       n       -       -       lmtp
>>> anvil     unix  -       -       n       -       1       anvil
>>> scache    unix  -       -       n       -       1       scache
>>> #
>>> # ====================================================================
>>> # Interfaces to non-Postfix software. Be sure to examine the manual
>>> # pages of the non-Postfix software to find out what options it wants.
>>> #
>>> # Many of the following services use the Postfix pipe(8) delivery
>>> # agent.  See the pipe(8) man page for information about ${recipient}
>>> # and other message envelope options.
>>> # ====================================================================
>>> #
>>> # maildrop. See the Postfix MAILDROP_README file for details.
>>> # Also specify in main.cf: maildrop_destination_recipient_limit=1
>>> #
>>> maildrop  unix  -       n       n       -       -       pipe
>>>   flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
>>> ##maildrop  unix  -       n       n       -       -       pipe
>>> ##  flags=DRhu user=vmail argv=/usr/bin/env SENDER=${sender}
>>> ##  RECIPIENT=${recipient} EXTENSION=${extension} /usr/bin/maildrop
>>> ##  -w 90 -d ${user}@${nexthop} ${extension} ${recipient} ${user}
>>> ${nexthop}
>>> #
>>> # The Cyrus deliver program has changed incompatibly, multiple times.
>>> #
>>> old-cyrus unix  -       n       n       -       -       pipe
>>>    flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m
>>> ${extension} ${user}
>>> # Cyrus 2.1.5 (Amos Gouaux)
>>> # Also specify in main.cf: cyrus_destination_recipient_limit=1
>>> #cyrus     unix  -       n       n       -       -       pipe
>>> #  user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m
>>> ${extension} ${user}
>>> #
>>> # See the Postfix UUCP_README file for configuration details.
>>> #
>>> uucp      unix  -       n       n       -       -       pipe
>>>    flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
>>> ($recipient)
>>> #
>>> # Other external delivery methods.
>>> #
>>> ifmail    unix  -       n       n       -       -       pipe
>>>    flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
>>> bsmtp     unix  -       n       n       -       -       pipe
>>>    flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop
>>> $recipient
>>>
>>> # Vacation
>>> vacation  unix  -       n       n       -       -       pipe
>>>       flags=Rq user=vacation argv=/var/spool/vacation/vacation.pl -f
>>> $(sender) ${recipient}
>>>
>>> ## DOVECOT ##
>>> dovecot unix - n n - - pipe
>>>    flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d
>>> $(recipient)
>>> ## Amavis ##
>>> amavisfeed unix    -       -       n        -      2     lmtp
>>>      -o lmtp_data_done_timeout=1200
>>>      -o lmtp_send_xforward_command=yes
>>>      -o disable_dns_lookups=yes
>>>      -o max_use=20
>>>
>>> 127.0.0.1:10025 inet n    -       n       -       -     smtpd
>>>      -o content_filter=
>>>      -o smtpd_delay_reject=no
>>>      -o smtpd_client_restrictions=permit_mynetworks,reject
>>>      -o smtpd_helo_restrictions=
>>>      -o smtpd_sender_restrictions=
>>>      -o smtpd_recipient_restrictions=permit_mynetworks,reject
>>>      -o smtpd_data_restrictions=reject_unauth_pipelining
>>>      -o smtpd_end_of_data_restrictions=
>>>      -o smtpd_restriction_classes=
>>>      -o mynetworks=127.0.0.0/8
>>>      -o smtpd_error_sleep_time=0
>>>      -o smtpd_soft_error_limit=1001
>>>      -o smtpd_hard_error_limit=1000
>>>      -o smtpd_client_connection_count_limit=0
>>>      -o smtpd_client_connection_rate_limit=0
>>>      -o
>>> receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings
>>>      -o local_header_rewrite_clients=
>>>      -o smtpd_milters=
>>>      -o local_recipient_maps=
>>>      -o relay_recipient_maps=
>>>
>>> 2015-02-12 12:52 GMT-02:00 Julio Cesar Covolato <[hidden email]>:
>>>>
>>>> Olá Marcio.
>>>>
>>>> Vc liberou a porta submission 587 ou smtps 465 para acessos externos?
>>>> Se não, adicione ao seu /etc/postfix/master.cf:
>>>>
>>>> submission inet n       -       n       -       -       smtpd
>>>>    -o smtpd_enforce_tls=yes
>>>>    -o smtpd_sasl_auth_enable=yes
>>>>    -o
>>>>
>>>> smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
>>>> #  -o content_filter=smtp-amavis:[127.0.0.1]:10026
>>>>    -o syslog_name=postfix/submission
>>>> #  -o receive_override_options=no_header_body_checks
>>>>
>>>> smtps     inet  n       -       n       -       -       smtpd
>>>>    -o smtpd_tls_wrappermode=yes
>>>>    -o smtpd_sasl_auth_enable=yes
>>>>    -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>>>> #  -o content_filter=smtp-amavis:[127.0.0.1]:10026
>>>>
>>>>
>>>> E configure seus clientes para enviarem numa dessas portas.
>>>>
>>>> -----------------------------
>>>>      _    Engº Julio Cesar Covolato
>>>>     0v0   <[hidden email]>
>>>>    /(_)\  F: 55-11-3129-3366
>>>>     ^ ^   PSI INTERNET
>>>> -----------------------------
>>>>
>>>>
>>>> On 12/02/2015 11:28, Marcio L Santos wrote:
>>>>>
>>>>> Bom dia pessoal, tenho um postfix + mysql + dovecot rodando em um centos
>>>>> 5.6
>>>>> è uma máquina antiga "herdada" da antiga administração da TI.
>>>>> Esta com os dias contados, pois sera atualizado ( hardware e soft).
>>>>> Mas por enquanto tenho que ir levando como esta...
>>>>> Tudo funcionava bem, ate que de uns dias pra ca começou a dar problema
>>>>> na autenticação para envio de e-mails fora da rede ( ex celular), da
>>>>> usuario e senha invalido para o smtpd.
>>>>> Nos logs do postfix aparece isso na hora:
>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: 179.219.xxx.xxx:
>>>>> hostname xxxx.virtua.com.br verification failed: Name or service not
>>>>> known
>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: connect from
>>>>> unknown[179.219.xxx.xxx]
>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: SASL authentication
>>>>> failure: Password verification failed
>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: unknown[xxx.xxx]:
>>>>> SASL PLAIN authentication failed:
>>>>>
>>>>> Ja troquei a senha e nada, no webmail e no outlook na rede interna vai
>>>>> tranquilo, de fora so recebe.
>>>>>
>>>>> Vim uma sugestao nesse topico: https://www.virtualmin.com/node/12960
>>>>>
>>>>> Well, the issue that appears to be occurring above looks like a
>>>>> problem with Postfix talking to the saslauth daemon.
>>>>>
>>>>> I've seen that occur on older Ubuntu/Debian installs (in theory, that
>>>>> should be corrected with the current install.sh script).
>>>>>
>>>>> However, to resolve it, run this command as root:
>>>>>
>>>>> usermod -a -G sasl postfix
>>>>>
>>>>> And then restart Saslauthd:
>>>>>
>>>>> /etc/init.d/saslauthd restart
>>>>>
>>>>> And then give it another shot, that should do the trick!
>>>>>
>>>>> -Eric
>>>>>
>>>>>
>>>>> Poderia ser essa uma solução? Nao quis testar sem antes ter uma segunda
>>>>> opiniao.
>>>>> Obrigado.
>>>>> _______________________________________________
>>>>> Postfix-br mailing list
>>>>> [hidden email]
>>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>>>
>>>>
>>>> _______________________________________________
>>>> Postfix-br mailing list
>>>> [hidden email]
>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>>
>>> _______________________________________________
>>> Postfix-br mailing list
>>> [hidden email]
>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>
>>
>> _______________________________________________
>> Postfix-br mailing list
>> [hidden email]
>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
_______________________________________________
Postfix-br mailing list
[hidden email]
http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
Reply | Threaded
Open this post in threaded view
|

Re: Problema com auntenticação externa para enviar e-mails

Marcio L Santos
Mias um teste realizado hoje
Os comandos:
 testsaslauthd -s smtp -u <myusername> -p <mypassword>
 testsaslauthd -s smtpd -u <myusername> -p <mypassword>
 testsaslauthd -u <myusername> -p <mypassword>

Retornaram: 0: NO "authentication failed"
E nos logs ( messages):

Feb 13 08:38:57 mail saslauthd[1925]: do_auth         : auth failure:
[user=teste] [service=smtpd] [realm=] [mech=pam] [reason=PAM auth
error]
Feb 13 08:39:07 mail saslauthd[1927]: do_auth         : auth failure:
[user=teste] [service=imap] [realm=] [mech=pam] [reason=PAM auth
error]

2015-02-13 8:07 GMT-02:00 Marcio L Santos <[hidden email]>:

