* LuKreme <krem...@kreme.com>: > On 17-Mar-2009, at 13:45, Patrick Ben Koetter wrote: >> smtpd_sasl_security_options = noplaintext, noanonymous >> smtpd_sasl_tls_security_options = noanonymous >> >> As for the PAM part in the sasl authentication, start saslauthd like >> this: >> >> saslauthd -a pam -m /path/to/the/socket > > > path to which socket there? > > $ ls -ls /var/run/saslauthd/ > total 2 > 0 srwxrwxrwx 1 root postfix 0 Mar 17 03:52 mux
mux it is. > 0 -rw------- 1 root postfix 0 Mar 17 03:52 mux.accept > 2 -rw------- 1 root postfix 6 Mar 17 03:52 saslauthd.pid > > /var/run/saslauthd/mux ?? > > I found some info and came up with this in pam.d/smtp > > $ cat /etc/pam.d/smtp > auth required pam_mysql.so user=postfix passwd=*** host=localhost \ > db=postfix table=mailbox usercolumn=username passwdcolumn=password > crypt=1 > account sufficient pam_mysql.so user=postfix passwd=*** host=localhost \ > db=postfix table=mailbox usercolumn=username passwdcolumn=password > crypt=1 > > smtpd.conf is now simply: > pwcheck_method: pam > mech_list: plain login Nope. This is correct: pwcheck_method: saslauthd mech_list: plain login Read it this way: libsasl use saslauthd to process authentication. saslauthd use PAM as backend. PAM use PAM mysql as backend ... p...@rick -- The Book of Postfix <http://www.postfix-book.com> saslfinger (debugging SMTP AUTH): <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
