Postfix & SASL Authentication
pauls at utdallas.edu
pauls at utdallas.edu
Wed Aug 9 03:49:23 UTC 2006
--On August 8, 2006 7:40:20 PM -0400 Gerard Seibert <gerard at seibercom.net>
wrote:
> Paul Schmehl wrote:
>
>> Apparently you're using the sasldb2 database for logins? If so, the
>> sasldb2 database needs to be readable by postfix, and it has to be
>> populated with the usernames at domains that you need. Have you populated
>> the db?
>>
>> You would probably be better off using saslauthd as your
>> pwcheck_method. Then start saslauthd with the -a sasldb flag. (See
>> man 8 saslauthd.) Auxprop is an older method that wasn't very
>> dependable.
>
> Thanks, that is what I did. I had to modify the
> /usr/local/lib/smtpd.conf file, but that was about it.
>
Glad to hear it.
> I do have one question though. The rc.d file has 'pam' listed rather
> than sasldb for the '-a ' flag. I changed it there although the
> directions said not too. Is there any reason that changing it in the rc.d
> file is a bad thing?
Not a bad thing, but when the port gets updated, your changes will be
overwritten. Instead, use /etc/rc.conf:
saslauthd_enable="YES"
saslauthd_flags="-a sasldb"
I could not figure out what it meant to do
> otherwise. Was I suppose to create another file that would override that
> one? If so, what was the syntax of the file suppose to be? Anyway, it
> works, so that is all I am really interested in at the moment.
>
In general, you want to put variables for startup scripts in /etc/rc.conf,
rather than editing the individual startup files. The startup scripts
will source the /etc/rc.conf file and get the values of those variables
and use them when they run.
Paul Schmehl (pauls at utdallas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
More information about the freebsd-questions
mailing list