postfix--benet3--添加SMTP用户认证

添加SMTP用户认证

1.配置并启动saslauthd服务

[root@mail ~]# vim /usr/lib64/sasl2/smtpd.conf
[root@mail ~]# cat /usr/lib64/sasl2/smtpd.conf
pwcheck_method:saslauthd

简化postfix的主配置文件

[root@mail postfix]# postconf -n > main2.cf
[root@mail postfix]# mv main.cf main.cf.bak
[root@mail postfix]# mv main2.cf main.cf

2.调整 main.cf 文件,以便支持认证

[root@mail postfix]# pwd
/etc/postfix
[root@mail postfix]# vim main.cf
[root@mail postfix]# cat main.cf
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
home_mailbox = Maildir/
html_directory = no
inet_interfaces = 173.16.16.11
inet_protocols = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname,$mydomain
myhostname = benet.com
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
unknown_local_recipient_reject_code = 550
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous 
mynetworks = 127.0.0.1
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination

3.测试带验证的SMTP发信功能

[root@mail ~]# printf "xiaoqi" | openssl base64
eGlhb3Fp
[root@mail ~]# printf "123123" | openssl base64
MTIzMTIz
[root@mail ~]# telnet mail.benet.com 255
Trying 173.16.16.11...
telnet: connect to address 173.16.16.11: Connection refused
[root@mail ~]# telnet mail.benet.com 25
Trying 173.16.16.11...
Connected to mail.benet.com.
Escape character is '^]'.
220 benet.com ESMTP Postfix
EHLO localhost
250-benet.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH CRAM-MD5 LOGIN DIGEST-MD5 PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH LOGIN
334 VXNlcm5hbWU6
eGlhb3Fp
334 UGFzc3dvcmQ6
MTIzMTIz
535 5.7.0 Error: authentication failed: generic failure
^CQUIT
bye
quit
Connection closed by foreign host.
[root@mail ~]#

重启postfix并测试

[root@mail ~]# printf "xiaoqi" | openssl base64
eGlhb3Fp
[root@mail ~]# printf "123123" | openssl base64
MTIzMTIz
[root@mail ~]# telnet mail.benet.com 25
Trying 173.16.16.11...
Connected to mail.benet.com.
Escape character is '^]'.
220 benet.com ESMTP Postfix
EHLO localhost
250-benet.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH CRAM-MD5 LOGIN DIGEST-MD5 PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH LOGIN
334 VXNlcm5hbWU6
eGlhb3Fp
334 UGFzc3dvcmQ6
MTIzMTIz
535 5.7.0 Error: authentication failed: generic failure

结果依然失败

启动saslauthd

[root@mail ~]# service saslauthd start

man--saslauthd

[root@mail ~]# printf "xiaoqi" | openssl base64
eGlhb3Fp
[root@mail ~]# printf "123123" | openssl base64
MTIzMTIz
[root@mail ~]# telnet mail.benet.com 25
Trying 173.16.16.11...
Connected to mail.benet.com.
Escape character is '^]'.
220 benet.com ESMTP Postfix
EHLO localhost
250-benet.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH CRAM-MD5 LOGIN DIGEST-MD5 PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH LOGIN
334 VXNlcm5hbWU6
eGlhb3Fp
334 UGFzc3dvcmQ6
MTIzMTIz
235 2.0.0 Authentication successful
quit
221 2.0.0 Bye
Connection closed by foreign host.

测试成功,上面失败是自己没有启动这个服务,说明自己对这个服务的理解不够。

results matching ""

    No results matching ""