|
ru.unix.bsd
- RU.UNIX.BSD ------------------------------------------------------------------
From : Alexander Demin 2:5020/400 26 Apr 2006 15:25:21
To : All
Subject : Cyrus-imapd 2.3.3 проблема с виртуальными доменами.
--------------------------------------------------------------------------------
Вообщем опишу свои шаги может что-то проясниться. Помогите разобраться.
Очень хочется понять.
1. FreeBSD 5.5 PreRelease от 30 марта
2. sendmail штатный скомпилён с поддержкой SASL2
В /etc/make.conf
SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2
SENDMAIL_LDFLAGS=-L/usr/local/lib
SENDMAIL_LDADD=-lsasl2
SENDMAIL_CFLAGS+= -D_FFR_SMTP_SSL
Так же использую SSL.
/etc/mail/sendmail.mc выглядет так:
divert(0)dnl
VERSIONID(`$FreeBSD: src/etc/sendmail/freebsd.mc,v 1.10.2.2 2000/10/19 21:17:28
gshapiro Exp $')
OSTYPE(bsd4.4)dnl
DOMAIN(generic)dnl
DAEMON_OPTIONS(`Name=MTA')dnl
DAEMON_OPTIONS(`Port=465, Name=MTA-SSL, M=s')dnl
FEATURE(mailertable, `hash -o /etc/mail/mailertable')dnl
FEATURE(access_db)dnl
FEATURE(blacklist_recipients)dnl
FEATURE(compat_check)dnl
FEATURE(delay_checks)dnl
FEATURE(loose_relay_check)dnl
FEATURE(rinet.ru)dnl
FEATURE(require_rdns)dnl
FEATURE(local_procmail)dnl
FEATURE(preserve_local_plus_detail)dnl
dnl
dnl *************************************************************** dnl
dnl
FEATURE(dnsbl)
FEATURE(`dnsbl', `sbl-xbl.spamhaus.org', `"550 Sorry, your address "
$&{client_addr} " was rejected - see: http://www.spamhaus.org/"')dnl
FEATURE(`dnsbl', `bl.spamcop.net', `"550 Spam blocked see:\
http://spamcop.net/bl.shtml?"$&{client_addr}')dnl
FEATURE(`dnsbl', `dnsbl.sorbs.net',`"550 Rejected " $&{client_addr} " found in
dnsbl.sorbs.net.')dnl
FEATURE(`dnsbl', `in.dnsbl.org', `550 Spam blocked see:\
http://www.dnsbl.org/')dnl
FEATURE(`dnsbl', `dul.ru', `550 Use mail relays of your ISP')dnl
FEATURE(`dnsbl', `work.drbl.caravan.ru', `550 Use mail relays of your ISP')dnl
FEATURE(`dnsbl', `relays.ordb.org', `550 Spam bloked from open relay see:\
http://www.ordb.org/')dnl
FEATURE(`dnsbl', `dnsbl.njabl.org', `550 Spam bloked see:\
http://www.njabl.org/')dnl
FEATURE(`dnsbl', `dialups.mail-abuse.org', `550 Mail from $&{client_addr}
rejected; see http://mail-abuse.org/dul/enduser.htm')dnl
dnl
dnl *************************************************************** dnl
dnl
MAILER(local)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
MAILER(cyrusv2)dnl