> Julio, aquela opção que comentei no primeiro post e reproduzo abaixo,
> poderia ajudar? Ou nao tem nada a ver?
> Nao executei pois tenho receio de piorar ao inves de ajudar .....
>
> https://www.virtualmin.com/node/12960
>
> Well, the issue that appears to be occurring above looks like a
> problem with Postfix talking to the saslauth daemon.
>
> I've seen that occur on older Ubuntu/Debian installs (in theory, that
> should be corrected with the current install.sh script).
>
> However, to resolve it, run this command as root:
>
> usermod -a -G sasl postfix
>
> And then restart Saslauthd:
>
> /etc/init.d/saslauthd restart
>
> 2015-02-12 13:47 GMT-02:00 Marcio L Santos <[hidden email]>:
>> Mesmo erro....testei no celular com a porta 587, com autenticacao e
>> tls e tambem sem o tls....
>> Sempre da no celular quando vou configurar a saida:
>> 535 5.7.0 Error; authentication failed: authentication failure
>> E os logs do postfix (maillog) a mesma coisa de antes
>> Feb 12 13:34:17 mail postfix/smtpd[4065]: warning: 179.219.xxx.xxx:
>> hostname xxx.virtua.com.br verification failed: Name or service not
>> known
>> Feb 12 13:34:17 mail postfix/smtpd[4065]: connect from unknown[179.219.xxx.xxx]
>> Feb 12 13:34:18 mail postfix/smtpd[4065]: warning: SASL authentication
>> failure: Password verification failed
>> Feb 12 13:34:18 mail postfix/smtpd[4065]: warning:
>> unknown[179.219.xxx.xxx]: SASL PLAIN authentication failed:
>> authentication failure
>>
>> 2015-02-12 13:34 GMT-02:00 Julio Cesar Covolato <[hidden email]>:
>>> Ok. Configure um cliente externo para usar a porta 587 para envios...
>>>
>>> -----------------------------
>>>     _    Engº Julio Cesar Covolato
>>>    0v0   <[hidden email]>
>>>   /(_)\  F: 55-11-3129-3366
>>>    ^ ^   PSI INTERNET
>>> -----------------------------
>>>
>>> On 12/02/2015 13:13, Marcio L Santos wrote:
>>>>
>>>> Ola Julio, obrigado pela ajuda, a principio esta sim..... O meu
>>>> master.cf esta assim:
>>>>
>>>> smtp      inet  n       -       n       -       -       smtpd
>>>> submission inet n       -       n       -       -       smtpd
>>>>    -o smtpd_enforce_tls=yes
>>>>    -o smtpd_sasl_auth_enable=yes
>>>>    -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>>>> smtps     inet  n       -       n       -       -       smtpd
>>>>    -o smtpd_tls_wrappermode=yes
>>>>    -o smtpd_sasl_auth_enable=yes
>>>>    -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>>>> #628      inet  n       -       n       -       -       qmqpd
>>>> pickup    fifo  n       -       n       60      1       pickup
>>>> cleanup   unix  n       -       n       -       0       cleanup
>>>> qmgr      fifo  n       -       n       300     1       qmgr
>>>> #qmgr     fifo  n       -       n       300     1       oqmgr
>>>> tlsmgr    unix  -       -       n       1000?   1       tlsmgr
>>>> rewrite   unix  -       -       n       -       -       trivial-rewrite
>>>> bounce    unix  -       -       n       -       0       bounce
>>>> defer     unix  -       -       n       -       0       bounce
>>>> trace     unix  -       -       n       -       0       bounce
>>>> verify    unix  -       -       n       -       1       verify
>>>> flush     unix  n       -       n       1000?   0       flush
>>>> proxymap  unix  -       -       n       -       -       proxymap
>>>> smtp      unix  -       -       n       -       -       smtp
>>>> # When relaying mail as backup MX, disable fallback_relay to avoid MX
>>>> loops
>>>> relay     unix  -       -       n       -       -       smtp
>>>>          -o fallback_relay=
>>>> #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
>>>> #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
>>>> showq     unix  n       -       n       -       -       showq
>>>> error     unix  -       -       n       -       -       error
>>>> discard   unix  -       -       n       -       -       discard
>>>> local     unix  -       n       n       -       -       local
>>>> virtual   unix  -       n       n       -       -       virtual
>>>> lmtp      unix  -       -       n       -       -       lmtp
>>>> anvil     unix  -       -       n       -       1       anvil
>>>> scache    unix  -       -       n       -       1       scache
>>>> #
>>>> # ====================================================================
>>>> # Interfaces to non-Postfix software. Be sure to examine the manual
>>>> # pages of the non-Postfix software to find out what options it wants.
>>>> #
>>>> # Many of the following services use the Postfix pipe(8) delivery
>>>> # agent.  See the pipe(8) man page for information about ${recipient}
>>>> # and other message envelope options.
>>>> # ====================================================================
>>>> #
>>>> # maildrop. See the Postfix MAILDROP_README file for details.
>>>> # Also specify in main.cf: maildrop_destination_recipient_limit=1
>>>> #
>>>> maildrop  unix  -       n       n       -       -       pipe
>>>>   flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
>>>> ##maildrop  unix  -       n       n       -       -       pipe
>>>> ##  flags=DRhu user=vmail argv=/usr/bin/env SENDER=${sender}
>>>> ##  RECIPIENT=${recipient} EXTENSION=${extension} /usr/bin/maildrop
>>>> ##  -w 90 -d ${user}@${nexthop} ${extension} ${recipient} ${user}
>>>> ${nexthop}
>>>> #
>>>> # The Cyrus deliver program has changed incompatibly, multiple times.
>>>> #
>>>> old-cyrus unix  -       n       n       -       -       pipe
>>>>    flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m
>>>> ${extension} ${user}
>>>> # Cyrus 2.1.5 (Amos Gouaux)
>>>> # Also specify in main.cf: cyrus_destination_recipient_limit=1
>>>> #cyrus     unix  -       n       n       -       -       pipe
>>>> #  user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m
>>>> ${extension} ${user}
>>>> #
>>>> # See the Postfix UUCP_README file for configuration details.
>>>> #
>>>> uucp      unix  -       n       n       -       -       pipe
>>>>    flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
>>>> ($recipient)
>>>> #
>>>> # Other external delivery methods.
>>>> #
>>>> ifmail    unix  -       n       n       -       -       pipe
>>>>    flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
>>>> bsmtp     unix  -       n       n       -       -       pipe
>>>>    flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop
>>>> $recipient
>>>>
>>>> # Vacation
>>>> vacation  unix  -       n       n       -       -       pipe
>>>>       flags=Rq user=vacation argv=/var/spool/vacation/vacation.pl -f
>>>> $(sender) ${recipient}
>>>>
>>>> ## DOVECOT ##
>>>> dovecot unix - n n - - pipe
>>>>    flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d
>>>> $(recipient)
>>>> ## Amavis ##
>>>> amavisfeed unix    -       -       n        -      2     lmtp
>>>>      -o lmtp_data_done_timeout=1200
>>>>      -o lmtp_send_xforward_command=yes
>>>>      -o disable_dns_lookups=yes
>>>>      -o max_use=20
>>>>
>>>> 127.0.0.1:10025 inet n    -       n       -       -     smtpd
>>>>      -o content_filter=
>>>>      -o smtpd_delay_reject=no
>>>>      -o smtpd_client_restrictions=permit_mynetworks,reject
>>>>      -o smtpd_helo_restrictions=
>>>>      -o smtpd_sender_restrictions=
>>>>      -o smtpd_recipient_restrictions=permit_mynetworks,reject
>>>>      -o smtpd_data_restrictions=reject_unauth_pipelining
>>>>      -o smtpd_end_of_data_restrictions=
>>>>      -o smtpd_restriction_classes=
>>>>      -o mynetworks=127.0.0.0/8
>>>>      -o smtpd_error_sleep_time=0
>>>>      -o smtpd_soft_error_limit=1001
>>>>      -o smtpd_hard_error_limit=1000
>>>>      -o smtpd_client_connection_count_limit=0
>>>>      -o smtpd_client_connection_rate_limit=0
>>>>      -o
>>>> receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings
>>>>      -o local_header_rewrite_clients=
>>>>      -o smtpd_milters=
>>>>      -o local_recipient_maps=
>>>>      -o relay_recipient_maps=
>>>>
>>>> 2015-02-12 12:52 GMT-02:00 Julio Cesar Covolato <[hidden email]>:
>>>>>
>>>>> Olá Marcio.
>>>>>
>>>>> Vc liberou a porta submission 587 ou smtps 465 para acessos externos?
>>>>> Se não, adicione ao seu /etc/postfix/master.cf:
>>>>>
>>>>> submission inet n       -       n       -       -       smtpd
>>>>>    -o smtpd_enforce_tls=yes
>>>>>    -o smtpd_sasl_auth_enable=yes
>>>>>    -o
>>>>>
>>>>> smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
>>>>> #  -o content_filter=smtp-amavis:[127.0.0.1]:10026
>>>>>    -o syslog_name=postfix/submission
>>>>> #  -o receive_override_options=no_header_body_checks
>>>>>
>>>>> smtps     inet  n       -       n       -       -       smtpd
>>>>>    -o smtpd_tls_wrappermode=yes
>>>>>    -o smtpd_sasl_auth_enable=yes
>>>>>    -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>>>>> #  -o content_filter=smtp-amavis:[127.0.0.1]:10026
>>>>>
>>>>>
>>>>> E configure seus clientes para enviarem numa dessas portas.
>>>>>
>>>>> -----------------------------
>>>>>      _    Engº Julio Cesar Covolato
>>>>>     0v0   <[hidden email]>
>>>>>    /(_)\  F: 55-11-3129-3366
>>>>>     ^ ^   PSI INTERNET
>>>>> -----------------------------
>>>>>
>>>>>
>>>>> On 12/02/2015 11:28, Marcio L Santos wrote:
>>>>>>
>>>>>> Bom dia pessoal, tenho um postfix + mysql + dovecot rodando em um centos
>>>>>> 5.6
>>>>>> è uma máquina antiga "herdada" da antiga administração da TI.
>>>>>> Esta com os dias contados, pois sera atualizado ( hardware e soft).
>>>>>> Mas por enquanto tenho que ir levando como esta...
>>>>>> Tudo funcionava bem, ate que de uns dias pra ca começou a dar problema
>>>>>> na autenticação para envio de e-mails fora da rede ( ex celular), da
>>>>>> usuario e senha invalido para o smtpd.
>>>>>> Nos logs do postfix aparece isso na hora:
>>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: 179.219.xxx.xxx:
>>>>>> hostname xxxx.virtua.com.br verification failed: Name or service not
>>>>>> known
>>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: connect from
>>>>>> unknown[179.219.xxx.xxx]
>>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: SASL authentication
>>>>>> failure: Password verification failed
>>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: unknown[xxx.xxx]:
>>>>>> SASL PLAIN authentication failed:
>>>>>>
>>>>>> Ja troquei a senha e nada, no webmail e no outlook na rede interna vai
>>>>>> tranquilo, de fora so recebe.
>>>>>>
>>>>>> Vim uma sugestao nesse topico: https://www.virtualmin.com/node/12960
>>>>>>
>>>>>> Well, the issue that appears to be occurring above looks like a
>>>>>> problem with Postfix talking to the saslauth daemon.
>>>>>>
>>>>>> I've seen that occur on older Ubuntu/Debian installs (in theory, that
>>>>>> should be corrected with the current install.sh script).
>>>>>>
>>>>>> However, to resolve it, run this command as root:
>>>>>>
>>>>>> usermod -a -G sasl postfix
>>>>>>
>>>>>> And then restart Saslauthd:
>>>>>>
>>>>>> /etc/init.d/saslauthd restart
>>>>>>
>>>>>> And then give it another shot, that should do the trick!
>>>>>>
>>>>>> -Eric
>>>>>>
>>>>>>
>>>>>> Poderia ser essa uma solução? Nao quis testar sem antes ter uma segunda
>>>>>> opiniao.
>>>>>> Obrigado.
>>>>>> _______________________________________________
>>>>>> Postfix-br mailing list
>>>>>> [hidden email]
>>>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Postfix-br mailing list
>>>>> [hidden email]
>>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>>>
>>>> _______________________________________________
>>>> Postfix-br mailing list
>>>> [hidden email]
>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>>
>>>
>>> _______________________________________________
>>> Postfix-br mailing list
>>> [hidden email]
>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
_______________________________________________
Postfix-br mailing list
[hidden email]
http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
Reply | Threaded
Open this post in threaded view
|

Re: Problema com auntenticação externa para enviar e-mails

Marcio L Santos
E segue no mesmo... o que notei é que parece ser um problema com o
saslauthd, pois na rede interna funciona pois as contas estao sem
autenticação, se coloco autenticação ocorre o mesmo problema

2015-02-13 8:52 GMT-02:00 Marcio L Santos <[hidden email]>:

> Mias um teste realizado hoje
> Os comandos:
>  testsaslauthd -s smtp -u <myusername> -p <mypassword>
>  testsaslauthd -s smtpd -u <myusername> -p <mypassword>
>  testsaslauthd -u <myusername> -p <mypassword>
>
> Retornaram: 0: NO "authentication failed"
> E nos logs ( messages):
>
> Feb 13 08:38:57 mail saslauthd[1925]: do_auth         : auth failure:
> [user=teste] [service=smtpd] [realm=] [mech=pam] [reason=PAM auth
> error]
> Feb 13 08:39:07 mail saslauthd[1927]: do_auth         : auth failure:
> [user=teste] [service=imap] [realm=] [mech=pam] [reason=PAM auth
> error]
>
> 2015-02-13 8:07 GMT-02:00 Marcio L Santos <[hidden email]>:
>> Julio, aquela opção que comentei no primeiro post e reproduzo abaixo,
>> poderia ajudar? Ou nao tem nada a ver?
>> Nao executei pois tenho receio de piorar ao inves de ajudar .....
>>
>> https://www.virtualmin.com/node/12960
>>
>> Well, the issue that appears to be occurring above looks like a
>> problem with Postfix talking to the saslauth daemon.
>>
>> I've seen that occur on older Ubuntu/Debian installs (in theory, that
>> should be corrected with the current install.sh script).
>>
>> However, to resolve it, run this command as root:
>>
>> usermod -a -G sasl postfix
>>
>> And then restart Saslauthd:
>>
>> /etc/init.d/saslauthd restart
>>
>> 2015-02-12 13:47 GMT-02:00 Marcio L Santos <[hidden email]>:
>>> Mesmo erro....testei no celular com a porta 587, com autenticacao e
>>> tls e tambem sem o tls....
>>> Sempre da no celular quando vou configurar a saida:
>>> 535 5.7.0 Error; authentication failed: authentication failure
>>> E os logs do postfix (maillog) a mesma coisa de antes
>>> Feb 12 13:34:17 mail postfix/smtpd[4065]: warning: 179.219.xxx.xxx:
>>> hostname xxx.virtua.com.br verification failed: Name or service not
>>> known
>>> Feb 12 13:34:17 mail postfix/smtpd[4065]: connect from unknown[179.219.xxx.xxx]
>>> Feb 12 13:34:18 mail postfix/smtpd[4065]: warning: SASL authentication
>>> failure: Password verification failed
>>> Feb 12 13:34:18 mail postfix/smtpd[4065]: warning:
>>> unknown[179.219.xxx.xxx]: SASL PLAIN authentication failed:
>>> authentication failure
>>>
>>> 2015-02-12 13:34 GMT-02:00 Julio Cesar Covolato <[hidden email]>:
>>>> Ok. Configure um cliente externo para usar a porta 587 para envios...
>>>>
>>>> -----------------------------
>>>>     _    Engº Julio Cesar Covolato
>>>>    0v0   <[hidden email]>
>>>>   /(_)\  F: 55-11-3129-3366
>>>>    ^ ^   PSI INTERNET
>>>> -----------------------------
>>>>
>>>> On 12/02/2015 13:13, Marcio L Santos wrote:
>>>>>
>>>>> Ola Julio, obrigado pela ajuda, a principio esta sim..... O meu
>>>>> master.cf esta assim:
>>>>>
>>>>> smtp      inet  n       -       n       -       -       smtpd
>>>>> submission inet n       -       n       -       -       smtpd
>>>>>    -o smtpd_enforce_tls=yes
>>>>>    -o smtpd_sasl_auth_enable=yes
>>>>>    -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>>>>> smtps     inet  n       -       n       -       -       smtpd
>>>>>    -o smtpd_tls_wrappermode=yes
>>>>>    -o smtpd_sasl_auth_enable=yes
>>>>>    -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>>>>> #628      inet  n       -       n       -       -       qmqpd
>>>>> pickup    fifo  n       -       n       60      1       pickup
>>>>> cleanup   unix  n       -       n       -       0       cleanup
>>>>> qmgr      fifo  n       -       n       300     1       qmgr
>>>>> #qmgr     fifo  n       -       n       300     1       oqmgr
>>>>> tlsmgr    unix  -       -       n       1000?   1       tlsmgr
>>>>> rewrite   unix  -       -       n       -       -       trivial-rewrite
>>>>> bounce    unix  -       -       n       -       0       bounce
>>>>> defer     unix  -       -       n       -       0       bounce
>>>>> trace     unix  -       -       n       -       0       bounce
>>>>> verify    unix  -       -       n       -       1       verify
>>>>> flush     unix  n       -       n       1000?   0       flush
>>>>> proxymap  unix  -       -       n       -       -       proxymap
>>>>> smtp      unix  -       -       n       -       -       smtp
>>>>> # When relaying mail as backup MX, disable fallback_relay to avoid MX
>>>>> loops
>>>>> relay     unix  -       -       n       -       -       smtp
>>>>>          -o fallback_relay=
>>>>> #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
>>>>> #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
>>>>> showq     unix  n       -       n       -       -       showq
>>>>> error     unix  -       -       n       -       -       error
>>>>> discard   unix  -       -       n       -       -       discard
>>>>> local     unix  -       n       n       -       -       local
>>>>> virtual   unix  -       n       n       -       -       virtual
>>>>> lmtp      unix  -       -       n       -       -       lmtp
>>>>> anvil     unix  -       -       n       -       1       anvil
>>>>> scache    unix  -       -       n       -       1       scache
>>>>> #
>>>>> # ====================================================================
>>>>> # Interfaces to non-Postfix software. Be sure to examine the manual
>>>>> # pages of the non-Postfix software to find out what options it wants.
>>>>> #
>>>>> # Many of the following services use the Postfix pipe(8) delivery
>>>>> # agent.  See the pipe(8) man page for information about ${recipient}
>>>>> # and other message envelope options.
>>>>> # ====================================================================
>>>>> #
>>>>> # maildrop. See the Postfix MAILDROP_README file for details.
>>>>> # Also specify in main.cf: maildrop_destination_recipient_limit=1
>>>>> #
>>>>> maildrop  unix  -       n       n       -       -       pipe
>>>>>   flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
>>>>> ##maildrop  unix  -       n       n       -       -       pipe
>>>>> ##  flags=DRhu user=vmail argv=/usr/bin/env SENDER=${sender}
>>>>> ##  RECIPIENT=${recipient} EXTENSION=${extension} /usr/bin/maildrop
>>>>> ##  -w 90 -d ${user}@${nexthop} ${extension} ${recipient} ${user}
>>>>> ${nexthop}
>>>>> #
>>>>> # The Cyrus deliver program has changed incompatibly, multiple times.
>>>>> #
>>>>> old-cyrus unix  -       n       n       -       -       pipe
>>>>>    flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m
>>>>> ${extension} ${user}
>>>>> # Cyrus 2.1.5 (Amos Gouaux)
>>>>> # Also specify in main.cf: cyrus_destination_recipient_limit=1
>>>>> #cyrus     unix  -       n       n       -       -       pipe
>>>>> #  user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m
>>>>> ${extension} ${user}
>>>>> #
>>>>> # See the Postfix UUCP_README file for configuration details.
>>>>> #
>>>>> uucp      unix  -       n       n       -       -       pipe
>>>>>    flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
>>>>> ($recipient)
>>>>> #
>>>>> # Other external delivery methods.
>>>>> #
>>>>> ifmail    unix  -       n       n       -       -       pipe
>>>>>    flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
>>>>> bsmtp     unix  -       n       n       -       -       pipe
>>>>>    flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop
>>>>> $recipient
>>>>>
>>>>> # Vacation
>>>>> vacation  unix  -       n       n       -       -       pipe
>>>>>       flags=Rq user=vacation argv=/var/spool/vacation/vacation.pl -f
>>>>> $(sender) ${recipient}
>>>>>
>>>>> ## DOVECOT ##
>>>>> dovecot unix - n n - - pipe
>>>>>    flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d
>>>>> $(recipient)
>>>>> ## Amavis ##
>>>>> amavisfeed unix    -       -       n        -      2     lmtp
>>>>>      -o lmtp_data_done_timeout=1200
>>>>>      -o lmtp_send_xforward_command=yes
>>>>>      -o disable_dns_lookups=yes
>>>>>      -o max_use=20
>>>>>
>>>>> 127.0.0.1:10025 inet n    -       n       -       -     smtpd
>>>>>      -o content_filter=
>>>>>      -o smtpd_delay_reject=no
>>>>>      -o smtpd_client_restrictions=permit_mynetworks,reject
>>>>>      -o smtpd_helo_restrictions=
>>>>>      -o smtpd_sender_restrictions=
>>>>>      -o smtpd_recipient_restrictions=permit_mynetworks,reject
>>>>>      -o smtpd_data_restrictions=reject_unauth_pipelining
>>>>>      -o smtpd_end_of_data_restrictions=
>>>>>      -o smtpd_restriction_classes=
>>>>>      -o mynetworks=127.0.0.0/8
>>>>>      -o smtpd_error_sleep_time=0
>>>>>      -o smtpd_soft_error_limit=1001
>>>>>      -o smtpd_hard_error_limit=1000
>>>>>      -o smtpd_client_connection_count_limit=0
>>>>>      -o smtpd_client_connection_rate_limit=0
>>>>>      -o
>>>>> receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings
>>>>>      -o local_header_rewrite_clients=
>>>>>      -o smtpd_milters=
>>>>>      -o local_recipient_maps=
>>>>>      -o relay_recipient_maps=
>>>>>
>>>>> 2015-02-12 12:52 GMT-02:00 Julio Cesar Covolato <[hidden email]>:
>>>>>>
>>>>>> Olá Marcio.
>>>>>>
>>>>>> Vc liberou a porta submission 587 ou smtps 465 para acessos externos?
>>>>>> Se não, adicione ao seu /etc/postfix/master.cf:
>>>>>>
>>>>>> submission inet n       -       n       -       -       smtpd
>>>>>>    -o smtpd_enforce_tls=yes
>>>>>>    -o smtpd_sasl_auth_enable=yes
>>>>>>    -o
>>>>>>
>>>>>> smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
>>>>>> #  -o content_filter=smtp-amavis:[127.0.0.1]:10026
>>>>>>    -o syslog_name=postfix/submission
>>>>>> #  -o receive_override_options=no_header_body_checks
>>>>>>
>>>>>> smtps     inet  n       -       n       -       -       smtpd
>>>>>>    -o smtpd_tls_wrappermode=yes
>>>>>>    -o smtpd_sasl_auth_enable=yes
>>>>>>    -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>>>>>> #  -o content_filter=smtp-amavis:[127.0.0.1]:10026
>>>>>>
>>>>>>
>>>>>> E configure seus clientes para enviarem numa dessas portas.
>>>>>>
>>>>>> -----------------------------
>>>>>>      _    Engº Julio Cesar Covolato
>>>>>>     0v0   <[hidden email]>
>>>>>>    /(_)\  F: 55-11-3129-3366
>>>>>>     ^ ^   PSI INTERNET
>>>>>> -----------------------------
>>>>>>
>>>>>>
>>>>>> On 12/02/2015 11:28, Marcio L Santos wrote:
>>>>>>>
>>>>>>> Bom dia pessoal, tenho um postfix + mysql + dovecot rodando em um centos
>>>>>>> 5.6
>>>>>>> è uma máquina antiga "herdada" da antiga administração da TI.
>>>>>>> Esta com os dias contados, pois sera atualizado ( hardware e soft).
>>>>>>> Mas por enquanto tenho que ir levando como esta...
>>>>>>> Tudo funcionava bem, ate que de uns dias pra ca começou a dar problema
>>>>>>> na autenticação para envio de e-mails fora da rede ( ex celular), da
>>>>>>> usuario e senha invalido para o smtpd.
>>>>>>> Nos logs do postfix aparece isso na hora:
>>>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: 179.219.xxx.xxx:
>>>>>>> hostname xxxx.virtua.com.br verification failed: Name or service not
>>>>>>> known
>>>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: connect from
>>>>>>> unknown[179.219.xxx.xxx]
>>>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: SASL authentication
>>>>>>> failure: Password verification failed
>>>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: unknown[xxx.xxx]:
>>>>>>> SASL PLAIN authentication failed:
>>>>>>>
>>>>>>> Ja troquei a senha e nada, no webmail e no outlook na rede interna vai
>>>>>>> tranquilo, de fora so recebe.
>>>>>>>
>>>>>>> Vim uma sugestao nesse topico: https://www.virtualmin.com/node/12960
>>>>>>>
>>>>>>> Well, the issue that appears to be occurring above looks like a
>>>>>>> problem with Postfix talking to the saslauth daemon.
>>>>>>>
>>>>>>> I've seen that occur on older Ubuntu/Debian installs (in theory, that
>>>>>>> should be corrected with the current install.sh script).
>>>>>>>
>>>>>>> However, to resolve it, run this command as root:
>>>>>>>
>>>>>>> usermod -a -G sasl postfix
>>>>>>>
>>>>>>> And then restart Saslauthd:
>>>>>>>
>>>>>>> /etc/init.d/saslauthd restart
>>>>>>>
>>>>>>> And then give it another shot, that should do the trick!
>>>>>>>
>>>>>>> -Eric
>>>>>>>
>>>>>>>
>>>>>>> Poderia ser essa uma solução? Nao quis testar sem antes ter uma segunda
>>>>>>> opiniao.
>>>>>>> Obrigado.
>>>>>>> _______________________________________________
>>>>>>> Postfix-br mailing list
>>>>>>> [hidden email]
>>>>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> Postfix-br mailing list
>>>>>> [hidden email]
>>>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>>>>
>>>>> _______________________________________________
>>>>> Postfix-br mailing list
>>>>> [hidden email]
>>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>>>
>>>>
>>>> _______________________________________________
>>>> Postfix-br mailing list
>>>> [hidden email]
>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
_______________________________________________
Postfix-br mailing list
[hidden email]
http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
vic
Reply | Threaded
Open this post in threaded view
|

Re: Problema com auntenticação externa para enviar e-mails

vic

On 17-02-2015 13:16, Marcio L Santos wrote:
> E segue no mesmo... o que notei é que parece ser um problema com o
> saslauthd, pois na rede interna funciona pois as contas estao sem
> autenticação, se coloco autenticação ocorre o mesmo problema

Mas se você usa o dovecot para pop3/imap, porque não usá-lo também para
autenticação smtp?



