I use stunnel to wrap imap and pop3. For SMTP I have TLS authentication
using the saslauthd deamon and postfix. I have many virtual domains, but
all accounts are local/plain unix accounts. Most do not have shell access.
I use the following use flags
mail-mta/postfix pam sasl ssl
dev-libs/cyrus-sasl berkdb crypt ntlm_unsupported_patch pam ssl
emerge --unmerge qmail
emerge postfix
in main.cf I have:
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_use_tls = yes
smtpd_tls_auth_only = yes
smtpd_tls_key_file = /etc/stunnel/stunnel.pem
smtpd_tls_cert_file = /etc/stunnel/stunnel.pem
smtpd_tls_CAfile = /etc/stunnel/stunnel.pem
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
(I just use the same key from stunnel for TLS... I duno if it is even
needed or not)
~ # cat /etc/sasl2/smtpd.conf
pwcheck_method: saslauthd
log_level: 3
mech_list: PLAIN LOGIN
authdaemond_path:/var/lib/sasl2/mux
~ # grep -v -- \# /etc/conf.d/saslauthd
SASLAUTHD_OPTS="${SASLAUTH_MECH} -a shadow -r"
If you guys have any problems with the above... I lurk on this list if
you need help.
Tito Valentin wrote:
Hello list:
I have been trying to get SMTP authentication on Gentoo to work with no
success. I am running qmail (netqmail package) with dovecot and
saslauth.
I am able to connect and read my mail through IMAP fine. The problem is
that I cannot send email using my own SMTP server due to an
authentication
issue. Every time we try to send email out we get an error saying
that it
cannot establish a connection because I am not part of the allowed
rcphost
list. I tried adding the remote host in the rcpthosts database but the
problem persists. The only error I see in the log files for dovecot is
"Disconnected"
Can anyone point me in the right direction as to why I can't be
authenticated when sending email out? Another thing is, it keeps
prompting me for my passwd.
GV
--
gentoo-user@gentoo.org mailing list
