1>
# postconf -n |grep smtpd_sasl
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
# vim /etc/dovecot.conf
socket listen {
#master {
# Master socket provides access to userdb information. It's typically
# used to give Dovecot's local delivery agent access to userdb so it
# can find mailbox locations.
#path = /var/run/dovecot/auth-master
#mode = 0600
# Default user/group is the one who started dovecot-auth (root)
#user =
#group =
#}
client {
# The client socket is generally safe to export to everyone. Typical use
# is to export it to your SMTP server so it can do SMTP AUTH lookups
# using it.
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
group = postfix
}
}
}
# less /usr/share/doc/postfix-2.3.3/README_FILES/SASL_README
perl -MMIME::Base64 -e 'print encode_base64("username\0username\0password");'
perl -MMIME::Base64 -e 'print encode_base64("\0psir\@extmail.org\0f");'
AHBzaXJAZXh0bWFpbC5vcmcAZg==
# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 desktop92.example.com ESMTP Postfix
auth plain AHBzaXJAZXh0bWFpbC5vcmcAZg==
235 2.0.0 Authentication successful
2>
/usr/share/doc/cyrus-sasl-2.1.22
# cat /usr/lib64/sasl2/smtpd.conf
pwcheck_method: saslauthd
mech_list:plain login
saslauthd_path:/var/run/saslauthd/mux
# cat /etc/sysconfig/saslauthd
# Directory in which to place saslauthd's listening socket, pid file, and so
# on. This directory must already exist.
SOCKETDIR=/var/run/saslauthd
# Mechanism to use when checking passwords. Run "saslauthd -v" to get a list
# of which mechanism your installation was compiled with the ablity to use.
MECH=ldap //将pam验证改成ldap验证
# Additional flags to pass to saslauthd on the command line. See saslauthd(8)
# for the list of accepted flags.
FLAGS=
# cat /etc/saslauthd.conf
ldap_servers: ldap://127.0.0.1/
ldap_auth_method: bind
ldap_bind_dn: cn=Manager,dc=extmail.org
ldap_bind_pw: westos
ldap_filter:(&(objectClass=extmailUser)(mail=%U@%d))
ldap_base: dc=extmail.org
ldap_search_base: o=extmailAccount,dc=extmail.org
# /etc/init.d/saslauthd restart
# testsaslauthd -u psir@extmail.org -p f
0: OK "Success."
#perl -MMIME::Base64 -e 'print encode_base64("\0psir\@extmail.org\0f");'
AHBzaXJAZXh0bWFpbC5vcmcAZg==
还可以使用telnet来测试
# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 desktop92.example.com ESMTP Postfix
auth plain AHBzaXJAZXh0bWFpbC5vcmcAZg==
235 2.0.0 Authentication successful
阅读(1098) | 评论(0) | 转发(0) |