> 2015-02-13 8:52 GMT-02:00 Marcio L Santos <[hidden email]>:
>> Mias um teste realizado hoje
>> Os comandos:
>>   testsaslauthd -s smtp -u <myusername> -p <mypassword>
>>   testsaslauthd -s smtpd -u <myusername> -p <mypassword>
>>   testsaslauthd -u <myusername> -p <mypassword>
>>
>> Retornaram: 0: NO "authentication failed"
>> E nos logs ( messages):
>>
>> Feb 13 08:38:57 mail saslauthd[1925]: do_auth         : auth failure:
>> [user=teste] [service=smtpd] [realm=] [mech=pam] [reason=PAM auth
>> error]
>> Feb 13 08:39:07 mail saslauthd[1927]: do_auth         : auth failure:
>> [user=teste] [service=imap] [realm=] [mech=pam] [reason=PAM auth
>> error]
>>
>> 2015-02-13 8:07 GMT-02:00 Marcio L Santos <[hidden email]>:
>>> Julio, aquela opção que comentei no primeiro post e reproduzo abaixo,
>>> poderia ajudar? Ou nao tem nada a ver?
>>> Nao executei pois tenho receio de piorar ao inves de ajudar .....
>>>
>>> https://www.virtualmin.com/node/12960
>>>
>>> Well, the issue that appears to be occurring above looks like a
>>> problem with Postfix talking to the saslauth daemon.
>>>
>>> I've seen that occur on older Ubuntu/Debian installs (in theory, that
>>> should be corrected with the current install.sh script).
>>>
>>> However, to resolve it, run this command as root:
>>>
>>> usermod -a -G sasl postfix
>>>
>>> And then restart Saslauthd:
>>>
>>> /etc/init.d/saslauthd restart
>>>
>>> 2015-02-12 13:47 GMT-02:00 Marcio L Santos <[hidden email]>:
>>>> Mesmo erro....testei no celular com a porta 587, com autenticacao e
>>>> tls e tambem sem o tls....
>>>> Sempre da no celular quando vou configurar a saida:
>>>> 535 5.7.0 Error; authentication failed: authentication failure
>>>> E os logs do postfix (maillog) a mesma coisa de antes
>>>> Feb 12 13:34:17 mail postfix/smtpd[4065]: warning: 179.219.xxx.xxx:
>>>> hostname xxx.virtua.com.br verification failed: Name or service not
>>>> known
>>>> Feb 12 13:34:17 mail postfix/smtpd[4065]: connect from unknown[179.219.xxx.xxx]
>>>> Feb 12 13:34:18 mail postfix/smtpd[4065]: warning: SASL authentication
>>>> failure: Password verification failed
>>>> Feb 12 13:34:18 mail postfix/smtpd[4065]: warning:
>>>> unknown[179.219.xxx.xxx]: SASL PLAIN authentication failed:
>>>> authentication failure
>>>>
>>>> 2015-02-12 13:34 GMT-02:00 Julio Cesar Covolato <[hidden email]>:
>>>>> Ok. Configure um cliente externo para usar a porta 587 para envios...
>>>>>
>>>>> -----------------------------
>>>>>      _    Engº Julio Cesar Covolato
>>>>>     0v0   <[hidden email]>
>>>>>    /(_)\  F: 55-11-3129-3366
>>>>>     ^ ^   PSI INTERNET
>>>>> -----------------------------
>>>>>
>>>>> On 12/02/2015 13:13, Marcio L Santos wrote:
>>>>>> Ola Julio, obrigado pela ajuda, a principio esta sim..... O meu
>>>>>> master.cf esta assim:
>>>>>>
>>>>>> smtp      inet  n       -       n       -       -       smtpd
>>>>>> submission inet n       -       n       -       -       smtpd
>>>>>>     -o smtpd_enforce_tls=yes
>>>>>>     -o smtpd_sasl_auth_enable=yes
>>>>>>     -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>>>>>> smtps     inet  n       -       n       -       -       smtpd
>>>>>>     -o smtpd_tls_wrappermode=yes
>>>>>>     -o smtpd_sasl_auth_enable=yes
>>>>>>     -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>>>>>> #628      inet  n       -       n       -       -       qmqpd
>>>>>> pickup    fifo  n       -       n       60      1       pickup
>>>>>> cleanup   unix  n       -       n       -       0       cleanup
>>>>>> qmgr      fifo  n       -       n       300     1       qmgr
>>>>>> #qmgr     fifo  n       -       n       300     1       oqmgr
>>>>>> tlsmgr    unix  -       -       n       1000?   1       tlsmgr
>>>>>> rewrite   unix  -       -       n       -       -       trivial-rewrite
>>>>>> bounce    unix  -       -       n       -       0       bounce
>>>>>> defer     unix  -       -       n       -       0       bounce
>>>>>> trace     unix  -       -       n       -       0       bounce
>>>>>> verify    unix  -       -       n       -       1       verify
>>>>>> flush     unix  n       -       n       1000?   0       flush
>>>>>> proxymap  unix  -       -       n       -       -       proxymap
>>>>>> smtp      unix  -       -       n       -       -       smtp
>>>>>> # When relaying mail as backup MX, disable fallback_relay to avoid MX
>>>>>> loops
>>>>>> relay     unix  -       -       n       -       -       smtp
>>>>>>           -o fallback_relay=
>>>>>> #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
>>>>>> #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
>>>>>> showq     unix  n       -       n       -       -       showq
>>>>>> error     unix  -       -       n       -       -       error
>>>>>> discard   unix  -       -       n       -       -       discard
>>>>>> local     unix  -       n       n       -       -       local
>>>>>> virtual   unix  -       n       n       -       -       virtual
>>>>>> lmtp      unix  -       -       n       -       -       lmtp
>>>>>> anvil     unix  -       -       n       -       1       anvil
>>>>>> scache    unix  -       -       n       -       1       scache
>>>>>> #
>>>>>> # ====================================================================
>>>>>> # Interfaces to non-Postfix software. Be sure to examine the manual
>>>>>> # pages of the non-Postfix software to find out what options it wants.
>>>>>> #
>>>>>> # Many of the following services use the Postfix pipe(8) delivery
>>>>>> # agent.  See the pipe(8) man page for information about ${recipient}
>>>>>> # and other message envelope options.
>>>>>> # ====================================================================
>>>>>> #
>>>>>> # maildrop. See the Postfix MAILDROP_README file for details.
>>>>>> # Also specify in main.cf: maildrop_destination_recipient_limit=1
>>>>>> #
>>>>>> maildrop  unix  -       n       n       -       -       pipe
>>>>>>    flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
>>>>>> ##maildrop  unix  -       n       n       -       -       pipe
>>>>>> ##  flags=DRhu user=vmail argv=/usr/bin/env SENDER=${sender}
>>>>>> ##  RECIPIENT=${recipient} EXTENSION=${extension} /usr/bin/maildrop
>>>>>> ##  -w 90 -d ${user}@${nexthop} ${extension} ${recipient} ${user}
>>>>>> ${nexthop}
>>>>>> #
>>>>>> # The Cyrus deliver program has changed incompatibly, multiple times.
>>>>>> #
>>>>>> old-cyrus unix  -       n       n       -       -       pipe
>>>>>>     flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m
>>>>>> ${extension} ${user}
>>>>>> # Cyrus 2.1.5 (Amos Gouaux)
>>>>>> # Also specify in main.cf: cyrus_destination_recipient_limit=1
>>>>>> #cyrus     unix  -       n       n       -       -       pipe
>>>>>> #  user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m
>>>>>> ${extension} ${user}
>>>>>> #
>>>>>> # See the Postfix UUCP_README file for configuration details.
>>>>>> #
>>>>>> uucp      unix  -       n       n       -       -       pipe
>>>>>>     flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
>>>>>> ($recipient)
>>>>>> #
>>>>>> # Other external delivery methods.
>>>>>> #
>>>>>> ifmail    unix  -       n       n       -       -       pipe
>>>>>>     flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
>>>>>> bsmtp     unix  -       n       n       -       -       pipe
>>>>>>     flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop
>>>>>> $recipient
>>>>>>
>>>>>> # Vacation
>>>>>> vacation  unix  -       n       n       -       -       pipe
>>>>>>        flags=Rq user=vacation argv=/var/spool/vacation/vacation.pl -f
>>>>>> $(sender) ${recipient}
>>>>>>
>>>>>> ## DOVECOT ##
>>>>>> dovecot unix - n n - - pipe
>>>>>>     flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d
>>>>>> $(recipient)
>>>>>> ## Amavis ##
>>>>>> amavisfeed unix    -       -       n        -      2     lmtp
>>>>>>       -o lmtp_data_done_timeout=1200
>>>>>>       -o lmtp_send_xforward_command=yes
>>>>>>       -o disable_dns_lookups=yes
>>>>>>       -o max_use=20
>>>>>>
>>>>>> 127.0.0.1:10025 inet n    -       n       -       -     smtpd
>>>>>>       -o content_filter=
>>>>>>       -o smtpd_delay_reject=no
>>>>>>       -o smtpd_client_restrictions=permit_mynetworks,reject
>>>>>>       -o smtpd_helo_restrictions=
>>>>>>       -o smtpd_sender_restrictions=
>>>>>>       -o smtpd_recipient_restrictions=permit_mynetworks,reject
>>>>>>       -o smtpd_data_restrictions=reject_unauth_pipelining
>>>>>>       -o smtpd_end_of_data_restrictions=
>>>>>>       -o smtpd_restriction_classes=
>>>>>>       -o mynetworks=127.0.0.0/8
>>>>>>       -o smtpd_error_sleep_time=0
>>>>>>       -o smtpd_soft_error_limit=1001
>>>>>>       -o smtpd_hard_error_limit=1000
>>>>>>       -o smtpd_client_connection_count_limit=0
>>>>>>       -o smtpd_client_connection_rate_limit=0
>>>>>>       -o
>>>>>> receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings
>>>>>>       -o local_header_rewrite_clients=
>>>>>>       -o smtpd_milters=
>>>>>>       -o local_recipient_maps=
>>>>>>       -o relay_recipient_maps=
>>>>>>
>>>>>> 2015-02-12 12:52 GMT-02:00 Julio Cesar Covolato <[hidden email]>:
>>>>>>> Olá Marcio.
>>>>>>>
>>>>>>> Vc liberou a porta submission 587 ou smtps 465 para acessos externos?
>>>>>>> Se não, adicione ao seu /etc/postfix/master.cf:
>>>>>>>
>>>>>>> submission inet n       -       n       -       -       smtpd
>>>>>>>     -o smtpd_enforce_tls=yes
>>>>>>>     -o smtpd_sasl_auth_enable=yes
>>>>>>>     -o
>>>>>>>
>>>>>>> smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
>>>>>>> #  -o content_filter=smtp-amavis:[127.0.0.1]:10026
>>>>>>>     -o syslog_name=postfix/submission
>>>>>>> #  -o receive_override_options=no_header_body_checks
>>>>>>>
>>>>>>> smtps     inet  n       -       n       -       -       smtpd
>>>>>>>     -o smtpd_tls_wrappermode=yes
>>>>>>>     -o smtpd_sasl_auth_enable=yes
>>>>>>>     -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>>>>>>> #  -o content_filter=smtp-amavis:[127.0.0.1]:10026
>>>>>>>
>>>>>>>
>>>>>>> E configure seus clientes para enviarem numa dessas portas.
>>>>>>>
>>>>>>> -----------------------------
>>>>>>>       _    Engº Julio Cesar Covolato
>>>>>>>      0v0   <[hidden email]>
>>>>>>>     /(_)\  F: 55-11-3129-3366
>>>>>>>      ^ ^   PSI INTERNET
>>>>>>> -----------------------------
>>>>>>>
>>>>>>>
>>>>>>> On 12/02/2015 11:28, Marcio L Santos wrote:
>>>>>>>> Bom dia pessoal, tenho um postfix + mysql + dovecot rodando em um centos
>>>>>>>> 5.6
>>>>>>>> è uma máquina antiga "herdada" da antiga administração da TI.
>>>>>>>> Esta com os dias contados, pois sera atualizado ( hardware e soft).
>>>>>>>> Mas por enquanto tenho que ir levando como esta...
>>>>>>>> Tudo funcionava bem, ate que de uns dias pra ca começou a dar problema
>>>>>>>> na autenticação para envio de e-mails fora da rede ( ex celular), da
>>>>>>>> usuario e senha invalido para o smtpd.
>>>>>>>> Nos logs do postfix aparece isso na hora:
>>>>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: 179.219.xxx.xxx:
>>>>>>>> hostname xxxx.virtua.com.br verification failed: Name or service not
>>>>>>>> known
>>>>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: connect from
>>>>>>>> unknown[179.219.xxx.xxx]
>>>>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: SASL authentication
>>>>>>>> failure: Password verification failed
>>>>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: unknown[xxx.xxx]:
>>>>>>>> SASL PLAIN authentication failed:
>>>>>>>>
>>>>>>>> Ja troquei a senha e nada, no webmail e no outlook na rede interna vai
>>>>>>>> tranquilo, de fora so recebe.
>>>>>>>>
>>>>>>>> Vim uma sugestao nesse topico: https://www.virtualmin.com/node/12960
>>>>>>>>
>>>>>>>> Well, the issue that appears to be occurring above looks like a
>>>>>>>> problem with Postfix talking to the saslauth daemon.
>>>>>>>>
>>>>>>>> I've seen that occur on older Ubuntu/Debian installs (in theory, that
>>>>>>>> should be corrected with the current install.sh script).
>>>>>>>>
>>>>>>>> However, to resolve it, run this command as root:
>>>>>>>>
>>>>>>>> usermod -a -G sasl postfix
>>>>>>>>
>>>>>>>> And then restart Saslauthd:
>>>>>>>>
>>>>>>>> /etc/init.d/saslauthd restart
>>>>>>>>
>>>>>>>> And then give it another shot, that should do the trick!
>>>>>>>>
>>>>>>>> -Eric
>>>>>>>>
>>>>>>>>
>>>>>>>> Poderia ser essa uma solução? Nao quis testar sem antes ter uma segunda
>>>>>>>> opiniao.
>>>>>>>> Obrigado.
>>>>>>>> _______________________________________________
>>>>>>>> Postfix-br mailing list
>>>>>>>> [hidden email]
>>>>>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Postfix-br mailing list
>>>>>>> [hidden email]
>>>>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>>>>> _______________________________________________
>>>>>> Postfix-br mailing list
>>>>>> [hidden email]
>>>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>>>>
>>>>> _______________________________________________
>>>>> Postfix-br mailing list
>>>>> [hidden email]
>>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
> _______________________________________________
> Postfix-br mailing list
> [hidden email]
> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br

--
Victório

_______________________________________________
Postfix-br mailing list
[hidden email]
http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
Reply | Threaded
Open this post in threaded view
|

Re: Problema com auntenticação externa para enviar e-mails

Marcio L Santos
Ola Victorio, como comentei no 1o post esse servidor foi legado, ate
entao nao tinha mexido nele. o nilton OS mandou antes uns links sobre
o  dovecot....Ontem de noite ja tive uma tentativa frustada de fazer
funcionar. Vou tentar hoje com mais calma e ver se consigo fazer
funcionar com o dovecot.
Nao sou muito manso com postfix, e a pessoa que configurou nao deixou
nada documentado, pelo que pude ver ele foi pegando tutorial daqui e
dali e tentando ate fazer funcionar.

2015-02-18 13:25 GMT-02:00 Victório <[hidden email]>:

>
> On 17-02-2015 13:16, Marcio L Santos wrote:
>>
>> E segue no mesmo... o que notei é que parece ser um problema com o
>> saslauthd, pois na rede interna funciona pois as contas estao sem
>> autenticação, se coloco autenticação ocorre o mesmo problema
>
>
> Mas se você usa o dovecot para pop3/imap, porque não usá-lo também para
> autenticação smtp?
>
>
>
>
>> 2015-02-13 8:52 GMT-02:00 Marcio L Santos <[hidden email]>:
>>>
>>> Mias um teste realizado hoje
>>> Os comandos:
>>>   testsaslauthd -s smtp -u <myusername> -p <mypassword>
>>>   testsaslauthd -s smtpd -u <myusername> -p <mypassword>
>>>   testsaslauthd -u <myusername> -p <mypassword>
>>>
>>> Retornaram: 0: NO "authentication failed"
>>> E nos logs ( messages):
>>>
>>> Feb 13 08:38:57 mail saslauthd[1925]: do_auth         : auth failure:
>>> [user=teste] [service=smtpd] [realm=] [mech=pam] [reason=PAM auth
>>> error]
>>> Feb 13 08:39:07 mail saslauthd[1927]: do_auth         : auth failure:
>>> [user=teste] [service=imap] [realm=] [mech=pam] [reason=PAM auth
>>> error]
>>>
>>> 2015-02-13 8:07 GMT-02:00 Marcio L Santos <[hidden email]>:
>>>>
>>>> Julio, aquela opção que comentei no primeiro post e reproduzo abaixo,
>>>> poderia ajudar? Ou nao tem nada a ver?
>>>> Nao executei pois tenho receio de piorar ao inves de ajudar .....
>>>>
>>>> https://www.virtualmin.com/node/12960
>>>>
>>>> Well, the issue that appears to be occurring above looks like a
>>>> problem with Postfix talking to the saslauth daemon.
>>>>
>>>> I've seen that occur on older Ubuntu/Debian installs (in theory, that
>>>> should be corrected with the current install.sh script).
>>>>
>>>> However, to resolve it, run this command as root:
>>>>
>>>> usermod -a -G sasl postfix
>>>>
>>>> And then restart Saslauthd:
>>>>
>>>> /etc/init.d/saslauthd restart
>>>>
>>>> 2015-02-12 13:47 GMT-02:00 Marcio L Santos <[hidden email]>:
>>>>>
>>>>> Mesmo erro....testei no celular com a porta 587, com autenticacao e
>>>>> tls e tambem sem o tls....
>>>>> Sempre da no celular quando vou configurar a saida:
>>>>> 535 5.7.0 Error; authentication failed: authentication failure
>>>>> E os logs do postfix (maillog) a mesma coisa de antes
>>>>> Feb 12 13:34:17 mail postfix/smtpd[4065]: warning: 179.219.xxx.xxx:
>>>>> hostname xxx.virtua.com.br verification failed: Name or service not
>>>>> known
>>>>> Feb 12 13:34:17 mail postfix/smtpd[4065]: connect from
>>>>> unknown[179.219.xxx.xxx]
>>>>> Feb 12 13:34:18 mail postfix/smtpd[4065]: warning: SASL authentication
>>>>> failure: Password verification failed
>>>>> Feb 12 13:34:18 mail postfix/smtpd[4065]: warning:
>>>>> unknown[179.219.xxx.xxx]: SASL PLAIN authentication failed:
>>>>> authentication failure
>>>>>
>>>>> 2015-02-12 13:34 GMT-02:00 Julio Cesar Covolato <[hidden email]>:
>>>>>>
>>>>>> Ok. Configure um cliente externo para usar a porta 587 para envios...
>>>>>>
>>>>>> -----------------------------
>>>>>>      _    Engº Julio Cesar Covolato
>>>>>>     0v0   <[hidden email]>
>>>>>>    /(_)\  F: 55-11-3129-3366
>>>>>>     ^ ^   PSI INTERNET
>>>>>> -----------------------------
>>>>>>
>>>>>> On 12/02/2015 13:13, Marcio L Santos wrote:
>>>>>>>
>>>>>>> Ola Julio, obrigado pela ajuda, a principio esta sim..... O meu
>>>>>>> master.cf esta assim:
>>>>>>>
>>>>>>> smtp      inet  n       -       n       -       -       smtpd
>>>>>>> submission inet n       -       n       -       -       smtpd
>>>>>>>     -o smtpd_enforce_tls=yes
>>>>>>>     -o smtpd_sasl_auth_enable=yes
>>>>>>>     -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>>>>>>> smtps     inet  n       -       n       -       -       smtpd
>>>>>>>     -o smtpd_tls_wrappermode=yes
>>>>>>>     -o smtpd_sasl_auth_enable=yes
>>>>>>>     -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>>>>>>> #628      inet  n       -       n       -       -       qmqpd
>>>>>>> pickup    fifo  n       -       n       60      1       pickup
>>>>>>> cleanup   unix  n       -       n       -       0       cleanup
>>>>>>> qmgr      fifo  n       -       n       300     1       qmgr
>>>>>>> #qmgr     fifo  n       -       n       300     1       oqmgr
>>>>>>> tlsmgr    unix  -       -       n       1000?   1       tlsmgr
>>>>>>> rewrite   unix  -       -       n       -       -
>>>>>>> trivial-rewrite
>>>>>>> bounce    unix  -       -       n       -       0       bounce
>>>>>>> defer     unix  -       -       n       -       0       bounce
>>>>>>> trace     unix  -       -       n       -       0       bounce
>>>>>>> verify    unix  -       -       n       -       1       verify
>>>>>>> flush     unix  n       -       n       1000?   0       flush
>>>>>>> proxymap  unix  -       -       n       -       -       proxymap
>>>>>>> smtp      unix  -       -       n       -       -       smtp
>>>>>>> # When relaying mail as backup MX, disable fallback_relay to avoid MX
>>>>>>> loops
>>>>>>> relay     unix  -       -       n       -       -       smtp
>>>>>>>           -o fallback_relay=
>>>>>>> #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
>>>>>>> #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
>>>>>>> showq     unix  n       -       n       -       -       showq
>>>>>>> error     unix  -       -       n       -       -       error
>>>>>>> discard   unix  -       -       n       -       -       discard
>>>>>>> local     unix  -       n       n       -       -       local
>>>>>>> virtual   unix  -       n       n       -       -       virtual
>>>>>>> lmtp      unix  -       -       n       -       -       lmtp
>>>>>>> anvil     unix  -       -       n       -       1       anvil
>>>>>>> scache    unix  -       -       n       -       1       scache
>>>>>>> #
>>>>>>> #
>>>>>>> ====================================================================
>>>>>>> # Interfaces to non-Postfix software. Be sure to examine the manual
>>>>>>> # pages of the non-Postfix software to find out what options it
>>>>>>> wants.
>>>>>>> #
>>>>>>> # Many of the following services use the Postfix pipe(8) delivery
>>>>>>> # agent.  See the pipe(8) man page for information about ${recipient}
>>>>>>> # and other message envelope options.
>>>>>>> #
>>>>>>> ====================================================================
>>>>>>> #
>>>>>>> # maildrop. See the Postfix MAILDROP_README file for details.
>>>>>>> # Also specify in main.cf: maildrop_destination_recipient_limit=1
>>>>>>> #
>>>>>>> maildrop  unix  -       n       n       -       -       pipe
>>>>>>>    flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
>>>>>>> ##maildrop  unix  -       n       n       -       -       pipe
>>>>>>> ##  flags=DRhu user=vmail argv=/usr/bin/env SENDER=${sender}
>>>>>>> ##  RECIPIENT=${recipient} EXTENSION=${extension} /usr/bin/maildrop
>>>>>>> ##  -w 90 -d ${user}@${nexthop} ${extension} ${recipient} ${user}
>>>>>>> ${nexthop}
>>>>>>> #
>>>>>>> # The Cyrus deliver program has changed incompatibly, multiple times.
>>>>>>> #
>>>>>>> old-cyrus unix  -       n       n       -       -       pipe
>>>>>>>     flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m
>>>>>>> ${extension} ${user}
>>>>>>> # Cyrus 2.1.5 (Amos Gouaux)
>>>>>>> # Also specify in main.cf: cyrus_destination_recipient_limit=1
>>>>>>> #cyrus     unix  -       n       n       -       -       pipe
>>>>>>> #  user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m
>>>>>>> ${extension} ${user}
>>>>>>> #
>>>>>>> # See the Postfix UUCP_README file for configuration details.
>>>>>>> #
>>>>>>> uucp      unix  -       n       n       -       -       pipe
>>>>>>>     flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
>>>>>>> ($recipient)
>>>>>>> #
>>>>>>> # Other external delivery methods.
>>>>>>> #
>>>>>>> ifmail    unix  -       n       n       -       -       pipe
>>>>>>>     flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop
>>>>>>> ($recipient)
>>>>>>> bsmtp     unix  -       n       n       -       -       pipe
>>>>>>>     flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop
>>>>>>> $recipient
>>>>>>>
>>>>>>> # Vacation
>>>>>>> vacation  unix  -       n       n       -       -       pipe
>>>>>>>        flags=Rq user=vacation argv=/var/spool/vacation/vacation.pl -f
>>>>>>> $(sender) ${recipient}
>>>>>>>
>>>>>>> ## DOVECOT ##
>>>>>>> dovecot unix - n n - - pipe
>>>>>>>     flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d
>>>>>>> $(recipient)
>>>>>>> ## Amavis ##
>>>>>>> amavisfeed unix    -       -       n        -      2     lmtp
>>>>>>>       -o lmtp_data_done_timeout=1200
>>>>>>>       -o lmtp_send_xforward_command=yes
>>>>>>>       -o disable_dns_lookups=yes
>>>>>>>       -o max_use=20
>>>>>>>
>>>>>>> 127.0.0.1:10025 inet n    -       n       -       -     smtpd
>>>>>>>       -o content_filter=
>>>>>>>       -o smtpd_delay_reject=no
>>>>>>>       -o smtpd_client_restrictions=permit_mynetworks,reject
>>>>>>>       -o smtpd_helo_restrictions=
>>>>>>>       -o smtpd_sender_restrictions=
>>>>>>>       -o smtpd_recipient_restrictions=permit_mynetworks,reject
>>>>>>>       -o smtpd_data_restrictions=reject_unauth_pipelining
>>>>>>>       -o smtpd_end_of_data_restrictions=
>>>>>>>       -o smtpd_restriction_classes=
>>>>>>>       -o mynetworks=127.0.0.0/8
>>>>>>>       -o smtpd_error_sleep_time=0
>>>>>>>       -o smtpd_soft_error_limit=1001
>>>>>>>       -o smtpd_hard_error_limit=1000
>>>>>>>       -o smtpd_client_connection_count_limit=0
>>>>>>>       -o smtpd_client_connection_rate_limit=0
>>>>>>>       -o
>>>>>>>
>>>>>>> receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings
>>>>>>>       -o local_header_rewrite_clients=
>>>>>>>       -o smtpd_milters=
>>>>>>>       -o local_recipient_maps=
>>>>>>>       -o relay_recipient_maps=
>>>>>>>
>>>>>>> 2015-02-12 12:52 GMT-02:00 Julio Cesar Covolato <[hidden email]>:
>>>>>>>>
>>>>>>>> Olá Marcio.
>>>>>>>>
>>>>>>>> Vc liberou a porta submission 587 ou smtps 465 para acessos
>>>>>>>> externos?
>>>>>>>> Se não, adicione ao seu /etc/postfix/master.cf:
>>>>>>>>
>>>>>>>> submission inet n       -       n       -       -       smtpd
>>>>>>>>     -o smtpd_enforce_tls=yes
>>>>>>>>     -o smtpd_sasl_auth_enable=yes
>>>>>>>>     -o
>>>>>>>>
>>>>>>>>
>>>>>>>> smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
>>>>>>>> #  -o content_filter=smtp-amavis:[127.0.0.1]:10026
>>>>>>>>     -o syslog_name=postfix/submission
>>>>>>>> #  -o receive_override_options=no_header_body_checks
>>>>>>>>
>>>>>>>> smtps     inet  n       -       n       -       -       smtpd
>>>>>>>>     -o smtpd_tls_wrappermode=yes
>>>>>>>>     -o smtpd_sasl_auth_enable=yes
>>>>>>>>     -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>>>>>>>> #  -o content_filter=smtp-amavis:[127.0.0.1]:10026
>>>>>>>>
>>>>>>>>
>>>>>>>> E configure seus clientes para enviarem numa dessas portas.
>>>>>>>>
>>>>>>>> -----------------------------
>>>>>>>>       _    Engº Julio Cesar Covolato
>>>>>>>>      0v0   <[hidden email]>
>>>>>>>>     /(_)\  F: 55-11-3129-3366
>>>>>>>>      ^ ^   PSI INTERNET
>>>>>>>> -----------------------------
>>>>>>>>
>>>>>>>>
>>>>>>>> On 12/02/2015 11:28, Marcio L Santos wrote:
>>>>>>>>>
>>>>>>>>> Bom dia pessoal, tenho um postfix + mysql + dovecot rodando em um
>>>>>>>>> centos
>>>>>>>>> 5.6
>>>>>>>>> è uma máquina antiga "herdada" da antiga administração da TI.
>>>>>>>>> Esta com os dias contados, pois sera atualizado ( hardware e soft).
>>>>>>>>> Mas por enquanto tenho que ir levando como esta...
>>>>>>>>> Tudo funcionava bem, ate que de uns dias pra ca começou a dar
>>>>>>>>> problema
>>>>>>>>> na autenticação para envio de e-mails fora da rede ( ex celular),
>>>>>>>>> da
>>>>>>>>> usuario e senha invalido para o smtpd.
>>>>>>>>> Nos logs do postfix aparece isso na hora:
>>>>>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: 179.219.xxx.xxx:
>>>>>>>>> hostname xxxx.virtua.com.br verification failed: Name or service
>>>>>>>>> not
>>>>>>>>> known
>>>>>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: connect from
>>>>>>>>> unknown[179.219.xxx.xxx]
>>>>>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: SASL
>>>>>>>>> authentication
>>>>>>>>> failure: Password verification failed
>>>>>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: unknown[xxx.xxx]:
>>>>>>>>> SASL PLAIN authentication failed:
>>>>>>>>>
>>>>>>>>> Ja troquei a senha e nada, no webmail e no outlook na rede interna
>>>>>>>>> vai
>>>>>>>>> tranquilo, de fora so recebe.
>>>>>>>>>
>>>>>>>>> Vim uma sugestao nesse topico:
>>>>>>>>> https://www.virtualmin.com/node/12960
>>>>>>>>>
>>>>>>>>> Well, the issue that appears to be occurring above looks like a
>>>>>>>>> problem with Postfix talking to the saslauth daemon.
>>>>>>>>>
>>>>>>>>> I've seen that occur on older Ubuntu/Debian installs (in theory,
>>>>>>>>> that
>>>>>>>>> should be corrected with the current install.sh script).
>>>>>>>>>
>>>>>>>>> However, to resolve it, run this command as root:
>>>>>>>>>
>>>>>>>>> usermod -a -G sasl postfix
>>>>>>>>>
>>>>>>>>> And then restart Saslauthd:
>>>>>>>>>
>>>>>>>>> /etc/init.d/saslauthd restart
>>>>>>>>>
>>>>>>>>> And then give it another shot, that should do the trick!
>>>>>>>>>
>>>>>>>>> -Eric
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Poderia ser essa uma solução? Nao quis testar sem antes ter uma
>>>>>>>>> segunda
>>>>>>>>> opiniao.
>>>>>>>>> Obrigado.
>>>>>>>>> _______________________________________________
>>>>>>>>> Postfix-br mailing list
>>>>>>>>> [hidden email]
>>>>>>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> Postfix-br mailing list
>>>>>>>> [hidden email]
>>>>>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Postfix-br mailing list
>>>>>>> [hidden email]
>>>>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> Postfix-br mailing list
>>>>>> [hidden email]
>>>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>
>> _______________________________________________
>> Postfix-br mailing list
>> [hidden email]
>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>
>
> --
> Victório
>
>
> _______________________________________________
> Postfix-br mailing list
> [hidden email]
> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
_______________________________________________
Postfix-br mailing list
[hidden email]
http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
vic
Reply | Threaded
Open this post in threaded view
|

