On 2010-02-04, Dan Harnett <dan...@harnett.name> wrote:
> On Thu, Feb 04, 2010 at 07:07:35AM -0500, Kenneth R Westerback wrote:
>> or (even better)
>>
>> export PKG_PATH=<mirror of your choice>
>> pkg_add postfix-2.7.20091209-sasl2.tgz
>>
>> or, if you want -stable rather than -snapshot
>>
>> pkg_add postfix-2.6.5-sasl2.tgz
>>
>> And follow the Postfix manual/web/whatever. That's what I did. I also bought
>> some Postfix books. Eventually I got it working with TLS.
>
>
> FWIW, postfix also supports the dovecot sasl implementation without the
> need for the sasl2 flavor.
Postfix+Dovecot gives a fairly straightforward way to get
SMTP auth working, something along these lines:
smtp_tls_security_level = may
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated
reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_tls_CAfile = /etc/ssl/cert.pem
smtpd_tls_cert_file = /etc/ssl/dovecotcert.pem
smtpd_tls_key_file = /etc/ssl/private/dovecot.pem
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:/var/postfix/smtpd_scache
smtpd_tls_session_cache_timeout = 7200s
and in the socket listen { ... } section of dovecot.conf, something like
client {
path = /var/spool/postfix/private/auth
mode = 0660
user = _postfix
group = _postfix
}
