I'm not sure about SASL per-se, but Dovecot is pretty good. It's very easy to setup, and it has more of a postfix-like configuration approach. That said, I wouldn't migrate to it out of a working setup unless you had an above-average reason too (if Cyrus's security is dangerously bad, then I would consider it). I have a 3.9 box running it for doing IMAP to webmail clients, and I haven't had a problem with it yet. I recall it being very easy to configure SASL.
-Drake On 9/22/06, Seth Hanford <[EMAIL PROTECTED]> wrote:
I pre-ordered 4.0, and was starting to think about system upgrades. About a month ago I noticed on the Dovecot site that as of Postfix 2.3, Dovecot SASL is a supported SASL auth type for authenticating users during smtpd_sasl restrictions. Has anyone used this under OpenBSD? Anyone with a professional opinion on whether Dovecot's SASL may be more secure / simple than Cyrus'? I was thinking this might be the case, given Dovecot's security stance for their IMAP server. My current setup is using postfix 2.2.8p1-sasl2 under OpenBSD 3.9, which installs cyrus-sasl-2.1.21p2. I use SASL and TLS to encrypt incoming authorization for remote mail users that wish to use my Postfix server as an SMTP gateway. If I used Dovecot in this instance, would it be just the regular postfix package and dovecot package? Or is the postfix-sasl2 package necessary, but just without invoking the Cyrus sasl code (setting smtpd_sasl_type to dovecot in main.cf, and not configuring a cyrus sasl2 smtpd.conf)? Thanks for your input; I'd like to plan ahead b/c this would also mean a migration from courier-imap to Dovecot. - Seth