Re: Problema com auntenticação externa para enviar e-mails

vic
On 18-02-2015 14:00, Marcio L Santos wrote:
> Ola Victorio, como comentei no 1o post esse servidor foi legado, ate
> entao nao tinha mexido nele. o nilton OS mandou antes uns links sobre
> o  dovecot....Ontem de noite ja tive uma tentativa frustada de fazer
> funcionar. Vou tentar hoje com mais calma e ver se consigo fazer
> funcionar com o dovecot.
> Nao sou muito manso com postfix, e a pessoa que configurou nao deixou
> nada documentado, pelo que pude ver ele foi pegando tutorial daqui e
> dali e tentando ate fazer funcionar.

Fiz a pergunta porque é bem mais simples usar a autenticação do dovecot
quando já se usa ele para gerenciar as caixas de correio, afinal toda
parte de acesso ao backend de autenticação (passwd, sql, ldap, etc.) já
tá pronto.

A configuração é bem simples: http://www.postfix.org/SASL_README.html e
http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL

> 2015-02-18 13:25 GMT-02:00 Victório <[hidden email]>:
>> On 17-02-2015 13:16, Marcio L Santos wrote:
>>> E segue no mesmo... o que notei é que parece ser um problema com o
>>> saslauthd, pois na rede interna funciona pois as contas estao sem
>>> autenticação, se coloco autenticação ocorre o mesmo problema
>>
>> Mas se você usa o dovecot para pop3/imap, porque não usá-lo também para
>> autenticação smtp?
>>
>>
>>
>>
>>> 2015-02-13 8:52 GMT-02:00 Marcio L Santos <[hidden email]>:
>>>> Mias um teste realizado hoje
>>>> Os comandos:
>>>>    testsaslauthd -s smtp -u <myusername> -p <mypassword>
>>>>    testsaslauthd -s smtpd -u <myusername> -p <mypassword>
>>>>    testsaslauthd -u <myusername> -p <mypassword>
>>>>
>>>> Retornaram: 0: NO "authentication failed"
>>>> E nos logs ( messages):
>>>>
>>>> Feb 13 08:38:57 mail saslauthd[1925]: do_auth         : auth failure:
>>>> [user=teste] [service=smtpd] [realm=] [mech=pam] [reason=PAM auth
>>>> error]
>>>> Feb 13 08:39:07 mail saslauthd[1927]: do_auth         : auth failure:
>>>> [user=teste] [service=imap] [realm=] [mech=pam] [reason=PAM auth
>>>> error]
>>>>
>>>> 2015-02-13 8:07 GMT-02:00 Marcio L Santos <[hidden email]>:
>>>>> Julio, aquela opção que comentei no primeiro post e reproduzo abaixo,
>>>>> poderia ajudar? Ou nao tem nada a ver?
>>>>> Nao executei pois tenho receio de piorar ao inves de ajudar .....
>>>>>
>>>>> https://www.virtualmin.com/node/12960
>>>>>
>>>>> Well, the issue that appears to be occurring above looks like a
>>>>> problem with Postfix talking to the saslauth daemon.
>>>>>
>>>>> I've seen that occur on older Ubuntu/Debian installs (in theory, that
>>>>> should be corrected with the current install.sh script).
>>>>>
>>>>> However, to resolve it, run this command as root:
>>>>>
>>>>> usermod -a -G sasl postfix
>>>>>
>>>>> And then restart Saslauthd:
>>>>>
>>>>> /etc/init.d/saslauthd restart
>>>>>
>>>>> 2015-02-12 13:47 GMT-02:00 Marcio L Santos <[hidden email]>:
>>>>>> Mesmo erro....testei no celular com a porta 587, com autenticacao e
>>>>>> tls e tambem sem o tls....
>>>>>> Sempre da no celular quando vou configurar a saida:
>>>>>> 535 5.7.0 Error; authentication failed: authentication failure
>>>>>> E os logs do postfix (maillog) a mesma coisa de antes
>>>>>> Feb 12 13:34:17 mail postfix/smtpd[4065]: warning: 179.219.xxx.xxx:
>>>>>> hostname xxx.virtua.com.br verification failed: Name or service not
>>>>>> known
>>>>>> Feb 12 13:34:17 mail postfix/smtpd[4065]: connect from
>>>>>> unknown[179.219.xxx.xxx]
>>>>>> Feb 12 13:34:18 mail postfix/smtpd[4065]: warning: SASL authentication
>>>>>> failure: Password verification failed
>>>>>> Feb 12 13:34:18 mail postfix/smtpd[4065]: warning:
>>>>>> unknown[179.219.xxx.xxx]: SASL PLAIN authentication failed:
>>>>>> authentication failure
>>>>>>
>>>>>> 2015-02-12 13:34 GMT-02:00 Julio Cesar Covolato <[hidden email]>:
>>>>>>> Ok. Configure um cliente externo para usar a porta 587 para envios...
>>>>>>>
>>>>>>> -----------------------------
>>>>>>>       _    Engº Julio Cesar Covolato
>>>>>>>      0v0   <[hidden email]>
>>>>>>>     /(_)\  F: 55-11-3129-3366
>>>>>>>      ^ ^   PSI INTERNET
>>>>>>> -----------------------------
>>>>>>>
>>>>>>> On 12/02/2015 13:13, Marcio L Santos wrote:
>>>>>>>> Ola Julio, obrigado pela ajuda, a principio esta sim..... O meu
>>>>>>>> master.cf esta assim:
>>>>>>>>
>>>>>>>> smtp      inet  n       -       n       -       -       smtpd
>>>>>>>> submission inet n       -       n       -       -       smtpd
>>>>>>>>      -o smtpd_enforce_tls=yes
>>>>>>>>      -o smtpd_sasl_auth_enable=yes
>>>>>>>>      -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>>>>>>>> smtps     inet  n       -       n       -       -       smtpd
>>>>>>>>      -o smtpd_tls_wrappermode=yes
>>>>>>>>      -o smtpd_sasl_auth_enable=yes
>>>>>>>>      -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>>>>>>>> #628      inet  n       -       n       -       -       qmqpd
>>>>>>>> pickup    fifo  n       -       n       60      1       pickup
>>>>>>>> cleanup   unix  n       -       n       -       0       cleanup
>>>>>>>> qmgr      fifo  n       -       n       300     1       qmgr
>>>>>>>> #qmgr     fifo  n       -       n       300     1       oqmgr
>>>>>>>> tlsmgr    unix  -       -       n       1000?   1       tlsmgr
>>>>>>>> rewrite   unix  -       -       n       -       -
>>>>>>>> trivial-rewrite
>>>>>>>> bounce    unix  -       -       n       -       0       bounce
>>>>>>>> defer     unix  -       -       n       -       0       bounce
>>>>>>>> trace     unix  -       -       n       -       0       bounce
>>>>>>>> verify    unix  -       -       n       -       1       verify
>>>>>>>> flush     unix  n       -       n       1000?   0       flush
>>>>>>>> proxymap  unix  -       -       n       -       -       proxymap
>>>>>>>> smtp      unix  -       -       n       -       -       smtp
>>>>>>>> # When relaying mail as backup MX, disable fallback_relay to avoid MX
>>>>>>>> loops
>>>>>>>> relay     unix  -       -       n       -       -       smtp
>>>>>>>>            -o fallback_relay=
>>>>>>>> #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
>>>>>>>> #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
>>>>>>>> showq     unix  n       -       n       -       -       showq
>>>>>>>> error     unix  -       -       n       -       -       error
>>>>>>>> discard   unix  -       -       n       -       -       discard
>>>>>>>> local     unix  -       n       n       -       -       local
>>>>>>>> virtual   unix  -       n       n       -       -       virtual
>>>>>>>> lmtp      unix  -       -       n       -       -       lmtp
>>>>>>>> anvil     unix  -       -       n       -       1       anvil
>>>>>>>> scache    unix  -       -       n       -       1       scache
>>>>>>>> #
>>>>>>>> #
>>>>>>>> ====================================================================
>>>>>>>> # Interfaces to non-Postfix software. Be sure to examine the manual
>>>>>>>> # pages of the non-Postfix software to find out what options it
>>>>>>>> wants.
>>>>>>>> #
>>>>>>>> # Many of the following services use the Postfix pipe(8) delivery
>>>>>>>> # agent.  See the pipe(8) man page for information about ${recipient}
>>>>>>>> # and other message envelope options.
>>>>>>>> #
>>>>>>>> ====================================================================
>>>>>>>> #
>>>>>>>> # maildrop. See the Postfix MAILDROP_README file for details.
>>>>>>>> # Also specify in main.cf: maildrop_destination_recipient_limit=1
>>>>>>>> #
>>>>>>>> maildrop  unix  -       n       n       -       -       pipe
>>>>>>>>     flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
>>>>>>>> ##maildrop  unix  -       n       n       -       -       pipe
>>>>>>>> ##  flags=DRhu user=vmail argv=/usr/bin/env SENDER=${sender}
>>>>>>>> ##  RECIPIENT=${recipient} EXTENSION=${extension} /usr/bin/maildrop
>>>>>>>> ##  -w 90 -d ${user}@${nexthop} ${extension} ${recipient} ${user}
>>>>>>>> ${nexthop}
>>>>>>>> #
>>>>>>>> # The Cyrus deliver program has changed incompatibly, multiple times.
>>>>>>>> #
>>>>>>>> old-cyrus unix  -       n       n       -       -       pipe
>>>>>>>>      flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m
>>>>>>>> ${extension} ${user}
>>>>>>>> # Cyrus 2.1.5 (Amos Gouaux)
>>>>>>>> # Also specify in main.cf: cyrus_destination_recipient_limit=1
>>>>>>>> #cyrus     unix  -       n       n       -       -       pipe
>>>>>>>> #  user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m
>>>>>>>> ${extension} ${user}
>>>>>>>> #
>>>>>>>> # See the Postfix UUCP_README file for configuration details.
>>>>>>>> #
>>>>>>>> uucp      unix  -       n       n       -       -       pipe
>>>>>>>>      flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
>>>>>>>> ($recipient)
>>>>>>>> #
>>>>>>>> # Other external delivery methods.
>>>>>>>> #
>>>>>>>> ifmail    unix  -       n       n       -       -       pipe
>>>>>>>>      flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop
>>>>>>>> ($recipient)
>>>>>>>> bsmtp     unix  -       n       n       -       -       pipe
>>>>>>>>      flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop
>>>>>>>> $recipient
>>>>>>>>
>>>>>>>> # Vacation
>>>>>>>> vacation  unix  -       n       n       -       -       pipe
>>>>>>>>         flags=Rq user=vacation argv=/var/spool/vacation/vacation.pl -f
>>>>>>>> $(sender) ${recipient}
>>>>>>>>
>>>>>>>> ## DOVECOT ##
>>>>>>>> dovecot unix - n n - - pipe
>>>>>>>>      flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d
>>>>>>>> $(recipient)
>>>>>>>> ## Amavis ##
>>>>>>>> amavisfeed unix    -       -       n        -      2     lmtp
>>>>>>>>        -o lmtp_data_done_timeout=1200
>>>>>>>>        -o lmtp_send_xforward_command=yes
>>>>>>>>        -o disable_dns_lookups=yes
>>>>>>>>        -o max_use=20
>>>>>>>>
>>>>>>>> 127.0.0.1:10025 inet n    -       n       -       -     smtpd
>>>>>>>>        -o content_filter=
>>>>>>>>        -o smtpd_delay_reject=no
>>>>>>>>        -o smtpd_client_restrictions=permit_mynetworks,reject
>>>>>>>>        -o smtpd_helo_restrictions=
>>>>>>>>        -o smtpd_sender_restrictions=
>>>>>>>>        -o smtpd_recipient_restrictions=permit_mynetworks,reject
>>>>>>>>        -o smtpd_data_restrictions=reject_unauth_pipelining
>>>>>>>>        -o smtpd_end_of_data_restrictions=
>>>>>>>>        -o smtpd_restriction_classes=
>>>>>>>>        -o mynetworks=127.0.0.0/8
>>>>>>>>        -o smtpd_error_sleep_time=0
>>>>>>>>        -o smtpd_soft_error_limit=1001
>>>>>>>>        -o smtpd_hard_error_limit=1000
>>>>>>>>        -o smtpd_client_connection_count_limit=0
>>>>>>>>        -o smtpd_client_connection_rate_limit=0
>>>>>>>>        -o
>>>>>>>>
>>>>>>>> receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings
>>>>>>>>        -o local_header_rewrite_clients=
>>>>>>>>        -o smtpd_milters=
>>>>>>>>        -o local_recipient_maps=
>>>>>>>>        -o relay_recipient_maps=
>>>>>>>>
>>>>>>>> 2015-02-12 12:52 GMT-02:00 Julio Cesar Covolato <[hidden email]>:
>>>>>>>>> Olá Marcio.
>>>>>>>>>
>>>>>>>>> Vc liberou a porta submission 587 ou smtps 465 para acessos
>>>>>>>>> externos?
>>>>>>>>> Se não, adicione ao seu /etc/postfix/master.cf:
>>>>>>>>>
>>>>>>>>> submission inet n       -       n       -       -       smtpd
>>>>>>>>>      -o smtpd_enforce_tls=yes
>>>>>>>>>      -o smtpd_sasl_auth_enable=yes
>>>>>>>>>      -o
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
>>>>>>>>> #  -o content_filter=smtp-amavis:[127.0.0.1]:10026
>>>>>>>>>      -o syslog_name=postfix/submission
>>>>>>>>> #  -o receive_override_options=no_header_body_checks
>>>>>>>>>
>>>>>>>>> smtps     inet  n       -       n       -       -       smtpd
>>>>>>>>>      -o smtpd_tls_wrappermode=yes
>>>>>>>>>      -o smtpd_sasl_auth_enable=yes
>>>>>>>>>      -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>>>>>>>>> #  -o content_filter=smtp-amavis:[127.0.0.1]:10026
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> E configure seus clientes para enviarem numa dessas portas.
>>>>>>>>>
>>>>>>>>> -----------------------------
>>>>>>>>>        _    Engº Julio Cesar Covolato
>>>>>>>>>       0v0   <[hidden email]>
>>>>>>>>>      /(_)\  F: 55-11-3129-3366
>>>>>>>>>       ^ ^   PSI INTERNET
>>>>>>>>> -----------------------------
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On 12/02/2015 11:28, Marcio L Santos wrote:
>>>>>>>>>> Bom dia pessoal, tenho um postfix + mysql + dovecot rodando em um
>>>>>>>>>> centos
>>>>>>>>>> 5.6
>>>>>>>>>> è uma máquina antiga "herdada" da antiga administração da TI.
>>>>>>>>>> Esta com os dias contados, pois sera atualizado ( hardware e soft).
>>>>>>>>>> Mas por enquanto tenho que ir levando como esta...
>>>>>>>>>> Tudo funcionava bem, ate que de uns dias pra ca começou a dar
>>>>>>>>>> problema
>>>>>>>>>> na autenticação para envio de e-mails fora da rede ( ex celular),
>>>>>>>>>> da
>>>>>>>>>> usuario e senha invalido para o smtpd.
>>>>>>>>>> Nos logs do postfix aparece isso na hora:
>>>>>>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: 179.219.xxx.xxx:
>>>>>>>>>> hostname xxxx.virtua.com.br verification failed: Name or service
>>>>>>>>>> not
>>>>>>>>>> known
>>>>>>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: connect from
>>>>>>>>>> unknown[179.219.xxx.xxx]
>>>>>>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: SASL
>>>>>>>>>> authentication
>>>>>>>>>> failure: Password verification failed
>>>>>>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: unknown[xxx.xxx]:
>>>>>>>>>> SASL PLAIN authentication failed:
>>>>>>>>>>
>>>>>>>>>> Ja troquei a senha e nada, no webmail e no outlook na rede interna
>>>>>>>>>> vai
>>>>>>>>>> tranquilo, de fora so recebe.
>>>>>>>>>>
>>>>>>>>>> Vim uma sugestao nesse topico:
>>>>>>>>>> https://www.virtualmin.com/node/12960
>>>>>>>>>>
>>>>>>>>>> Well, the issue that appears to be occurring above looks like a
>>>>>>>>>> problem with Postfix talking to the saslauth daemon.
>>>>>>>>>>
>>>>>>>>>> I've seen that occur on older Ubuntu/Debian installs (in theory,
>>>>>>>>>> that
>>>>>>>>>> should be corrected with the current install.sh script).
>>>>>>>>>>
>>>>>>>>>> However, to resolve it, run this command as root:
>>>>>>>>>>
>>>>>>>>>> usermod -a -G sasl postfix
>>>>>>>>>>
>>>>>>>>>> And then restart Saslauthd:
>>>>>>>>>>
>>>>>>>>>> /etc/init.d/saslauthd restart
>>>>>>>>>>
>>>>>>>>>> And then give it another shot, that should do the trick!
>>>>>>>>>>
>>>>>>>>>> -Eric
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Poderia ser essa uma solução? Nao quis testar sem antes ter uma
>>>>>>>>>> segunda
>>>>>>>>>> opiniao.
>>>>>>>>>> Obrigado.
>>>>>>>>>> _______________________________________________
>>>>>>>>>> Postfix-br mailing list
>>>>>>>>>> [hidden email]
>>>>>>>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> Postfix-br mailing list
>>>>>>>>> [hidden email]
>>>>>>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>>>>>>> _______________________________________________
>>>>>>>> Postfix-br mailing list
>>>>>>>> [hidden email]
>>>>>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Postfix-br mailing list
>>>>>>> [hidden email]
>>>>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>> _______________________________________________
>>> Postfix-br mailing list
>>> [hidden email]
>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>
>> --
>> Victório
>>
>>
>> _______________________________________________
>> Postfix-br mailing list
>> [hidden email]
>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
> _______________________________________________
> Postfix-br mailing list
> [hidden email]
> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br

