I followed http://www.mandrakesecure.net/en/docs/postfix-sasl.php. I changed
That documentation is outdated: it's for version 1 of the sasl library. 9.2 is using verion 2. The documentation is in /usr/share/doc/cyrus-sasl-2.1.15/ (there's also a migration guide).
"pwcheck_method: sasldb" in /usr/lib/sasl2/smtpd.conf then followed by "saslpasswd2 -a smtpd". I already have
sasl_pwcheck_method: saslauthd sasl_mech_list: PLAIN
in /etc/imapd.conf. I also made "smtpd_sasl_local_domain =" in /etc/postfix/main.cf. Is this the correct way of doing things?
You're mixing two separate issues. One thing is cyrus-mapd configuration and another is postfix configuration.
/etc/imapd.conf configures cyrus-imapd. Options there with a sasl_ prefix are for sasl configuration (authentication), i.e. how users are supposed to authenticate against cyrus-imapd.
/etc/postfix/main.cf is postfix configuration, while sasl options for postfix should go to /usr/lib/sasl2/smtpd.conf
[....]
I'm just confused. I was hoping to authenticate against cyrus mailbox and do
you simply *don't* authenticate against cyrus-imapd mailbox, you authenticate against some database containing secrets. For that cyrus-imapd uses sasl, so it can use various methods to exchange credentials between the client and the server and various sources for secrets.
smtp auth with one set of account. That way it would be easy to maintain. By
but you can configure both cyrus-imapd and postfix (or better the sasl library as used by cyrus-imapd and the sasl library as used by postfix) to use the same sources and/or the same methods for authentication.
changing pwcheck_method: sasldb in smtpd.conf, I made it to authenticate against sasl.db for smtp auth,
no, you gave an invalid option so sasl ignored it and used a different method than plaintext password (other method that, incidentally, takes its secrets from the sasldb).
and login to cyrus mailbox against /etc/passwd?
smtpd.conf has nothing to do with cyrus-imapd authentication. You configure that in /etc/imapd.conf. You can configure it the same as postfix. The difference is that options for sasl in /etc/imapd.conf have to be prefixed by sasl_, while there's no need for such prefix in /usr/lib/sasl2/smtpd.conf. Besides this difference the options are the same.
Bye -- - Yo también quiero una Europa libre de Patentes de Software - - I want a Software Patents Free Europe too! And you? - --------------------------------------------------------------- EuropeSwPatentFree - http://EuropeSwPatentFree.hispalinux.es
pgp00000.pgp
Description: PGP signature
