cyrus-sasl2

Martin Schweizer lists_freebsd at bluewin.ch
Sat Oct 21 06:05:54 UTC 2006 

Hello Mike

Attached you'll find the mail from Anish an me last year. Hope this helps. Do 
you use only sasldb2 or saslauthd? If not drop me a line.

Am Fri, Oct 20, 2006 at 08:35:39AM -0400 Mike Spenard schrieb:
> Just looking to get sendmail auth working with pwcheck
> 
> Martin Schweizer wrote:
> >Hello Mike
> >
> >What do you need concretly? I use sendmail/cyrus imap (also replication on 
> >a second derver)/sieve (also websieve)/apache (incl. ssl).
> >
> >Am Fri, Oct 20, 2006 at 03:20:33PM -0400 Mike Spenard schrieb:
> >  
> >>Hey Martin,
> >>I saw this post, could I get those hints too?
> >>
> >>Thanks!
> >>Mike Spenard
> >>
> >>Hello Gerard
> >>
> >>I ran in the same trouble. With some changes you can use the article in 
> >>the handbook. Should I send you my hints?
> >>
> >>Am Tue, Nov 08, 2005 at 08:36:32AM -0500 Gerard Seibert schrieb:
> >>    
> >>>/ I found this notation on regarding cyrus-sasl on the FreeBSD site
> >>>      
> >>/>/ 
> >><http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/smtp-auth.html>.
> >>/[snip]
> >>    
> >>>/ Does this apply to cyrus-sasl2 as well? I tried 'make config' but that
> >>>      
> >>/>/ produced nothing. I do not see any option for the 'pwcheck' option in
> >>/>/ the Makefile. What, if any compile options should I include on the
> >>/>/ command line? I am running FreeBSD 5.4 at present.
> >>    

>
> My goal is to use sendmail and cyrus impad 2.3. The problem is if I
> change the mailer in sendmail.mc nothing appears. I also checked
> sendmail.cf. There are no other mailers the the default ones. I'm
> very confused about the problem. Any ideas are very welcome.

I'm using cyrus-imapd22 in production on a few servers with the base=20
sendmail.  I'm assuming you have cyrus-imapd23 setup correctly.
# set the sendmail password check method
touch /usr/local/lib/sasl2/Sendmail.conf
# add "pwcheck_method: saslauthd" to use sasl database
# or "pwcheck_method: passwd" for normal login password checking
# add to /etc/make.conf
SENDMAIL_CFLAGS+=3D	-I/usr/local/include -DSASL=3D2 \
			-D_FFR_SMTP_SSL -DSOCKETMAP
SENDMAIL_LDFLAGS+=3D-L/usr/local/lib
SENDMAIL_LDADD+=3D-lsasl2
# set box specific .mc file in /etc/make.conf so upgrades
# don't wipe out our existing settings
SENDMAIL_MC=3D/etc/mail/host.mydomain.com.mc
# build shared sendmail libs
cd /usr/src/lib/libsm && \
make cleandir && make depend && make obj && make
cd /usr/src/lib/libsmutil && \
make cleandir && make depend && make obj && make
# now rebuild sendmail in the base
cd /usr/src/usr.sbin/sendmail && \
make cleandir && make depend && make obj && make && make install
# in for box specific .mc add
dnl set SASL options
define(`confAUTH_OPTIONS', `A p y')dnl
dnl define(`confDEF_AUTH_INFO', /etc/mail/auth-info')dnl
DAEMON_OPTIONS(`Port=3Dsmtp, Name=3DMSA, M=3DE')dnl
DAEMON_OPTIONS(`Port=3Dsmtps, Name=3DTLSMSA, M=3DEs')dnl
define(`confLOG_LEVEL', `13')dnl
TRUST_AUTH_MECH(`LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS',`LOGIN PLAIN')dnl
define(`confLOCAL_MAILER',`cyrusv2')
# stop and restart sendmail
cd /etc/mail
make
make install
make stop
make start
# check if it worked!
telnet localhost 25
ehlo localhost


If you're trying to host mail for multiple domains you'll need to hack=20
the local ruleset to not strip the @domain.tld from the address=20
before it's passed to cyrus.  The -DSOCKETMAP in the SENDMAIL_CFLAGS=20
is needed, but I use it with a special rule to verify the From:=20
address that comes from a locally hosted domain is actually valid by=20
looking it up via cyrus.


=2D-=20
Anish Mistry

--nextPart1950586.76sVkRoCBK
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)

iD8DBQBD3Q4sxqA5ziudZT0RAr60AJ9peG8y/2Sw3CsOeWejr06v/GcmyQCaA6Nf
QDiynagLlk2ngBGbhcUdUXQ=
=2AAh
-----END PGP SIGNATURE-----

--nextPart1950586.76sVkRoCBK--

-- 

Regards

Martin Schweizer
<info at pc-service.ch>

PC-Service M. Schweizer GmbH; Bannholzstrasse 6; CH-8608 Bubikon
Tel. +41 55 243 30 00; Fax: +41 55 243 33 22; http://www.pc-service.ch;
public key : http://www.pc-service.ch/pgp/public_key.asc; 
fingerprint: EC21 CA4D 5C78 BC2D 73B7  10F9 C1AE 1691 D30F D239;

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20061021/03deb997/attachment.pgp

More information about the freebsd-questions mailing list