--
Victório

_______________________________________________
Postfix-br mailing list
[hidden email]
http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
Reply | Threaded
Open this post in threaded view
|

Re: Problema com auntenticação externa para enviar e-mails

Marcio L Santos
Ola Victorio e Nilton segui os links que voces mandaram e consegui
resolver usando o dovecot.
Obrigado!
Deixo aqui nesse mesmo topico a mensagem do Nilton com os links, a do
Victorio esta nessa mesma thread...
2015-02-18 12:07 GMT-02:00 Nilton OS <>:
2015-02-18 15:24 GMT-02:00 Victório <[hidden email]>:

> On 18-02-2015 14:00, Marcio L Santos wrote:
>>
>> Ola Victorio, como comentei no 1o post esse servidor foi legado, ate
>> entao nao tinha mexido nele. o nilton OS mandou antes uns links sobre
>> o  dovecot....Ontem de noite ja tive uma tentativa frustada de fazer
>> funcionar. Vou tentar hoje com mais calma e ver se consigo fazer
>> funcionar com o dovecot.
>> Nao sou muito manso com postfix, e a pessoa que configurou nao deixou
>> nada documentado, pelo que pude ver ele foi pegando tutorial daqui e
>> dali e tentando ate fazer funcionar.
>
>
> Fiz a pergunta porque é bem mais simples usar a autenticação do dovecot
> quando já se usa ele para gerenciar as caixas de correio, afinal toda parte
> de acesso ao backend de autenticação (passwd, sql, ldap, etc.) já tá pronto.
>
> A configuração é bem simples: http://www.postfix.org/SASL_README.html e
> http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL
>
>
>> 2015-02-18 13:25 GMT-02:00 Victório <[hidden email]>:
>>>
>>> On 17-02-2015 13:16, Marcio L Santos wrote:
>>>>
>>>> E segue no mesmo... o que notei é que parece ser um problema com o
>>>> saslauthd, pois na rede interna funciona pois as contas estao sem
>>>> autenticação, se coloco autenticação ocorre o mesmo problema
>>>
>>>
>>> Mas se você usa o dovecot para pop3/imap, porque não usá-lo também para
>>> autenticação smtp?
>>>
>>>
>>>
>>>
>>>> 2015-02-13 8:52 GMT-02:00 Marcio L Santos <[hidden email]>:
>>>>>
>>>>> Mias um teste realizado hoje
>>>>> Os comandos:
>>>>>    testsaslauthd -s smtp -u <myusername> -p <mypassword>
>>>>>    testsaslauthd -s smtpd -u <myusername> -p <mypassword>
>>>>>    testsaslauthd -u <myusername> -p <mypassword>
>>>>>
>>>>> Retornaram: 0: NO "authentication failed"
>>>>> E nos logs ( messages):
>>>>>
>>>>> Feb 13 08:38:57 mail saslauthd[1925]: do_auth         : auth failure:
>>>>> [user=teste] [service=smtpd] [realm=] [mech=pam] [reason=PAM auth
>>>>> error]
>>>>> Feb 13 08:39:07 mail saslauthd[1927]: do_auth         : auth failure:
>>>>> [user=teste] [service=imap] [realm=] [mech=pam] [reason=PAM auth
>>>>> error]
>>>>>
>>>>> 2015-02-13 8:07 GMT-02:00 Marcio L Santos <[hidden email]>:
>>>>>>
>>>>>> Julio, aquela opção que comentei no primeiro post e reproduzo abaixo,
>>>>>> poderia ajudar? Ou nao tem nada a ver?
>>>>>> Nao executei pois tenho receio de piorar ao inves de ajudar .....
>>>>>>
>>>>>> https://www.virtualmin.com/node/12960
>>>>>>
>>>>>> Well, the issue that appears to be occurring above looks like a
>>>>>> problem with Postfix talking to the saslauth daemon.
>>>>>>
>>>>>> I've seen that occur on older Ubuntu/Debian installs (in theory, that
>>>>>> should be corrected with the current install.sh script).
>>>>>>
>>>>>> However, to resolve it, run this command as root:
>>>>>>
>>>>>> usermod -a -G sasl postfix
>>>>>>
>>>>>> And then restart Saslauthd:
>>>>>>
>>>>>> /etc/init.d/saslauthd restart
>>>>>>
>>>>>> 2015-02-12 13:47 GMT-02:00 Marcio L Santos
>>>>>> <[hidden email]>:
>>>>>>>
>>>>>>> Mesmo erro....testei no celular com a porta 587, com autenticacao e
>>>>>>> tls e tambem sem o tls....
>>>>>>> Sempre da no celular quando vou configurar a saida:
>>>>>>> 535 5.7.0 Error; authentication failed: authentication failure
>>>>>>> E os logs do postfix (maillog) a mesma coisa de antes
>>>>>>> Feb 12 13:34:17 mail postfix/smtpd[4065]: warning: 179.219.xxx.xxx:
>>>>>>> hostname xxx.virtua.com.br verification failed: Name or service not
>>>>>>> known
>>>>>>> Feb 12 13:34:17 mail postfix/smtpd[4065]: connect from
>>>>>>> unknown[179.219.xxx.xxx]
>>>>>>> Feb 12 13:34:18 mail postfix/smtpd[4065]: warning: SASL
>>>>>>> authentication
>>>>>>> failure: Password verification failed
>>>>>>> Feb 12 13:34:18 mail postfix/smtpd[4065]: warning:
>>>>>>> unknown[179.219.xxx.xxx]: SASL PLAIN authentication failed:
>>>>>>> authentication failure
>>>>>>>
>>>>>>> 2015-02-12 13:34 GMT-02:00 Julio Cesar Covolato <[hidden email]>:
>>>>>>>>
>>>>>>>> Ok. Configure um cliente externo para usar a porta 587 para
>>>>>>>> envios...
>>>>>>>>
>>>>>>>> -----------------------------
>>>>>>>>       _    Engº Julio Cesar Covolato
>>>>>>>>      0v0   <[hidden email]>
>>>>>>>>     /(_)\  F: 55-11-3129-3366
>>>>>>>>      ^ ^   PSI INTERNET
>>>>>>>> -----------------------------
>>>>>>>>
>>>>>>>> On 12/02/2015 13:13, Marcio L Santos wrote:
>>>>>>>>>
>>>>>>>>> Ola Julio, obrigado pela ajuda, a principio esta sim..... O meu
>>>>>>>>> master.cf esta assim:
>>>>>>>>>
>>>>>>>>> smtp      inet  n       -       n       -       -       smtpd
>>>>>>>>> submission inet n       -       n       -       -       smtpd
>>>>>>>>>      -o smtpd_enforce_tls=yes
>>>>>>>>>      -o smtpd_sasl_auth_enable=yes
>>>>>>>>>      -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>>>>>>>>> smtps     inet  n       -       n       -       -       smtpd
>>>>>>>>>      -o smtpd_tls_wrappermode=yes
>>>>>>>>>      -o smtpd_sasl_auth_enable=yes
>>>>>>>>>      -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>>>>>>>>> #628      inet  n       -       n       -       -       qmqpd
>>>>>>>>> pickup    fifo  n       -       n       60      1       pickup
>>>>>>>>> cleanup   unix  n       -       n       -       0       cleanup
>>>>>>>>> qmgr      fifo  n       -       n       300     1       qmgr
>>>>>>>>> #qmgr     fifo  n       -       n       300     1       oqmgr
>>>>>>>>> tlsmgr    unix  -       -       n       1000?   1       tlsmgr
>>>>>>>>> rewrite   unix  -       -       n       -       -
>>>>>>>>> trivial-rewrite
>>>>>>>>> bounce    unix  -       -       n       -       0       bounce
>>>>>>>>> defer     unix  -       -       n       -       0       bounce
>>>>>>>>> trace     unix  -       -       n       -       0       bounce
>>>>>>>>> verify    unix  -       -       n       -       1       verify
>>>>>>>>> flush     unix  n       -       n       1000?   0       flush
>>>>>>>>> proxymap  unix  -       -       n       -       -       proxymap
>>>>>>>>> smtp      unix  -       -       n       -       -       smtp
>>>>>>>>> # When relaying mail as backup MX, disable fallback_relay to avoid
>>>>>>>>> MX
>>>>>>>>> loops
>>>>>>>>> relay     unix  -       -       n       -       -       smtp
>>>>>>>>>            -o fallback_relay=
>>>>>>>>> #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
>>>>>>>>> #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
>>>>>>>>> showq     unix  n       -       n       -       -       showq
>>>>>>>>> error     unix  -       -       n       -       -       error
>>>>>>>>> discard   unix  -       -       n       -       -       discard
>>>>>>>>> local     unix  -       n       n       -       -       local
>>>>>>>>> virtual   unix  -       n       n       -       -       virtual
>>>>>>>>> lmtp      unix  -       -       n       -       -       lmtp
>>>>>>>>> anvil     unix  -       -       n       -       1       anvil
>>>>>>>>> scache    unix  -       -       n       -       1       scache
>>>>>>>>> #
>>>>>>>>> #
>>>>>>>>>
>>>>>>>>> ====================================================================
>>>>>>>>> # Interfaces to non-Postfix software. Be sure to examine the manual
>>>>>>>>> # pages of the non-Postfix software to find out what options it
>>>>>>>>> wants.
>>>>>>>>> #
>>>>>>>>> # Many of the following services use the Postfix pipe(8) delivery
>>>>>>>>> # agent.  See the pipe(8) man page for information about
>>>>>>>>> ${recipient}
>>>>>>>>> # and other message envelope options.
>>>>>>>>> #
>>>>>>>>>
>>>>>>>>> ====================================================================
>>>>>>>>> #
>>>>>>>>> # maildrop. See the Postfix MAILDROP_README file for details.
>>>>>>>>> # Also specify in main.cf: maildrop_destination_recipient_limit=1
>>>>>>>>> #
>>>>>>>>> maildrop  unix  -       n       n       -       -       pipe
>>>>>>>>>     flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d
>>>>>>>>> ${recipient}
>>>>>>>>> ##maildrop  unix  -       n       n       -       -       pipe
