- 论坛徽章:
- 0
|
环境:RHEL 4+mysql+cyrus-sasl2+courier-authlib+postfix
利用 cyrus-sasl-2.1.20 调用 courier-authlib 的authdaemon 来认证
1、mysql-4.1.18安装过程
# ./configure --prefix=/usr/local/mysql
# make
# make install
2、courier-authlib-0.58安装过程
# ./configure \
--with-redhat \
--with-authmysql=yes \
--with-mailuser=vmail --with-mailgroup=vmail \
--with-mysql-libs=/usr/local/mysql/lib/mysql \
--with-mysql-includes=/usr/local/mysql/include/mysql
# make
# make install
# make install-configure
3、cyrus-sasl-2.1.21安装过程
# ./configure \
--disable-anon -enable-plain --enable-login \
--enable-sql --with-mysql=/usr/local/mysql \
--with-mysql-includes=/usr/local/mysql/include/mysql \
--with-mysql-libs=/usr/local/mysql/lib/mysql \
--with-authdaemond=/usr/local/var/spool/authdaemon/socket
# make
# make install
4、postfix-2.2.10安装过程
# make -f Makefile.init makefiles \
'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql \
-DUSE_SASL_AUTH -I/usr/local/include/sasl’ \
'AUXLIBS=-L/usr/local/mysql/lib/mysql -lmysqlclient -lz -lm \
-L/usr/local/lib -lsasl2'
# make
# make install
安装过程中建立了如下用户:
# groupadd –g 10000 mysql
# useradd –u 10000 -g 10000 mysql
# groupadd -g 12345 postfix
# useradd -u 12345 -g 12345–d/dev/null –s/bin/false postfix
# groupadd -g 54321 postdrop
# groupadd -g 1001 vmail
# useradd -u 1001 -g 1001 -s/bin/false -d/dev/null vmail
重要文件设置如下:
# vi /etc/postfix/main.cf
#============sasl=========================
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks, \
permit_sasl_authenticated,reject_invalid_hostname, \
reject_non_fqdn_hostname,reject_unknown_sender_domain, \
reject_non_fqdn_sender,reject_non_fqdn_recipient, \
reject_unknown_recipient_domain,reject_unauth_pipelining, \
reject_unauth_destination,permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sasl_application_name = smtpd
smtpd_banner = $myhostname ESMTP "WELCOME"
# vi /usr/local/lib/sasl2/smtpd.conf
#==============smtpd.conf===================
pwcheck_method:authdaemond
log_level:3
mech_list LAIN LOGIN
authdaemond_path:/usr/local/var/spool/authdaemon/socket
# vi /usr/local/etc/authlib/authmysqlrc
#=================authmysqlrc=================
MYSQL_SERVER localhost
MYSQL_SOCKET /tmp/mysql.sock
MYSQL_DATABASE postfix
MYSQL_USERNAME postfix
MYSQL_PASSWORD postfix
MYSQL_USER_TABLE mailbox
MYSQL_LOGIN_FIELD username
MYSQL_CRYPT_PWFIELD clear
MYSQL_UID_FIELD '1001'
MYSQL_GID_FIELD '1001'
MYSQL_HOME_FIELD '/var/mailbox/'
MYSQL_MAILDIR_FIELD maildir
MYSQL_NAME_FIELD name
MYSQL_QUOTA_FIELD concat(quota,'S')
MYSQL_WHERE_CLUASE active='1'
DEFAULT_DOMAIN test.com
# 测试过程:
1、测试mysql
# mysql -u root -p
mysql>
通过
2、postfixadmin可以建立用户和邮箱
3、启动courier-authlib验证authdaemond
4、启动postfix
# postfix start
5、telnet localhost 25
220 linux.test.com Server ESMTP ready
auth login
535 Error: authentication failed
maillog日志如下:
Mar 27 00:12:38 linux postfix/postfix-script: starting the Postfix mail system
Mar 27 00:12:41 linux postfix/master[2348]: daemon started -- version 2.2.10-RC1, configuration /etc/postfix
Mar 27 00:15:37 linux postfix/smtpd[3063]: connect from linux.test.com[127.0.0.1]
Mar 27 00:15:49 linux postfix/smtpd[3063]: warning: linux.test.com[127.0.0.1]: SASL login authentication failed
Mar 27 00:15:52 linux postfix/smtpd[3063]: disconnect from linux.test.com[127.0.0.1]
[ 本帖最后由 情生意动 于 2006-3-27 00:33 编辑 ] |
|
免费注册
发表于 2006-03-26 23:23
发表于 2006-03-27 01:12