Когда я отправлял тестовое письмо из Gmail на свой сервер, я получаю такую ошибку:
фатальный: нет механизмов аутентификации SASL
Вот все мои файлы конфигурации и файлы журналов, которые нам помогут:
/ var / log / maillog
Nov 4 14:42:49 ns1 postfix/postfix-script[2147]: stopping the Postfix mail system
Nov 4 14:42:49 ns1 postfix/master[1340]: terminating on signal 15
Nov 4 14:42:49 ns1 postfix/postfix-script[2228]: starting the Postfix mail system
Nov 4 14:42:49 ns1 postfix/master[2230]: daemon started -- version 2.10.1, configuration /etc/postfix
Nov 4 14:45:37 ns1 postfix/smtpd[2314]: connect from mail-oi0-f51.google.com[209.85.218.51]
Nov 4 14:45:37 ns1 postfix/smtpd[2314]: fatal: no SASL authentication mechanisms
Nov 4 14:45:38 ns1 postfix/master[2230]: warning: process /usr/libexec/postfix/smtpd pid 2314 exit status 1
Nov 4 14:45:38 ns1 postfix/master[2230]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
Nov 4 14:47:18 ns1 postfix/anvil[2317]: statistics: max connection rate 1/60s for (smtp:209.85.218.51) at Nov 4 14:45:37
Nov 4 14:47:18 ns1 postfix/anvil[2317]: statistics: max connection count 1 for (smtp:209.85.218.51) at Nov 4 14:45:37
Nov 4 14:47:18 ns1 postfix/anvil[2317]: statistics: max cache size 1 at Nov 4 14:45:37
systemctl статус dovecot -l
[root@ns1 ~]# systemctl status dovecot -l
dovecot.service - Dovecot IMAP/POP3 email server
Loaded: loaded (/usr/lib/systemd/system/dovecot.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2016-11-04 14:43:28 BRST; 35s ago
Process: 2246 ExecStartPre=/usr/libexec/dovecot/prestartscript (code=exited, status=0/SUCCESS)
Main PID: 2250 (dovecot)
CGroup: /system.slice/dovecot.service
├─2250 /usr/sbin/dovecot -F
├─2251 dovecot/anvil
├─2252 dovecot/log
└─2254 dovecot/config
Nov 04 14:43:28 ns1.domain.com.br systemd[1]: Starting Dovecot IMAP/POP3 email server...
Nov 04 14:43:28 ns1.domain.com.br systemd[1]: Started Dovecot IMAP/POP3 email server.
systemctl status postfix -l
[root@ns1 ~]# systemctl status postfix -l
postfix.service - Postfix Mail Transport Agent
Loaded: loaded (/usr/lib/systemd/system/postfix.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2016-11-04 14:42:49 BRST; 1min 55s ago
Process: 2141 ExecStop=/usr/sbin/postfix stop (code=exited, status=0/SUCCESS)
Process: 2158 ExecStart=/usr/sbin/postfix start (code=exited, status=0/SUCCESS)
Process: 2154 ExecStartPre=/usr/libexec/postfix/chroot-update (code=exited, status=0/SUCCESS)
Process: 2152 ExecStartPre=/usr/libexec/postfix/aliasesdb (code=exited, status=0/SUCCESS)
Main PID: 2230 (master)
CGroup: /system.slice/postfix.service
├─2230 /usr/libexec/postfix/master -w
├─2231 pickup -l -t unix -u
└─2232 qmgr -l -t unix -u
Nov 04 14:42:49 ns1.domain.com.br systemd[1]: Starting Postfix Mail Transport Agent...
Nov 04 14:42:49 ns1.domain.com.br postfix/postfix-script[2228]: starting the Postfix mail system
Nov 04 14:42:49 ns1.domain.com.br postfix/master[2230]: daemon started -- version 2.10.1, configuration /etc/postfix
Nov 04 14:42:49 ns1.domain.com.br systemd[1]: Started Postfix Mail Transport Agent.
systemctl статус saslauthd -l
[root@ns1 ~]# systemctl status saslauthd -l
saslauthd.service - SASL authentication daemon.
Loaded: loaded (/usr/lib/systemd/system/saslauthd.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2016-11-03 12:19:08 BRST; 1 day 2h ago
Process: 1978 ExecStart=/usr/sbin/saslauthd -m $SOCKETDIR -a $MECH $FLAGS (code=exited, status=0/SUCCESS)
Main PID: 1979 (saslauthd)
CGroup: /system.slice/saslauthd.service
├─1979 /usr/sbin/saslauthd -m /run/saslauthd -a pam -r
├─1980 /usr/sbin/saslauthd -m /run/saslauthd -a pam -r
├─1981 /usr/sbin/saslauthd -m /run/saslauthd -a pam -r
├─1982 /usr/sbin/saslauthd -m /run/saslauthd -a pam -r
└─1983 /usr/sbin/saslauthd -m /run/saslauthd -a pam -r
Nov 03 12:19:08 ns1.domain.com.br systemd[1]: Starting SASL authentication daemon....
Nov 03 12:19:08 ns1.domain.com.br saslauthd[1979]: detach_tty : master pid is: 1979
Nov 03 12:19:08 ns1.domain.com.br saslauthd[1979]: ipc_init : listening on socket: /run/saslauthd/mux
Nov 03 12:19:08 ns1.domain.com.br systemd[1]: Started SASL authentication daemon..