dnl
dnl *************************************************************** dnl
dnl
define(`CERT_DIR', `/etc/certs')dnl
define(`confCACERT_PATH', `CERT_DIR')dnl
define(`confCACERT', `CERT_DIR/cacert.pem')dnl
define(`confSERVER_CERT', `CERT_DIR/sendmailcert.pem')dnl
define(`confSERVER_KEY', `CERT_DIR/sendmailkey.pem')dnl
define(`confCLIENT_CERT', `CERT_DIR/sendmailcert.pem')dnl
define(`confCLIENT_KEY', `CERT_DIR/sendmailkey.pem')dnl
define(`confTLS_SRV_OPTIONS', `V')dnl
dnl
dnl *************************************************************** dnl
dnl
define(`confRUN_AS_USER',`root:mail')dnl
TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5')dnl
define(`confAUTH_MECHANISMS',`DIGEST-MD5 CRAM-MD5')dnl
define(`confDONT_BLAME_SENDMAIL',`GroupReadableSASLDBFile')dnl
dnl
dnl *************************************************************** dnl
dnl
define(`confLOCAL_MAILER', `cyrusv2')dnl
define(`confLOG_LEVEL',`15')dnl
define(`LOCAL_MAILER_FLAGS', LOCAL_MAILER_FLAGS`+S'P)dnl
define(`confNO_RCPT_ACTION', `add-to-undisclosed', `add-apparently-to',
`undisclosed-recipients')dnl
define(`confMAX_MIME_HEADER_LENGTH', `2048/1024')dnl
define(`confMAX_MESSAGE_SIZE',`12582912')dnl
define(`confDELIVERY_MODE',`background')
define(`confMAX_HOP',`25')
define(`confPRIVACY_FLAGS',`authwarnings,needmailhelo,needexpnhelo,needvrfyhelo,
noexpn,restrictmailq,restrictqrun,nobodyreturn')
define(`confQUEUE_LA',`64')
define(`confREFUSE_LA',`128')
define(`confMAX_DAEMON_CHILDREN',`100')dnl
define(`confCONNECTION_RATE_THROTTLE',`75')dnl
define(`confCONNECTION_CACHE_SIZE',`5')dnl
define(`confDEF_CHAR_SET',`koi8-r')
define(`confDONT_BLAME_SENDMAIL',`forwardfileingroupwritabledirpath')
define(`confSMTP_LOGIN_MSG',`$j Sendmail $v/$Z; $b\n"Use of this system for the
delivery of UCE (a.k.a. SPAM), or any other"\n"message without the express
permission of t
define(`confTO_QUEUERETURN',`1d')
define(`confDOUBLE_BOUNCE_ADDRESS',`dev-null')dnl
define(`VIRTUSER_CLASS', `T')
define(`VIRTUSER_ERR_NOUSER', 1)
dnl
dnl *************************************************************** dnl
dnl
define(`_FFR_MILTER',1)
MAIL_FILTER(`drweb-filter', `S=local:/var/drweb/run/drweb-smf.skt, F=T,
T=C:5m;S:15m;R:15m;E:1h')
define(`confINPUT_MAIL_FILTERS', `drweb-filter')
define(`confMILTER_LOG_LEVEL',`5')
dnl
dnl *************************************************************** dnl
dnl
divert(-1)
3. Из портов установлены:
