Chinaunix首页 | 论坛 | 博客
  • 博客访问: 197523
  • 博文数量: 37
  • 博客积分: 510
  • 博客等级: 入伍新兵
  • 技术积分: 230
  • 用 户 组: 普通用户
  • 注册时间: 2011-10-02 19:49
文章分类

全部博文(37)

文章存档

2011年(37)

分类:

2011-10-14 13:25:22

原文地址:基于ldap的邮件验证 作者:ykyx00

1>
# postconf -n |grep smtpd_sasl
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot

# vim /etc/dovecot.conf
socket listen {
    #master {
      # Master socket provides access to userdb information. It's typically
      # used to give Dovecot's local delivery agent access to userdb so it
      # can find mailbox locations.
      #path = /var/run/dovecot/auth-master
      #mode = 0600
      # Default user/group is the one who started dovecot-auth (root)
      #user =
      #group =
    #}
    client {
      # The client socket is generally safe to export to everyone. Typical use
      # is to export it to your SMTP server so it can do SMTP AUTH lookups
      # using it.
      path = /var/spool/postfix/private/auth
      mode = 0660
      user = postfix
      group = postfix
    }
  }
}
# less /usr/share/doc/postfix-2.3.3/README_FILES/SASL_README

 perl -MMIME::Base64 -e         'print encode_base64("username\0username\0password");'
 perl -MMIME::Base64 -e 'print encode_base64("\0psir\@extmail.org\0f");'
AHBzaXJAZXh0bWFpbC5vcmcAZg==

# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 desktop92.example.com ESMTP Postfix
auth plain AHBzaXJAZXh0bWFpbC5vcmcAZg==
235 2.0.0 Authentication successful




2>
/usr/share/doc/cyrus-sasl-2.1.22
# cat /usr/lib64/sasl2/smtpd.conf
pwcheck_method: saslauthd
mech_list:plain login
saslauthd_path:/var/run/saslauthd/mux


# cat /etc/sysconfig/saslauthd
# Directory in which to place saslauthd's listening socket, pid file, and so
# on.  This directory must already exist.
SOCKETDIR=/var/run/saslauthd

# Mechanism to use when checking passwords.  Run "saslauthd -v" to get a list
# of which mechanism your installation was compiled with the ablity to use.
MECH=ldap   //将pam验证改成ldap验证

# Additional flags to pass to saslauthd on the command line.  See saslauthd(8)
# for the list of accepted flags.
FLAGS=

# cat /etc/saslauthd.conf
ldap_servers: ldap://127.0.0.1/
ldap_auth_method: bind
ldap_bind_dn: cn=Manager,dc=extmail.org
ldap_bind_pw: westos
ldap_filter:(&(objectClass=extmailUser)(mail=%U@%d))
ldap_base: dc=extmail.org
ldap_search_base: o=extmailAccount,dc=extmail.org

# /etc/init.d/saslauthd restart
# testsaslauthd -u psir@extmail.org -p f
0: OK "Success."
#perl -MMIME::Base64 -e 'print encode_base64("\0psir\@extmail.org\0f");'
AHBzaXJAZXh0bWFpbC5vcmcAZg==
还可以使用telnet来测试
# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 desktop92.example.com ESMTP Postfix
auth plain AHBzaXJAZXh0bWFpbC5vcmcAZg==
235 2.0.0 Authentication successful
阅读(1098) | 评论(0) | 转发(0) |
0

上一篇:rhel 6 安装nvidia驱动

下一篇:gpg加密及签名

给主人留下些什么吧!~~