/etc/postfix/main.cf
# MY CONFIGS
myhostname = mail.domain.com.br
mydomain = domain.com.br
myorigin = $mydomain
inet_protocols = ipv4
mydestination = $myhostname, localhost, ns1.domain.com.br
mynetworks = 168.100.189.0/28, 127.0.0.0/8
relay_domains = $mydestination
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
home_mailbox = Maildir/
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
virtual_alias_maps = hash:/etc/postfix/virtual
sender_bcc_maps = hash:/etc/postfix/bcc
recipient_bcc_maps = hash:/etc/postfix/bcc
queue_directory = /var/spool/postfix
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
# SASL
broken_sasl_auth_clients = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_relay_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
smtpd_sasl_security_options = noanonymous noplaintext
smtpd_sasl_local_domain = domain.com.br
smtpd_recipient_restrictions = check_policy_service unix:/var/spool/postfix/postgrey/socket
# TLS
smtpd_use_tls = yes
smtpd_tls_key_file = /etc/postfix/ssl/mail.domain.com.br.key
smtpd_tls_cert_file = /etc/postfix/ssl/mail.domain.com.br.crt
smtpd_tls_security_level=encrypt
smtpd_tls_auth_only = yes
smtpd_sasl_tls_security_options = noanonymous, noplaintext
/etc/postfix/master.cf
smtp inet n - n - - smtpd
/etc/dovecot/dovecot.conf
protocols = imap pop3
listen = *
/etc/dovecot/10-auth.conf
disable_plaintext_auth = no
auth_mechanisms = plain login
/etc/dovecot/10-master.conf
service auth {
unix_listener auth-userdb {
#mode = 0660
#user = postfix
#group = postfix
}
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
# Auth process is run as this user.
#user = $default_internal_user
}
Спасибо за внимание.
@ ОБНОВЛЕНИЕ 01
Вот файл журнала:
Nov 6 11:02:35 ns1 postfix/smtpd[3950]: connect from mail-oi0-f47.google.com[209.85.218.47]
Nov 6 11:02:35 ns1 postfix/smtpd[3950]: fatal: no SASL authentication mechanisms
Nov 6 11:02:36 ns1 postfix/master[12735]: warning: process /usr/libexec/postfix/smtpd pid 3950 exit status 1
Nov 6 11:02:36 ns1 postfix/master[12735]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
Nov 6 11:04:16 ns1 postfix/anvil[3952]: statistics: max connection rate 1/60s for (smtp:209.85.218.47) at Nov 6 11:02:35
Nov 6 11:04:16 ns1 postfix/anvil[3952]: statistics: max connection count 1 for (smtp:209.85.218.47) at Nov 6 11:02:35
Nov 6 11:04:16 ns1 postfix/anvil[3952]: statistics: max cache size 1 at Nov 6 11:02:35
Вот postconf -n
[root@ns1 ~]# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
home_mailbox = Maildir/
html_directory = no
inet_protocols = ipv4
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
milter_default_action = accept
milter_protocol = 2
mydestination = $myhostname, localhost.$mydomain, $mydomain
mydomain = domain.com.br
myhostname = mail.domain.com.br
mynetworks = 168.100.189.0/28, 127.0.0.0/8
myorigin = domain.com.br
newaliases_path = /usr/bin/newaliases.postfix
non_smtpd_milters = inet:localhost:8891
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
recipient_bcc_maps = hash:/etc/postfix/bcc
sample_directory = /usr/share/doc/postfix-2.10.1/samples
sender_bcc_maps = hash:/etc/postfix/bcc
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_milters = inet:localhost:8891
smtpd_recipient_restrictions = check_policy_service unix:/var/spool/postfix/postgrey/socket permit_mynetworks permit_inet_interfaces
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $mydomain
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous noplaintext
smtpd_sasl_tls_security_options = noanonymous, noplaintext
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = hash:/etc/postfix/virtual
smtpd_sender_restrictions = reject_sender_login_mismatch
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/postfix/ssl/mail.domain.com.br.crt
smtpd_tls_key_file = /etc/postfix/ssl/mail.domain.com.br.key
smtpd_tls_security_level = encrypt
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_cache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_exchange_name = /var/lib/postfix/prng_exch
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/virtual
Вот версии:
postfix-2.10.1-6.el7.x86_64 dovecot-2.2.10-5.el7.x86_64 CentOS Linux 7.2.1511 Ядро Linux 4.8.5-1.el7.elrepo.x86_64 на x86_64
@ ОБНОВЛЕНИЕ 02
Вот мой doveconf -n:
[root@ns1 ~]# doveconf -n
# 2.2.10: /etc/dovecot/dovecot.conf
# OS: Linux 4.8.5-1.el7.elrepo.x86_64 x86_64 CentOS Linux release 7.2.1511 (Core )
auth_mechanisms = plain login
disable_plaintext_auth = no
listen = *
mail_location = maildir:~/Maildir
mbox_write_locks = fcntl
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
driver = pam
}
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
}
}
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_key = </etc/pki/dovecot/private/dovecot.pem
userdb {
driver = passwd
}
Ваш $mydestination
не включает ваш $mydomain
. Когда Postfix получает почту, он проверяет, находится ли домен в $mydestination
, если это не так, он пытается аутентифицировать отправителя (поскольку считает, что почта отправляется клиентом, а не другим сервером).
Добавить $mydomain
или список доменов, размещенных на сервере для $mydestination
.
Кроме того, ваша конфигурация SASL кажется нарушенной. Ты начинаешь saslauthd
, но настройте Postfix для взаимодействия с Dovecot для аутентификации:
smtpd_sasl_type = dovecot
Поскольку вы уже настроили Dovecot, вы можете не использовать saslauthd
. Если отправить письмо не удалось, убедитесь, что dovecot
перечислен в postconf -a
.