南寧團購大全 http://www.nntianye.com
第八部分:配置Cyrus-SASL
1、安裝cyrus-sasl
刪除系統的cyrus-sasl:
# rpm -e cyrus-sasl –nodeps
安裝新的支持authdaemon的軟件包
# yum install cyrus-sasl
2、配置main.cf文件
Postfix的SMTP認證需要透過Cyrus-SASL,連接到authdaemon獲取認證信息。
編輯main.cf
# vi /etc/postfix/main.cf
增加如下內容:
# smtpd related config
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unauth_destination,
reject_unauth_pipelining,
reject_invalid_hostname,
# SMTP sender login matching config
smtpd_sender_restrictions =
permit_mynetworks,
reject_sender_login_mismatch,
reject_authenticated_sender_login_mismatch,
reject_unauthenticated_sender_login_mismatch
smtpd_sender_login_maps =
mysql:/etc/postfix/mysql_virtual_sender_maps.cf,
mysql:/etc/postfix/mysql_virtual_alias_maps.cf
# SMTP AUTH config here
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
3、編輯smtpd.conf文件
# vi /usr/lib/sasl2/smtpd.conf
確保其內容爲:
pwcheck_method: authdaemond
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/var/spool/authdaemon/socket
重新啓動postfix:
# service postfix restart
4、測試SMTP認證
通過以下命令獲得[email protected]的用戶名及密碼的BASE64編碼:
# perl -e ‘use MIME::Base64; print encode_base64(“postmaster\@extmail.org”)’
內容如下:
cG9zdG1hc3RlckBleHRtYWlsLm9yZw==
# perl -e ‘use MIME::Base64; print encode_base64(“extmail”)’
內容如下:
ZXh0bWFpbA==
然後本機測試:
# telnet localhost 25
其過程如下:
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.extmail.org ESMTP Postfix - by extmail.org
ehlo demo.domain.tld << 輸入內容
250-mail.extmail.org
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
auth login << 輸入內容
334 VXNlcm5hbWU6
cG9zdG1hc3RlckBleHRtYWlsLm9yZw== << 輸入內容
334 UGFzc3dvcmQ6
ZXh0bWFpbA== << 輸入內容
235
quit << 輸入內容
221
最後出現235 Authentication Successful 表明認證成功了。
南寧團購大全 http://www.nntianye.com