cyrus-sasl-2.1.21_2
cyrus-imapd-2.3.3
4. hostname - gw.spectrum.ru
5. /etc/hosts
::1 localhost localhost.spectrum.ru
127.0.0.1 localhost localhost.spectrum.ru
192.168.10.55 gwlocal.spectrum.ru
62.205.172.197 gw.spectrum.ru
6. /usr/local/etc/cyrus.conf
# standard standalone server implementation
START {
# do not delete this entry!
recover cmd="ctl_cyrusdb -r"
# this is only necessary if using idled for IMAP IDLE
# idled cmd="idled"
}
# UNIX sockets start with a slash and are put into /var/imap/socket
SERVICES {
# add or remove based on preferences
imap cmd="imapd" listen="imap" prefork=0
imaps cmd="imapd -s" listen="imaps" prefork=0
pop3 cmd="pop3d" listen="pop3" prefork=0
pop3s cmd="pop3d -s" listen="pop3s" prefork=0
sieve cmd="timsieved" listen="sieve" prefork=0
# these are only necessary if receiving/exporting usenet via NNTP
# nntp cmd="nntpd" listen="nntp" prefork=0
# nntps cmd="nntpd -s" listen="nntps" prefork=0
# at least one LMTP is required for delivery
# lmtp cmd="lmtpd" listen="lmtp" prefork=0
lmtpunix cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=0
# this is only necessary if using notifications
# notify cmd="notifyd" listen="/var/imap/socket/notify" proto="udp"
prefork=1
}
EVENTS {
# this is required
checkpoint cmd="ctl_cyrusdb -c" period=30
# this is only necessary if using duplicate delivery suppression,
# Sieve or NNTP
delprune cmd="cyr_expire -E 3" at=0400
# this is only necessary if caching TLS sessions
tlsprune cmd="tls_prune" at=0400
}
7. /usr/local/etc/imapd.conf
configdirectory: /var/imap
partition-default: /var/spool/imap
unixhierarchysep: no
altnamespace: yes
allowanonymouslogin: no
allowplaintext: yes
imapidresponse: yes
admins: cyrus
reject8bit: no
pass8bit: yes
sievedir: /var/imap/sieve
sendmail: /usr/sbin/sendmail
postmaster: postmaster
annotation_db: skiplist
duplicate_db: berkeley-nosync
mboxlist_db: skiplist
ptscache_db: berkeley
seenstate_db: skiplist
subscription_db: flat
sasl_pwcheck_method: auxprop
sasl_auxprop_plugin: sasldb
sasl_mech_list: cram-md5 digest-md5
tls_cert_file: /etc/certs/imapcert.pem
tls_key_file: /etc/certs/imapkey.pem
tls_session_timeout: 0
lmtpsocket: /var/imap/socket/lmtp
virtdomains: userid
defaultdomain: spectrum.ru
8. /etc/mail/access
localhost RELAY
spectrum-internationalgroup.ru RELAY
9. /etc/mailertable
spectrum-internationalgroup.ru cyrusv2:/var/imap/socket/lmtp
10. Было прочитано энное количество доков. Одно из
http://asg.web.cmu.edu/cyrus/download/imapd/install-virtdomains.html
11. cyradm --user cyrus localhost
cm user.test@spectrum-internationalgroup.ru
...
12. Иду в Sylpheed, добавляю новый аккаунт. Логинюсь как
test@spectrum-internationalgroup.ru.
Могу отослать почту, могу просмотреть папки через IMAP, могу зайти через POP3.
13. Hе могу на адрес test@spectrum-internationalgroup.ru получить почту.
В логе вот такое:
Apr 26 14:54:47 gw sm-mta[5161]: NOQUEUE: connect from support.spectrum.ru
[62.205.172.195]
Apr 26 14:54:47 gw sm-mta[5161]: AUTH: available mech=NTLM LOGIN ANONYMOUS PLAIN
GSSAPI OTP DIGEST-MD5 CRAM-MD5, allowed mech=DIGEST-MD5 CRAM-MD5
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKB005161: --- 220-gw.spectrum.ru ESMTP
Sendmail 8.13.6/8.13.6; Wed, 26 Apr 2006 14:54:47 +0400 (MSD)
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKB005161: --- 220-Use of this system for
the delivery of UCE (a.k.a. SPAM), or any other
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKB005161: --- 220-message without the
express permission of the system owner is prohibited.
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKB005161: --- 220 Use of this system for
third party relaying is prohibited.