>>>>>>>>> ##  flags=DRhu user=vmail argv=/usr/bin/env SENDER=${sender}
>>>>>>>>> ##  RECIPIENT=${recipient} EXTENSION=${extension} /usr/bin/maildrop
>>>>>>>>> ##  -w 90 -d ${user}@${nexthop} ${extension} ${recipient} ${user}
>>>>>>>>> ${nexthop}
>>>>>>>>> #
>>>>>>>>> # The Cyrus deliver program has changed incompatibly, multiple
>>>>>>>>> times.
>>>>>>>>> #
>>>>>>>>> old-cyrus unix  -       n       n       -       -       pipe
>>>>>>>>>      flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m
>>>>>>>>> ${extension} ${user}
>>>>>>>>> # Cyrus 2.1.5 (Amos Gouaux)
>>>>>>>>> # Also specify in main.cf: cyrus_destination_recipient_limit=1
>>>>>>>>> #cyrus     unix  -       n       n       -       -       pipe
>>>>>>>>> #  user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m
>>>>>>>>> ${extension} ${user}
>>>>>>>>> #
>>>>>>>>> # See the Postfix UUCP_README file for configuration details.
>>>>>>>>> #
>>>>>>>>> uucp      unix  -       n       n       -       -       pipe
>>>>>>>>>      flags=Fqhu user=uucp argv=uux -r -n -z -a$sender -
>>>>>>>>> $nexthop!rmail
>>>>>>>>> ($recipient)
>>>>>>>>> #
>>>>>>>>> # Other external delivery methods.
>>>>>>>>> #
>>>>>>>>> ifmail    unix  -       n       n       -       -       pipe
>>>>>>>>>      flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop
>>>>>>>>> ($recipient)
>>>>>>>>> bsmtp     unix  -       n       n       -       -       pipe
>>>>>>>>>      flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender
>>>>>>>>> $nexthop
>>>>>>>>> $recipient
>>>>>>>>>
>>>>>>>>> # Vacation
>>>>>>>>> vacation  unix  -       n       n       -       -       pipe
>>>>>>>>>         flags=Rq user=vacation argv=/var/spool/vacation/vacation.pl
>>>>>>>>> -f
>>>>>>>>> $(sender) ${recipient}
>>>>>>>>>
>>>>>>>>> ## DOVECOT ##
>>>>>>>>> dovecot unix - n n - - pipe
>>>>>>>>>      flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver
>>>>>>>>> -d
>>>>>>>>> $(recipient)
>>>>>>>>> ## Amavis ##
>>>>>>>>> amavisfeed unix    -       -       n        -      2     lmtp
>>>>>>>>>        -o lmtp_data_done_timeout=1200
>>>>>>>>>        -o lmtp_send_xforward_command=yes
>>>>>>>>>        -o disable_dns_lookups=yes
>>>>>>>>>        -o max_use=20
>>>>>>>>>
>>>>>>>>> 127.0.0.1:10025 inet n    -       n       -       -     smtpd
>>>>>>>>>        -o content_filter=
>>>>>>>>>        -o smtpd_delay_reject=no
>>>>>>>>>        -o smtpd_client_restrictions=permit_mynetworks,reject
>>>>>>>>>        -o smtpd_helo_restrictions=
>>>>>>>>>        -o smtpd_sender_restrictions=
>>>>>>>>>        -o smtpd_recipient_restrictions=permit_mynetworks,reject
>>>>>>>>>        -o smtpd_data_restrictions=reject_unauth_pipelining
>>>>>>>>>        -o smtpd_end_of_data_restrictions=
>>>>>>>>>        -o smtpd_restriction_classes=
>>>>>>>>>        -o mynetworks=127.0.0.0/8
>>>>>>>>>        -o smtpd_error_sleep_time=0
>>>>>>>>>        -o smtpd_soft_error_limit=1001
>>>>>>>>>        -o smtpd_hard_error_limit=1000
>>>>>>>>>        -o smtpd_client_connection_count_limit=0
>>>>>>>>>        -o smtpd_client_connection_rate_limit=0
>>>>>>>>>        -o
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings
>>>>>>>>>        -o local_header_rewrite_clients=
>>>>>>>>>        -o smtpd_milters=
>>>>>>>>>        -o local_recipient_maps=
>>>>>>>>>        -o relay_recipient_maps=
>>>>>>>>>
>>>>>>>>> 2015-02-12 12:52 GMT-02:00 Julio Cesar Covolato <[hidden email]>:
>>>>>>>>>>
>>>>>>>>>> Olá Marcio.
>>>>>>>>>>
>>>>>>>>>> Vc liberou a porta submission 587 ou smtps 465 para acessos
>>>>>>>>>> externos?
>>>>>>>>>> Se não, adicione ao seu /etc/postfix/master.cf:
>>>>>>>>>>
>>>>>>>>>> submission inet n       -       n       -       -       smtpd
>>>>>>>>>>      -o smtpd_enforce_tls=yes
>>>>>>>>>>      -o smtpd_sasl_auth_enable=yes
>>>>>>>>>>      -o
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
>>>>>>>>>> #  -o content_filter=smtp-amavis:[127.0.0.1]:10026
>>>>>>>>>>      -o syslog_name=postfix/submission
>>>>>>>>>> #  -o receive_override_options=no_header_body_checks
>>>>>>>>>>
>>>>>>>>>> smtps     inet  n       -       n       -       -       smtpd
>>>>>>>>>>      -o smtpd_tls_wrappermode=yes
>>>>>>>>>>      -o smtpd_sasl_auth_enable=yes
>>>>>>>>>>      -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>>>>>>>>>> #  -o content_filter=smtp-amavis:[127.0.0.1]:10026
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> E configure seus clientes para enviarem numa dessas portas.
>>>>>>>>>>
>>>>>>>>>> -----------------------------
>>>>>>>>>>        _    Engº Julio Cesar Covolato
>>>>>>>>>>       0v0   <[hidden email]>
>>>>>>>>>>      /(_)\  F: 55-11-3129-3366
>>>>>>>>>>       ^ ^   PSI INTERNET
>>>>>>>>>> -----------------------------
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On 12/02/2015 11:28, Marcio L Santos wrote:
>>>>>>>>>>>
>>>>>>>>>>> Bom dia pessoal, tenho um postfix + mysql + dovecot rodando em um
>>>>>>>>>>> centos
>>>>>>>>>>> 5.6
>>>>>>>>>>> è uma máquina antiga "herdada" da antiga administração da TI.
>>>>>>>>>>> Esta com os dias contados, pois sera atualizado ( hardware e
>>>>>>>>>>> soft).
>>>>>>>>>>> Mas por enquanto tenho que ir levando como esta...
>>>>>>>>>>> Tudo funcionava bem, ate que de uns dias pra ca começou a dar
>>>>>>>>>>> problema
>>>>>>>>>>> na autenticação para envio de e-mails fora da rede ( ex celular),
>>>>>>>>>>> da
>>>>>>>>>>> usuario e senha invalido para o smtpd.
>>>>>>>>>>> Nos logs do postfix aparece isso na hora:
>>>>>>>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning:
>>>>>>>>>>> 179.219.xxx.xxx:
>>>>>>>>>>> hostname xxxx.virtua.com.br verification failed: Name or service
>>>>>>>>>>> not
>>>>>>>>>>> known
>>>>>>>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: connect from
>>>>>>>>>>> unknown[179.219.xxx.xxx]
>>>>>>>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning: SASL
>>>>>>>>>>> authentication
>>>>>>>>>>> failure: Password verification failed
>>>>>>>>>>> Feb 12 09:31:40 mail postfix/smtpd[333]: warning:
>>>>>>>>>>> unknown[xxx.xxx]:
>>>>>>>>>>> SASL PLAIN authentication failed:
>>>>>>>>>>>
>>>>>>>>>>> Ja troquei a senha e nada, no webmail e no outlook na rede
>>>>>>>>>>> interna
>>>>>>>>>>> vai
>>>>>>>>>>> tranquilo, de fora so recebe.
>>>>>>>>>>>
>>>>>>>>>>> Vim uma sugestao nesse topico:
>>>>>>>>>>> https://www.virtualmin.com/node/12960
>>>>>>>>>>>
>>>>>>>>>>> Well, the issue that appears to be occurring above looks like a
>>>>>>>>>>> problem with Postfix talking to the saslauth daemon.
>>>>>>>>>>>
>>>>>>>>>>> I've seen that occur on older Ubuntu/Debian installs (in theory,
>>>>>>>>>>> that
>>>>>>>>>>> should be corrected with the current install.sh script).
>>>>>>>>>>>
>>>>>>>>>>> However, to resolve it, run this command as root:
>>>>>>>>>>>
>>>>>>>>>>> usermod -a -G sasl postfix
>>>>>>>>>>>
>>>>>>>>>>> And then restart Saslauthd:
>>>>>>>>>>>
>>>>>>>>>>> /etc/init.d/saslauthd restart
>>>>>>>>>>>
>>>>>>>>>>> And then give it another shot, that should do the trick!
>>>>>>>>>>>
>>>>>>>>>>> -Eric
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Poderia ser essa uma solução? Nao quis testar sem antes ter uma
>>>>>>>>>>> segunda
>>>>>>>>>>> opiniao.
>>>>>>>>>>> Obrigado.
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> Postfix-br mailing list
>>>>>>>>>>> [hidden email]
>>>>>>>>>>>
>>>>>>>>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> Postfix-br mailing list
>>>>>>>>>> [hidden email]
>>>>>>>>>>
>>>>>>>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> Postfix-br mailing list
>>>>>>>>> [hidden email]
>>>>>>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> Postfix-br mailing list
>>>>>>>> [hidden email]
>>>>>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>>>
>>>> _______________________________________________
>>>> Postfix-br mailing list
>>>> [hidden email]
>>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>>
>>>
>>> --
>>> Victório
>>>
>>>
>>> _______________________________________________
>>> Postfix-br mailing list
>>> [hidden email]
>>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>>
>> _______________________________________________
>> Postfix-br mailing list
>> [hidden email]
>> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
>
>
> --
> Victório
>
> _______________________________________________
> Postfix-br mailing list
> [hidden email]
> http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br
_______________________________________________
Postfix-br mailing list
[hidden email]
http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/postfix-br