* Robert Moskowitz <r...@htt-consult.com>: > For my new server, I plan on using either SHA256 or 512 and trying to see > what impact NOT using MD5 has on the postfix configuration. I am assuming > that this only impacts the sasl authentication and I am seeing: > > # postconf -n|grep sasl > broken_sasl_auth_clients = yes > smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, > rej > ect_unauth_destination, reject_non_fqdn_sender, reject_non_fqdn_recipient, > rejec > t_unknown_recipient_domain > smtpd_sasl_auth_enable = yes > smtpd_sasl_local_domain = $mydomain > smtpd_sasl_path = private/auth > smtpd_sasl_type = dovecot > > That postfix let's dovecot do the authentication lifting and so only dovecot > needs to know the password format and that is in dovecot-sql.conf, > > Is that the extent of it, or is there somewhere else I need to specify the > password format.
It's all left to dovecot. From Postfix' point of view dovecot acts as password verification service. Postfix hands over the indentity data, dovecot authenticates the identity and returns the result and Postfix authorizes the identity to e.g. relay mails. p@rick -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 46 64 Schleißheimer Straße 26/MG,80333 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief Aufsichtsratsvorsitzender: Florian Kirstein
