SASL TLS is not available in Postfix

Problem Description:

When I first compiled the postfix, I added SASL and TLS.

First configuration: Test postfix is supported for SASL and TLS

[Email protected] ~]# vim/etc/sasl2/smtpd.conf Pwcheck_method:auxpropauxprop_plugin:sqlmech_list:PLAIN LOGIN CRAM-MD5 digest-md5 NTLMsql_engine:mysqlsql_hostnames:localhostsql_user:extmailsql_passwd:extmailsql_database: Extmailsql_select:select password from mailbox WHERE username = '%[email protected]%r '

[[Email protected] ~]# vim /etc/postfix/main.cfreadme_directory = /usr/share/doc /postfix-2.6.6/readme_filesvirtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_ Maps.cfvirtual_gid_maps = static:800virtual_mailbox_base = /home/vmailvirtual_mailbox_ domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cfvirtual_mailbox_maps = mysql:/ etc/postfix/mysql_virtual_mailbox_maps.cfvirtual_uid_maps = static:800smtpd_tls_cert_file =  /etc/pki/tls/certs/postfix.pemsmtpd_tls_security_level = maysmtpd_tls_session_cache_database  = btree:/var/lib/postfix/smtpd_cache#smtpd_relay_restrictions = permit_mynetworks,permit_ Sasl_authenticated,permit tls clientcerts,reject unauth destinationsmtpd_sasl_auth_enable  = yessmtpd_sasl_authenticated_header = yessmtpd_sasl_path = smtpdsmtpd_sasl_ type = cyrussmtpd_tls_capath = /etc/pki/tls/certssmtpd_tls_received_header = yessmtpd_recipient_restrictions =  permit_mynetworks,permit_sasl_authenticated,reject_unauth destinationsmtpd_tls_auth_only =  yes

[[Email protected] sasl2]# telnet localhost 25Trying:: 1...Connected to localhost. Escape character is ' ^] '. Ehlo localhost220 node1.mah.com ESMTP postfix250-node1.mah.com250-pipelining250-size 10240000250-vrfy250-etrn250-starttls250-auth LOGIN cram-md5 digest-md5 PLAIN 250-enhancedstatuscodes250-8bitmime250 Dsn

The second time: So I continued to install the Mailscanner: The results are gone.

250-auth LOGIN cram-md5 digest-md5 PLAIN

[[Email protected] ~]# telnet localhost smtptrying:: 1...Connected to localhost. Escape character is ' ^] '. node01.mah.com ESMTP Postfixehlo localhost250-node01.mah.com250-pipelining250-size 10240000250-vrfy250-etrn250-starttls250-enhancedstatuscodes250-8bitmime250 DSN

When configuring the second time:

[Email protected] ~]# vim/etc/sasl2/smtpd.conf Pwcheck_method:auxpropauxprop_plugin:sqlmech_list:PLAIN LOGIN CRAM-MD5 digest-md5 NTLMsql_engine:mysqlsql_hostnames:localhostsql_user:extmailsql_passwd:extmailsql_database: Extmailsql_select:select password from mailbox WHERE username = '%[email protected]%r '

[[Email protected] ~]# vim /etc/postfix/main.cfhtml_directory = no# manpage _directory: the location of the postfix on-line manual pages. #manpage_ directory = /usr/share/man# sample_directory: the location of the  Postfix sample configuration files.# this parameter is obsolete as  of postfix 2.1. #sample_directory  = /usr/share/doc/postfix-2.6.6/samples# readme _directory: the location of the postfix readme files. #readme_directory  = /usr/share/doc/postfix-2.6.6/readme_filesvirtual_alias_maps = mysql:/etc/postfix/mysql_ virtual_alias_maps.cfvirtual_gid_maps = static:800virtual_mailbox_base = /home/ Vmailvirtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cfvirtual_mailbox_maps  = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cfvirtual_uid_maps = static:800smtpd_tls_cert_file = /etc/pki/tls/ certs/postfix.pemsmtpd_tls_security_level = maysmtpd_tls_session_cache_database = btree:/ Var/lib/postfix/smtpd_cache#smtpd_relay_restrictions = permit_mynetworks,permit_sasl_authenticated, permit tls clientcerts,reject unauth destinationsmtpd_sasl_auth_enable =  yessmtpd_sasl_authenticated_header = yessmtpd_sasl_path = smtpdsmtpd_sasl_type =  cyrussmtpd_tls_capath = /etc/pki/tls/certssmtpd_tls_received_header = yessmtpd_ recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth  Destinationsmtpd_tls_auth_only = yes

