On Wed, May 28, 2014 at 08:00:22PM +0100, John WH Smith wrote:
> On 28/05/14 19:49, Viktor Dukhovni wrote:
> > You're probably better off with dovecot, it is a less steep learning
> > curve. Cyrus SASL is substantially more configurable, at great
> > cost in interface complexity.
>
> Now that's a far too simple idea to my ears. I've already set up quite a
> few Postfix+Dovecot installs, and this is not what I'm trying to achieve
> here.
You don't have to provision mailboxes or run an IMAP server to
implement just the authentication side of Dovecot.
> I may have got confused between several references online, but is there
> a simple "universal?" way to set up authentication support for outgoing
> email, without setting up a full incoming email service?
No, because there there are so many different ways of handling user
credentials: GSSAPI, DIGEST-MD5, RADIUS, LDAP bind, rimap, OTP, ...
For hashed passwords I generally use saslauthd with PAM and sometimes
an smtp PAM configuration that bypasses the system password database
using a password file dedicated for just email relay accounts.
This is a vast topic, you've been warned. Experience is what you
get when you don't get what you want. You'll be a lot more
experienced by the time you get this working.
--
Viktor.
