* LuKreme <krem...@kreme.com>: > On 17-Mar-2009, at 03:15, Patrick Ben Koetter wrote: >> * LuKreme <krem...@kreme.com>: >>> OK, first question is will I be able to setup smtpd.conf so that it >>> will >>> support MULTIPLE authentication methods (sql and PAM)? But first, to >>> get >>> it working. >>> >>> I am running on a custom port right now to avoid mucking with 587 >>> until >>> everything is working: >>> >>> 2525 inet n - n - - smtpd >>> -o smtpd_enforce_tls=yes >>> -o smtpd_sasl_auth_enable=yes >>> -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject >>> -o syslog_name=submit-tls >>> >>> If I authenticate against users in the sasldb file, with a smtpd.conf >>> of: >>> >>> $ cat /usr/local/lib/sasl2/smtpd.conf >> >> Path MUST be /usr/lib/sasl2/smtpd.conf. Create a symlink. >> Authentication >> works, because sasldb is the default and fallback method. If libsasl >> can't >> find a smtpd.conf it will fall back to sasldb. > > Ok, but then why does it stop working if I change the contents of /usr/ > local/lib/sasl2/smtpd.conf? And why are the compile directives set to: > > --with-configdir=/usr/local/lib/sasl2:/usr/local/etc/sasl2' '--with- > plugindir=/usr/local/lib/sasl2' '--with-dbpath=/usr/local/etc/sasldb2'
My fault. I've overlooked that. In your case /usr/local/lib/sasl2 is the correct place to store Cyrus SASL config files. > I've made sure that /var/run/saslauthd/ is owned by root:postfix (it was > root:mail) and have removed the authdaemon_path line and am trying > again. Hopefully this was it. > > Oh, and since I forgot to mention, Courier-imapd-ssl works fine, it is > only the SMTP authentication that is proving cumbersome. > >>> pwcheck_method: auxprop >>> mech_list: PLAIN LOGIN >>> >>> everything works fine. I authenticate and maillog shows the >>> authentication. No problem at all. >>> >>> If I change smtpd.conf to : >>> pwcheck_method: auxprop >>> mech_list: PLAIN LOGIN >>> auxprop_plugin: sql >>> sql_verbose: yes >>> sql_engine: mysql >>> sql_hostnames: localhost >>> sql_user: *user* >>> sql_passwd: *passwd* >>> sql_database: postfix >>> sql_select: select password from mailbox where username = '%u' >>> authdaemon_path=/var/run/authdaemond/socket >>> >>> $ ls -ls /var/run/authdaemond/socket >>> 0 srwxrwxrwx 1 root courier 0 Mar 17 01:49 /var/run/authdaemond/ >>> socket >> >> Which do you want authdaemond or sql? > > That's a good question. These were the instructions given with > postfixadmin, but I did try this without the authdaemon_path line as > well. Still, made a few changes and am giving it another go. I haven't used postfixadmin, so I don't know what it has on its mind. The question is: Where are the passwords stored and are they plaintext or crypted? p...@rick -- The Book of Postfix <http://www.postfix-book.com> saslfinger (debugging SMTP AUTH): <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
