> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > On Behalf Of Dan Horne > Sent: Tuesday, July 05, 2005 10:48 AM > To: IMGate@mgw2.MEIway.com > Subject: [IMGate] Re: AUTH to Imail user accounts via LDAP > > I agree, and I was already halfway down this road when I read your > message. I already export users for relay_recipient_maps, using > imailusers.exe. How would I get the passwords? I would (I believe) > first have to loop through the registry and get every username/password > pair for each Imail host, then I would have to decrypt the passwords. I > don't really have the time (or the skills, really) to write a program to > do either. Maybe Martekware's Iplus Info Browser could output such a > report. I'll ask them.=20 > > Moving on, reading the postfix SASL_README, it seems that SASL can > either use the UNIX pw database or its own sasldb. How would I > configure it to look at an external file? Or is there a way to map the > contents of the external file into the sasldb? I see the command in the > README to add them one by one using saslpasswd2, but would I have to > write a script that runs through the contents of my exported file and > runs this command for each entry? Or is there an easier way? =20 > > It also says that SASL supports only one "realm" per postfix instance. > How do I configure multiple domains into the same realm? Can the > smtpd_sasl_local_domain be a hash: map? > > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Len Conrad > Sent: Tuesday, July 05, 2005 11:18 AM > To: IMGate@mgw2.MEIway.com > Subject: [IMGate] Re: AUTH to Imail user accounts via LDAP > > > >Is it possible to configure postfix to AUTH users based on the Imail=20 > >database using LDAP? > > at one time, Imail LDAP didn't allow (secure) access to passwords, but I > think that was added quite a while ago. > > It's probably no more difficult to export the users/passwords to file on > postfix. The same file, or a file derived from it, could be used for=20 > rejecting unknown recipients. one export file giving two usages. > > I prefer to avoid coupling MXs to the mailservers. > > Len > > > > >
Yes. You will need to write a script to process the input file. You do not need to worry about realms. The user ID will be the email address. Ed Example: > echo 'password' | /usr/local/sbin/saslpasswd2 -p -c [EMAIL PROTECTED] > sasldblistusers2 [EMAIL PROTECTED]: userPassword