Debian-facile

Petit_Scarabée

Membre

Distrib. : Lenny

Noyau : 2.6.26-1-686

(G)UI : Gnome

Inscription : 25-04-2009

Problème de connexion smtp TLS sur postfix/dovecot

Bonjour

Je n'arrive pas à envoyer de mail à partir de thunderbird via le port 25 ou 587 en TLS alors que la requête TLS est obligatoire dans mon main.cf.

Et bizarrement, un envoi sur le port 25 sans TLS passe.
J'ai laissé mynetworks ouvert pour le serveur puisse être appelé de l'extérieur.

Voici le message d'erreur de thunderbird :
http://docs.google.com/Doc?docid=0AZz2U … aGNn&hl=fr

pour info

postconf -n :

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
home_mailbox = Maildir/
message_size_limit = 50240000
mydestination = $myhostname, localhost.$mydomain, localhost
myhostname = debian.domain.be
mynetworks =
myorigin = $mydomain
notify_classes = 2bounce, bounce, delay, policy, protocol, resource, software
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_recipient_restrictions $smtpd_sender_login_maps
recipient_delimiter = +
relay_domains = proxy:mysql:/etc/postfix/mysql_relay_domains_maps.cf
smtp_tls_CAfile = /etc/postfix/tls/cacert.pem
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_tls_session_cache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_data_restrictions = reject_unauth_pipelining,        permit
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain =
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_CAfile = /etc/postfix/tls/cacert.pem
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/postfix/tls/domain.be-cert.pem-test
smtpd_tls_key_file = /etc/postfix/tls/domain.be-key.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_tls_session_cache
strict_rfc821_envelopes = yes
tls_random_source = dev:/dev/urandom
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:20001
virtual_mailbox_base = /home/virtual
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 20001
virtual_transport = maildrop
virtual_uid_maps = static:20001

telnet 25 ou 587 :

telnet 192.168.0.104 587
Trying 192.168.0.104...
Connected to 192.168.0.104.
Escape character is '^]'.
ehlo 192.168.0.104220 debian.domain.be ESMTP Postfix (Debian/GNU)

250-debian.domain.be
250-PIPELINING
250-SIZE 50240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME

Le user est bien reconnu :

 authtest user@essai.com
Authentication succeeded.

     Authenticated: user@essai.com  (uid 20001, gid 20001)
    Home Directory: /home/virtual
           Maildir: essai.com/user/
             Quota: 0S
Encrypted Password: $1$f8c77f62$rNxVFC58U428OnvRMGVZF1
Cleartext Password: (none)
           Options: (none)

dans mon dovecot.conf :

auth default {
  mechanisms = plain login
  passdb sql {
    args = /etc/dovecot/dovecot-sql.conf
  }
  userdb sql {
    args = /etc/dovecot/dovecot-sql.conf
  }
  userdb prefetch {
  }
  user = nobody
  socket listen {
    master {
      path = /var/run/dovecot/auth-master
      mode = 0660
      user = vmail
}