LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 06-22-2009, 03:28 AM   #1
kiswono
LQ Newbie
 
Registered: Jun 2009
Posts: 2

Rep: Reputation: 0
Unhappy Prevent spoofing from authenticated dovecot+postfix+sasl+postgre


just like this thread:
http://www.linuxquestions.org/questi...l-part-722506/

yay~ i had the same problem T_T
i currently run a postfix dovecot postgre with virtualdomain
sasl works fine, but it still allow user spoofing for local accounts

currently i'm using roundcube for webmail..

i've been seeking out this problem for about a month, would anyone care to help me? thank you in advance ^^


some of my configuration:

Code:
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $mydomain
smtpd_sasl_security_options = noanonymous
smtpd_sasl_authenticated_header = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/dovecot-auth
smtpd_sasl_local_domain = $myhostname
virtual_alias_maps = pgsql:/etc/postfix/pg_alias.cf
smtpd_sender_login_maps = pgsql:/etc/postfix/pg_alias.cf
smtpd_sender_restrictions = reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_pipelining, reject_sender_login_mismatch, permit_mynetworks, permit
alias_maps =  pgsql:/etc/postfix/pg_alias.cf
alias_database =
myorigin = /etc/mailname
mydestination = $myhostname, localhost, localhost.$myhostname, levicitus
mailbox_size_limit = 0
inet_interfaces = all
recipient_delimiter = +
inet_interfaces = all
inet_protocols = ipv4
local_recipient_maps =
mydomain = mydomain.net
myhostname = leviticus.mydomain.net

Here's the log:

Code:
Jun 22 14:41:34 leviticus dovecot: imap-login: Login: user=<kiz@mydomain.net>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
Jun 22 14:41:34 leviticus postfix/pickup[4755]: 9483A180082: uid=33 from=<cah@mydomain.net>
Jun 22 14:41:34 leviticus postfix/cleanup[4784]: 9483A180082: message-id=<c6ae10637b59507786eabc1f228cabf0@127.0.0.1>
Jun 22 14:41:34 leviticus dovecot: IMAP(kiz@mydomain.net): Disconnected: Logged out bytes=511/151
Jun 22 14:41:34 leviticus postfix/qmgr[4756]: 9483A180082: from=<cah@mydomain.net>, size=585, nrcpt=1 (queue active)
Jun 22 14:41:34 leviticus postfix/virtual[4792]: 9483A180082: to=<kiz@mydomain.net>, relay=virtual, delay=0.09, delays=0.06/0.02/0/0.01, dsn=2.0.0, status=sent (de
livered to maildir)
Jun 22 14:41:34 leviticus postfix/qmgr[4756]: 9483A180082: removed
so, i'm logged in as "kiz", but i send as "cah".. that's wrong because cah is not an alias of kiz..

Last edited by kiswono; 06-22-2009 at 03:30 AM.
 
Old 06-22-2009, 08:12 PM   #2
kiswono
LQ Newbie
 
Registered: Jun 2009
Posts: 2

Original Poster
Rep: Reputation: 0
ow, it's working now..
i forgot to set client's auth to 'LOGIN', that's the problem ^^ thank you anyway (for anyone)

Code:
Jun 23 08:06:18 leviticus postfix/smtpd[21419]: connect from localhost[127.0.0.1]
Jun 23 08:06:18 leviticus postfix/smtpd[21419]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 553 5.7.1 <cah@mydomain.net>: Sender address rejected: not owned by user kiz@mydomain.net; from=<cah@mydomain.net> to=<kiz@mydomain.net> proto=ESMTP helo=<mydomain.net>
Jun 23 08:06:18 leviticus postfix/smtpd[21419]: disconnect from localhost[127.0.0.1]
 
  


Reply

Tags
dovecot, postfix, sasl, spoofing


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix, Dovecot, MySQL users - issue with SASL silviap Linux - Server 2 06-17-2009 06:24 AM
postfix/dovecot - sasl authentication works no more ddaas Linux - Server 6 05-15-2009 04:45 AM
How to prevent spoofing from Postfix/local part nihal Linux - Security 9 05-06-2009 11:10 AM
solution to prevent arp spoofing h725 Linux - Security 2 01-22-2009 04:20 PM
LXer: Debian Mail Server Setup with Postfix + Dovecot + SASL + Squirrel Mail LXer Syndicated Linux News 0 03-12-2008 10:50 PM


All times are GMT -5. The time now is 02:57 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration