sasl問題 - BBS

> > 還是我要另外去設定?
> > 目前我試過本機使用者的帳密不行，想請問一下
> > 這邊的帳密是在哪邊設定的?
> 如果你走 pop3 的話，建議
> 1. 把 pop3 不走加密打開，用 telnet 去看訊息
> 2. 看 maillog 有沒有寫什麼東西
> 多看點錯誤訊息跟 log... 對於解決問題是很有幫助的

我先po一下我的過程

我安裝了postfix+TLS+SASL2

postfix:
在/etc/rc.conf下加入
sendmail_enable="NONE"
postfix_enable="YES"
saslauthd_enable="YES"
在/etc/defaults/periodic.conf下加入
daily_clean_hoststat_enable="NO"
daily_status_mail_rejects_enable="NO"
daily_status_include_submit_mailq="NO"
daily_submit_queuerun="NO"
在/usr/local/etc/postfix/main.cf下加入
myhostname = harry2.dorm9.nctu.edu.tw
mydomain = dorm9.nctu.edu.tw
myorigin = $myhostname
mydestination = /usr/local/etc/postfix/mydestination
mynetworks_style = subnet
mynetworks = /usr/local/etc/postfix/mynetworks
alias_maps = hash:/etc/aliases
allow_mail_to_commands = alias,forward
allow_mail_to_files = alias,forward
tls:
製作CA憑證後，在/usr/local/etc/postfix/main.cf下加入
##TLS
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/ssl/server.pem
smtpd_tls_cert_file = /etc/ssl/server.pem
smtpd_tls_CAfile = /etc/ssl/server.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
sasl:
先灌sasl，
cd /usr/ports/security/cyrus-sasl-saslauthd
make install clean
在/etc/rc.conf下加入 saslauthd_enable="YES"
在/usr/local/etc/postfix/main.cf下加入
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
#smtpd_sasl_local_domain = $myhostname

smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks
smtpd_recipient_restrictions = permit_sasl_authenticated,
permit_mynetworks
imap-uw:
cd /usr/ports/mail/imap-uw
make install clean
edit /etc/inetd.conf
pop3s stream tcp nowait root /usr/local/libexec/ipop3d ipop3d
imaps stream tcp nowait root /usr/local/libexec/imapd imapd

最後啟動:
/usr/local/etc/rc.d/saslauthd start
/usr/local/etc/rc.d/postfix start
/etc/rc.d/inetd reload

我是用windows的outlook作測試
將內送郵件POP3和SMTP都設成自己的freebsd的hostname
外寄伺服器有勾驗證及需要SSL連線的選項
然後我從[email protected]寄到[email protected]
當我要寄信的時候跳出這個畫面
http://www.cs.nctu.edu.tw/~wfhsu/outlook.JPG
輸入本機的使用者和密碼後一直無法通過驗證，網域我不知要填啥
接下來我去看maillog，出現以下訊息
Jun 13 03:14:35 harry2 postfix/master[30173]: daemon started -- version
2.4.6, configuration /usr/local/etc/postfix
Jun 13 03:15:40 harry2 postfix/smtpd[30188]: connect from
jack.Dorm9.NCTU.edu.tw[140.113.95.40]
Jun 13 03:15:40 harry2 postfix/smtpd[30188]: setting up TLS connection from
jack.Dorm9.NCTU.edu.tw[140.113.95.40]
Jun 13 03:15:40 harry2 postfix/smtpd[30188]: TLS connection established from
jack.Dorm9.NCTU.edu.tw[140.113.95.40]: TLSv1 with cipher RC4-MD5 (128/128
bits)
Jun 13 03:15:40 harry2 postfix/smtpd[30188]: warning: SASL authentication
failure: Could not open db
Jun 13 03:15:40 harry2 postfix/smtpd[30188]: warning: SASL authentication
failure: no secret in database
Jun 13 03:15:40 harry2 postfix/smtpd[30188]: warning:
jack.Dorm9.NCTU.edu.tw[140.113.95.40]: SASL NTLM authentication failed:
authentication failure

我之前也有用 telnet localhost 25
ehlo localhost 出現以下訊息
ehlo localhost
250-harry2.dorm9.nctu.edu.tw
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN NTLM LOGIN GSSAPI DIGEST-MD5 CRAM-MD5
250-AUTH=PLAIN NTLM LOGIN GSSAPI DIGEST-MD5 CRAM-MD5
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

想請問有沒有人有遇過這種問題，感謝大家。


--