Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

[solved]Postfix anomymous email wird immer noch zugelassen
 View unanswered posts
View posts from last 24 hours
View posts from last 7 days

 
Reply to topic    Gentoo Forums Forum Index Deutsches Forum (German)
View previous topic :: View next topic  
Author Message
gEry
Apprentice
Apprentice


Joined: 19 Feb 2005
Posts: 181
PostPosted: Mon Jul 16, 2007 9:37 am    Post subject: [solved]Postfix anomymous email wird immer noch zugelassen Reply with quote
Ich habe einen Postfix SMTP Server aufgesetzt. Inkl. Relay host. Ich habe die SASL Security Option "noanonymous" angegeben und doch kann ich noch ohne AUTH EMails verschicken... (mit Auth ein Email verschicken klappt zwar, jedoch wird es nicht erzwungen, was ich möchte).

Hier das /etc/postfix/main.cf
Quote:

.
.
.
# Relay options
42 relayhost = smtp.example.com
43 relay_domains = example.com
44 permit_auth_destination = example.com
45 relay_transport = relay
46
47 # SMTP restrictions
48
49 smtpd_recipient_restrictions = permit_sasl_authenticated,reject_unauth_destination, warn_if_reject, permit_mynetworks, reject
50
51 smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch, reject_sender_login_mismatch
52
53 # SMTP sasl
54
55 smtpd_sasl_local_domain = $myhostname
56 smtpd_sasl_auth_enable = yes
57 smtpd_sasl_security_options = noanonymous
58 broken_sasl_auth_clients = yes
63
64 smtpd_sasl_authenticated_header = yes
67 smtpd_sasl_mechanism_filter = LOGIN, PLAIN, CRAM-MD5, NTML
68
69 # Alternative: dovecot
70 smtpd_sasl_type = cyrus
71 smtpd_sasl_path = smtpd
.
.
.


Hier die Logs, wie es aussieht, wenn Auth funktioniert:
Quote:

.
.
.
508 Jul 12 16:04:02 vbox postfix/smtpd[2291]: xsasl_cyrus_server_first: sasl_method CRAM-MD5
509 Jul 12 16:04:02 vbox postfix/smtpd[2291]: xsasl_cyrus_server_auth_response: uncoded server challenge: <226470676.98 43992@vbox.nscu>
510 Jul 12 16:04:02 vbox postfix/smtpd[2291]: > unknown[192.168.251.5]: 334 PDIyNjQ3MDY3Ni45ODQzOTkyQHZib3gubnNjdT4= (token)
511 Jul 12 16:04:02 vbox postfix/smtpd[2291]: < unknown[192.168.251.5]: c2FzbHVzZXIyIDVmZDdhMzhhNjA3YzNlMDA3YWM2ZTdmMTF lNmE2Nzhm (Auth String)
512 Jul 12 16:04:02 vbox postfix/smtpd[2291]: xsasl_cyrus_server_next: decoded response: sasluser2 5fd7a38a607c3e007ac6 e7f11e6a678f
513 Jul 12 16:04:02 vbox postfix/smtpd[2291]: > unknown[192.168.251.5]: 235 2.0.0 Authentication successful
514 Jul 12 16:04:02 vbox postfix/smtpd[2291]: < unknown[192.168.251.5]: MAIL FROM:<blah@example-com> SIZE =363
.
.
.


Nun sollte noch die Auth erzwungen werden. Was muss ich dafür tun?

Danke

Last edited by gEry on Mon Jul 16, 2007 3:21 pm; edited 1 time in total
Back to top
View user's profile Send private message
flash49
Apprentice
Apprentice


Joined: 12 Feb 2005
Posts: 233
PostPosted: Mon Jul 16, 2007 10:41 am    Post subject: Reply with quote
Code:

49 smtpd_recipient_restrictions = permit_sasl_authenticated,reject_unauth_destination, warn_if_reject, permit_mynetworks, reject

Das permit_mynetworks erlaubt allen Rechnern, die im lokalen Netz sind, Emails ohne Anmeldung zu verschicken.
Back to top
View user's profile Send private message
b3cks
Veteran
Veteran


Joined: 23 Mar 2004
Posts: 1481
Location: Bremen (GER)
PostPosted: Mon Jul 16, 2007 10:57 am    Post subject: Reply with quote
flash49 wrote:
Code:

49 smtpd_recipient_restrictions = permit_sasl_authenticated,reject_unauth_destination, warn_if_reject, permit_mynetworks, reject

Das permit_mynetworks erlaubt allen Rechnern, die im lokalen Netz sind, Emails ohne Anmeldung zu verschicken.

Das ist so nicht richtig. Es hängt davon ab, wie die Variable mynetworks konfiguriert ist.
_________________
I am /root and if you see me laughing you better have a backup.
Back to top
View user's profile Send private message
flash49
Apprentice
Apprentice


Joined: 12 Feb 2005
Posts: 233
PostPosted: Mon Jul 16, 2007 12:44 pm    Post subject: Reply with quote
b3cks wrote:

Das ist so nicht richtig. Es hängt davon ab, wie die Variable mynetworks konfiguriert ist.

Ok, stimmt. Ich bin jetzt einfach mal davon ausgegangen, das die Variable einem sinvollen und logischen Wert hat. z.B.:
Code:
 mynetworks = 127.0.0.0/8, 192.168.0.0/24

Wer da das ganze Internet einträgt, hat dann aber eine etwas ungewöhliche Aufassung darüber, was "seine" Netze sind. :wink:
Back to top
View user's profile Send private message
gEry
Apprentice
Apprentice


Joined: 19 Feb 2005
Posts: 181
PostPosted: Mon Jul 16, 2007 1:07 pm    Post subject: Reply with quote
and here we go!

Yes, it was the mynetworks definition. I already changed the value there and just put the value "127.0.0.1" in there... but since there i restored a backup and forgot to adjust the variable... (the local network was also a part of the value).

Just corrected that and everything works fine.

:oops:

Thank you!
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Deutsches Forum (German) All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy