[pfx] Help with SASL Authentication Using /etc/sasldb2 in Postfix

2025-04-03 Thread wouldsmina via Postfix-users
Hello,

I am facing an issue with configuring Postfix to use /etc/sasldb2. I have
already set up SASL authentication, but authentication only works if
/etc/sasldb2 is included in the $FILE variable into
/usr/lib/postfix/configure-instance.sh file.

However, I am not sure if modifying $FILE is actually the right approach,
or if there is a configuration option I am missing. In any case, I am
certain that modifying /usr/lib/postfix/configure-instance.sh is not the
correct solution.

Am I missing something in the SASL or Postfix configuration? Is there a
best practice for making /etc/sasldb2 persistently available?

To configure sasl, I used (among other things) this documentation:
https://www.postfix.org/SASL_README.html

Thanks in advance for your help!

OS : DEBIAN 12
Postfix version : 3.7.11

Best regards,
Wouldsmina
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: Help with SASL Authentication Using /etc/sasldb2 in Postfix

2025-04-03 Thread wouldsmina via Postfix-users
On Debian, I thought the file was located in /etc/postfix/sasl/.
But after creating the /etc/sasl/ directory and placing smtpd.conf inside,
it worked!
This information was indeed in the documentation, but I simply hadn’t
understood it.

*Cyrus SASL version 2.1.22 and newer additionally search in /etc/sasl2/.*

With Postfix 2.5 and later you can explicitly configure the search path via
the cyrus_sasl_config_path configuration parameter. Specify zero or more
colon-separated directories. If set empty (the default value) the search
path is the one compiled into the Cyrus SASL library.

Some Postfix distributions employ a non-empty default value for
cyrus_sasl_config_path to look for the Cyrus SASL configuration file in
/etc/postfix/sasl/, /var/lib/sasl2/ etc. See the output of postconf
cyrus_sasl_config_path and/or the distribution-specific documentation to
determine the expected location.

Some Debian-based Postfix distributions ignore the "cyrus_sasl_config_path"
parameter setting, and force Postfix to open the file
/etc/postfix/sasl/smtpd.conf.



Thank you for your help.



Le jeu. 3 avr. 2025 à 19:11, Wietse Venema via Postfix-users <
postfix-users@postfix.org> a écrit :

> wouldsmina via Postfix-users:
> > Hello,
> >
> > I am facing an issue with configuring Postfix to use /etc/sasldb2. I have
> > already set up SASL authentication, but authentication only works if
> > /etc/sasldb2 is included in the $FILE variable into
> > /usr/lib/postfix/configure-instance.sh file.
>
> That looks like a Debian-specific script that populates
> /var/spool/postfix with copies of system files.
>
> You can avoid that by using something like:
>
> /etc/sasl2/smtpd.conf
> pwcheck_method: auxprop
> auxprop_plugin: sasldb
>
> The actual pathname of the smtpd.conf file may differ.
>
> Wietse
> ___
> Postfix-users mailing list -- postfix-users@postfix.org
> To unsubscribe send an email to postfix-users-le...@postfix.org
>
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org