### Get SASL authentication working with a Postfix mail server ### | |
How to get the SASL authentication working with the Postfix mail server? | |
On my Postfix server, I needed to allow relaying for authenticated people only.… | |
For authentication purpose, Postfix uses SASL. Here are parameters which I had … | |
# SASL configuration | |
smtpd_sasl_auth_enable = yes | |
smtpd_sasl_security_options = noanonymous | |
smtpd_sasl_local_domain = $myhostname | |
smtpd_sasl_application_name = smtpd | |
broken_sasl_auth_clients = yes | |
smtpd_recipient_restrictions = | |
permit_sasl_authenticated, | |
permit_mynetworks, | |
reject_unauth_destination, | |
reject_unauth_pipelining | |
The next step is to setup SASL itself. That's the content of the /etc/postfix/s… | |
pwcheck_method: auxprop | |
auxprop_plugin: sasldb | |
mech_list: plain login cram-md5 digest-md5 | |
Important to note, that to be able to use auxprop method, I had to install the … | |
Now, the SASL mechanism will use the database at /etc/sasldb2 (this is a standa… | |
It's important to let Postfix (and SASL, obviously) access the database file (o… | |
Another trouble I got, is that Postfix was looking after a /var/spool/postfix/e… | |
smtp inet n - n - - smtpd | |
The second "n" means it is not chrooted. There may be a way of running smtpd in… | |
From now on, Postfix will perform SASL authentication via sasldb2 lookups. Here… | |
List users of the sasldb2 database: | |
sasldblistusers2 | |
Add a new user to the sasldb2 database: | |
saslpasswd2 -c <username> -u <domainname> -a smtpauth | |
(note, that users will have to use logins in the form "username@domainn… | |
Remove a user from the sasldb2 database: | |
saslpasswd2 -d <username> | |
Dump database's content onscreen: | |
db_dump /etc/sasldb2 -p | |
(well, on my Debian 5 distro it was actually the "db4.6_dump" command) | |