This is the main operation when I install Mailscanner +clamav+spammasassin:

yum install spamassassinsa-compile -dfreshclam/etc/init.d/clamd start[[email  protected] mailscanner]# pwd/etc/mailscanner[[email protected] mailscanner]#  lsarchives.filename.rules.conf  country.domains.conf  mailscanner.conf          phishing.safe.sites.conf   spam.assassin.prefs.confarchives.filetype.rules.conf  filename.rules.conf   mcp                        reports                    spam.lists.confconf.d                         filetype.rules.conf    phishing.bad.sites.conf  rules                      virus.scanners.conf[[email protected] mailscanner]# vim mailscanner.confrun as  user = postfix      #将MailScanner运行程序的用户身份设置成postfixRun  as group  = postfix     #将MailScanner运行程序的用户组身份设置成postfixMTA  = postfix      #Virus  Scanners = autoVirus Scanners = clamd       #使用clamd作为扫描程序 #clamd socket = /tmp/clamd.socketclamd socket = /var/ run/clamav/clamd.sockincoming work user = clamav       incoming work group = clamav   #Incoming  Work Permissions =  0600    #修改此行Incoming  Work Permissions = 0640#Spam Actions =  deliver header  "X-spam-status: yes "     #将此行注释并添加, perhaps the line should not be commented, for more than 6 points 10 minutes of spam messages are still delivered, Just add a spam tag in the header of this message, and send it to the recipient, judged by the recipient if it's spam, action:deletespam actions = delete                #High  scoring spam  Actions = store       #修改此行如下面 # If the judgment is high score of rubbish, action:deletehigh  scoring spam actions = delete  #设置待过滤处理的邮件队列目录, Mailscanner is responsible for filtering all mail, When Mailscanner receives a message, first, put the message in the waiting filter directory; #Incoming  queue dir = /var/spool/mqueue.inincoming  Queue Dir = /var/spool/postfix/hold  #设置过滤处理后的邮件队列目录 #MailScanner过滤后, will not score high, Mail that is considered not spam, put into the incoming queue, waiting to be sent, when the system resources are idle, the message from the incomming queue into the active queue, active mail sent, sent to fail, Send the message from the active queue to the defferred queue, if, waiting for a long time (specifically I have not clearly checked the information), the mail still can not be sent out, then put the message into the bounce queue, waiting to return to the sender; #Outgoing  queue  Dir = /var/spool/mqueue      #修改Outgoing  queue dir = /var/spool/postfix/incoming 

[[email protected] ~]# telnet localhost  Smtptrying ::1...connected to localhost. escape character is  ' ^] ' .220 node1.mah.com esmtp postfixehlo  localhost250-node1.mah.com250-pipelining250-size 10240000250- vrfy250-etrn250-starttls250-enhancedstatuscodes250-8bitmime250 dsnmail from:<bill>250  2.1.0 okrcpt to:<muahao>250 2.1.5 okdata354 end data with <cr ><lf>.<cr><lf>today is fun!. 250 2.0.0 ok: queued as dd8bb42dfd^]telnet> qconnection closed. 

[[email protected] log]# tail -40 /var/log/maillog apr  2  15:20:40 node1 postfix/smtpd[26273]: connect from localhost[::1]apr  2  15:21:13 node1 postfix/smtpd[26273]: DD8BB42DFD: client=localhost[::1]Apr   2 15:21:33 node1 postfix/cleanup[26280]: DD8BB42DFD: hold: header  received: from localhost  (Localhost [ipv6:::1])?? by node1.mah.com  (Postfix)  with esmtp id dd8bb42dfd?? for <muahao>; thu,  2 apr 2015 15:21:02 +0800  (CST)   From localhost[::1]; from=<[email protected]> to=<[email protected]>  proto=esmtp helo=<localhost>apr  2 15:21:33 node1 postfix/cleanup[ 26280]: dd8bb42dfd: message-id=<[email protected]>apr  2 15:21:37 NODE1&NBSP;POSTFIX/SMTPD[26273]:&NBSP;DISCONNECT&NBSP;FROM&NBSP;LOCALHOST[::1] 

This article is from the "8176010" blog, please be sure to keep this source http://8186010.blog.51cto.com/8176010/1629403

SASL TLS is not available in Postfix