http://www.postfix.org/SASL_README.html
Testing SASL authentication in the Postfix SMTP Server
To test the server side, connect (for example, with telnet) to the Postfix SMTP server port and you should be able to have a conversation as shown below. Information sent by the client (that is, you) is shown in bold font.
% telnet server.example.com 25
...
220 server.example.com ESMTP Postfix
EHLO client.example.com
250-server.example.com
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-AUTH DIGEST-MD5 PLAIN CRAM-MD5
250 8BITMIME
AUTH PLAIN AHRlc3QAdGVzdHBhc3M=
235 Authentication successful
To test this over a connection that is encrypted with TLS, use openssl s_client instead of telnet:
% openssl s_client -connect server.example.com:25 -starttls smtp
...
220 server.example.com ESMTP Postfix
EHLO client.example.com
...see above example for more...
Instead of AHRlc3QAdGVzdHBhc3M=, specify the base64-encoded form of \0username\0password (the \0 is a null byte). The example above is for a user named `test' with password `testpass'.
Caution
When posting logs of the SASL negotiations to public lists, please keep in mind that username/password information is trivial to recover from the base64-encoded form.
You can use one of the following commands to generate base64 encoded authentication information:
Using a recent version of the bash shell:
% echo -ne '\000username\000password' | openssl base64
Some other shells support similar syntax.
Using the printf command:
% printf '\0%s\0%s' 'username' 'password' | openssl base64
% printf '\0%s\0%s' 'username' 'password' | mmencode
The mmencode command is part of the metamail software.
Using Perl MIME::Base64:
% perl -MMIME::Base64 -e \
'print encode_base64("\0username\0password");'
MIME::Base64 is available from http://www.cpan.org/.
Комментариев нет:
Отправить комментарий