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKB005161: <-- EHLO support.spectrum.ru
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKB005161: --- 250-gw.spectrum.ru Hello
support.spectrum.ru [62.205.172.195], pleased to meet you
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKB005161: --- 250-ENHANCEDSTATUSCODES
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKB005161: --- 250-PIPELINING
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKB005161: --- 250-8BITMIME
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKB005161: --- 250-SIZE 12582912
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKB005161: --- 250-DSN
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKB005161: --- 250-ETRN
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKB005161: --- 250-AUTH DIGEST-MD5
CRAM-MD5
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKB005161: --- 250-STARTTLS
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKB005161: --- 250-DELIVERBY
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKB005161: --- 250 HELP
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKB005161: <-- STARTTLS
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKB005161: --- 220 2.0.0 Ready to start
TLS
Apr 26 14:54:47 gw sm-mta[5161]: STARTTLS=server, get_verify: 0 get_peer: 0x0
Apr 26 14:54:47 gw sm-mta[5161]: STARTTLS=server, relay=support.spectrum.ru
[62.205.172.195], version=TLSv1/SSLv3, verify=NOT, cipher=DHE-RSA-AES256-SHA,
bits=256/256
Apr 26 14:54:47 gw sm-mta[5161]: STARTTLS=server, cert-subject=, cert-issuer=,
verifymsg=ok
Apr 26 14:54:47 gw sm-mta[5161]: AUTH: available mech=NTLM LOGIN ANONYMOUS PLAIN
GSSAPI OTP DIGEST-MD5 CRAM-MD5, allowed mech=DIGEST-MD5 CRAM-MD5
Apr 26 14:54:47 gw sm-mta[5161]: STARTTLS=read, info: fds=8/4, err=2
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKB005161: <-- EHLO support.spectrum.ru
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKC005161: --- 250-gw.spectrum.ru Hello
support.spectrum.ru [62.205.172.195], pleased to meet you
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKC005161: --- 250-ENHANCEDSTATUSCODES
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKC005161: --- 250-PIPELINING
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKC005161: --- 250-8BITMIME
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKC005161: --- 250-SIZE 12582912
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKC005161: --- 250-DSN
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKC005161: --- 250-ETRN
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKC005161: --- 250-AUTH DIGEST-MD5
CRAM-MD5
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKC005161: --- 250-DELIVERBY
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKC005161: --- 250 HELP
Apr 26 14:54:47 gw sm-mta[5161]: STARTTLS=read, info: fds=8/4, err=2
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKC005161: <-- MAIL
From:<support@spectrum.ru> SIZE=740
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKC005161: --- 250 2.1.0
<support@spectrum.ru>... Sender ok
Apr 26 14:54:47 gw sm-mta[5161]: STARTTLS=read, info: fds=8/4, err=2
Apr 26 14:54:47 gw sm-mta[5161]: k3QAslKC005161: <-- RCPT
To:<test@spectrum-internationalgroup.ru>
Apr 26 14:54:48 gw sm-mta[5161]: k3QAslKC005161: --- 250 2.1.5
<test@spectrum-internationalgroup.ru>... Recipient ok
Apr 26 14:54:48 gw sm-mta[5161]: k3QAslKC005161: <-- DATA
Apr 26 14:54:48 gw sm-mta[5161]: k3QAslKC005161: --- 354 Enter mail, end with
"." on a line by itself
Apr 26 14:54:48 gw sm-mta[5161]: STARTTLS=read, info: fds=8/4, err=2
Apr 26 14:54:48 gw sm-mta[5161]: STARTTLS=read, info: fds=8/4, err=2
Apr 26 14:54:48 gw sm-mta[5161]: k3QAslKC005161: from=<support@spectrum.ru>,
size=988, class=0, nrcpts=1,
msgid=<20060426145441.95dc4196.support@spectrum.ru>, proto=ESMTP, daemon=MTA,
relay=support.spectrum.ru [62.205.172.195]
Apr 26 14:54:48 gw drweb-smf[631]: [k3QAslKC005161]: scan: the
message(drweb.tmp.IHLt4j) sent by support@spectrum.ru to
test@spectrum-internationalgroup.ru is passed
Apr 26 14:54:48 gw drweb-smf[631]: [k3QAslKC005161]: processing message from
support@spectrum.ru is over
Apr 26 14:54:48 gw sm-mta[5161]: k3QAslKC005161: --- 250 2.0.0 k3QAslKC005161
Message accepted for delivery
Apr 26 14:54:48 gw sm-mta[5161]: STARTTLS=read, info: fds=8/4, err=2
Apr 26 14:54:48 gw sm-mta[5161]: k3QAslKD005161: <-- QUIT
Apr 26 14:54:48 gw sm-mta[5161]: k3QAslKD005161: --- 221 2.0.0 gw.spectrum.ru
closing connection
Apr 26 14:54:48 gw lmtpunix[5164]: executed
Apr 26 14:54:48 gw sm-mta[5163]: k3QAslKC005161: --- 050
<test@spectrum-internationalgroup.ru>... Connecting to /var/imap/socket/lmtp via
cyrusv2...
Apr 26 14:54:48 gw master[5164]: about to exec /usr/local/cyrus/bin/lmtpd
Apr 26 14:54:48 gw lmtpunix[5164]: accepted connection
Apr 26 14:54:48 gw lmtpunix[5164]: lmtp connection preauth'd as postman
Apr 26 14:54:48 gw sm-mta[5163]: AUTH=client, relay=localhost, mech=, bits=0
Apr 26 14:54:48 gw lmtpunix[5164]: verify_user(gw.spectrum.ru!user.test) failed:
Mailbox does not exist
Apr 26 14:54:48 gw sm-mta[5163]: k3QAslKC005161: --- 550 5.1.1
<test@spectrum-internationalgroup.ru>... User unknown (hold)
Apr 26 14:54:48 gw sm-mta[5163]: k3QAslKC005161:
to=<test@spectrum-internationalgroup.ru>, delay=00:00:00, xdelay=00:00:00,
mailer=cyrusv2, pri=30988, relay=localhost, dsn=5.1.1, stat=User unknown
Apr 26 14:54:48 gw sm-mta[5163]: k3QAslKC005161: k3QAsmKB005163: DSN: User
unknown
Apr 26 14:54:48 gw sm-mta[5163]: k3QAsmKB005163: --- 050
<support@spectrum.ru>... Connecting to mail.spectrum.ru. via esmtp...
Apr 26 14:54:48 gw sm-mta[5163]: k3QAsmKB005163: SMTP outgoing connect on
gw.spectrum.ru
Apr 26 14:54:49 gw sm-mta[5163]: k3QAsmKB005163: --- 050
<support@spectrum.ru>... Sent (k3QAsgRv060441 Message accepted for delivery)
Apr 26 14:54:49 gw sm-mta[5163]: k3QAsmKB005163: to=<support@spectrum.ru>,
delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=30000,
relay=mail.spectrum.ru. [62.205.172.194], dsn=2.0.0, stat=Sent (k3QAsgRv060441
Message accepted for delivery)
Apr 26 14:54:49 gw sm-mta[5163]: k3QAsmKB005163: done; delay=00:00:01, ntries=1
Apr 26 14:54:49 gw sm-mta[5163]: k3QAslKC005161: done; delay=00:00:01, ntries=1
Apr 26 14:54:49 gw sm-mta[5163]: NOQUEUE: --- 050 Closing connection to
mail.spectrum.ru.
Apr 26 14:54:49 gw sm-mta[5163]: NOQUEUE: --- 050 Closing connection to
localhost
14. В /usr/share/sendmail/cf/mailer/cyrusv2.m4
S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP подставлял.
15. echo 3,0 test@spectrum-internationalgroup.ru | sendmail -bt
ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
Enter <ruleset> <address>
> canonify input: test @ spectrum-internationalgroup . ru
Canonify2 input: test < @ spectrum-internationalgroup . ru >
Canonify2 returns: test < @ spectrum-internationalgroup . ru . >
canonify returns: test < @ spectrum-internationalgroup . ru . >
parse input: test < @ spectrum-internationalgroup . ru . >
Parse0 input: test < @ spectrum-internationalgroup . ru . >
Parse0 returns: test < @ spectrum-internationalgroup . ru . >
ParseLocal input: test < @ spectrum-internationalgroup . ru . >
ParseLocal returns: test < @ spectrum-internationalgroup . ru . >
Parse1 input: test < @ spectrum-internationalgroup . ru . >
Parse1 returns: $# cyrusv2 $: test
parse returns: $# cyrusv2 $: test
16. Hе знаю какую инфу ещё предоставить...
17. Счастье не настаёт...
--
=======================================================
Demin Alexander / Network Administarator
Group of companies Spectrum / tel. (+7 495) 995-8999
Moscow, 103009, Strastnoy blvr. 8
=======================================================
--- ifmail v.2.15dev5.3
* Origin: Group of companies Spectrum (2:5020/400)
Вернуться к списку тем, сортированных по: возрастание даты уменьшение даты тема автор
|
