On 17-Mar-2009, at 03:15, Patrick Ben Koetter wrote:
* LuKreme <krem...@kreme.com>:
OK, first question is will I be able to setup smtpd.conf so that it
will
support MULTIPLE authentication methods (sql and PAM)? But first,
to get
it working.
I am running on a custom port right now to avoid mucking with 587
until
everything is working:
2525 inet n - n - - smtpd
-o smtpd_enforce_tls=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
-o syslog_name=submit-tls
If I authenticate against users in the sasldb file, with a smtpd.conf
of:
$ cat /usr/local/lib/sasl2/smtpd.conf
Path MUST be /usr/lib/sasl2/smtpd.conf. Create a symlink.
Authentication
works, because sasldb is the default and fallback method. If libsasl
can't
find a smtpd.conf it will fall back to sasldb.
Ok, but then why does it stop working if I change the contents of /usr/
local/lib/sasl2/smtpd.conf? And why are the compile directives set to:
--with-configdir=/usr/local/lib/sasl2:/usr/local/etc/sasl2' '--with-
plugindir=/usr/local/lib/sasl2' '--with-dbpath=/usr/local/etc/sasldb2'
I've made sure that /var/run/saslauthd/ is owned by root:postfix (it
was root:mail) and have removed the authdaemon_path line and am trying
again. Hopefully this was it.
Oh, and since I forgot to mention, Courier-imapd-ssl works fine, it is
only the SMTP authentication that is proving cumbersome.
pwcheck_method: auxprop
mech_list: PLAIN LOGIN
everything works fine. I authenticate and maillog shows the
authentication. No problem at all.
If I change smtpd.conf to :
pwcheck_method: auxprop
mech_list: PLAIN LOGIN
auxprop_plugin: sql
sql_verbose: yes
sql_engine: mysql
sql_hostnames: localhost
sql_user: *user*
sql_passwd: *passwd*
sql_database: postfix
sql_select: select password from mailbox where username = '%u'
authdaemon_path=/var/run/authdaemond/socket
$ ls -ls /var/run/authdaemond/socket
0 srwxrwxrwx 1 root courier 0 Mar 17 01:49 /var/run/authdaemond/
socket
Which do you want authdaemond or sql?
That's a good question. These were the instructions given with
postfixadmin, but I did try this without the authdaemon_path line as
well. Still, made a few changes and am giving it another go.
--
This story shall the good man teach his son; And Crispin Crispian
shal ne'er go by, From this day to the ending of the world, But
we in it shall be remember'd;
