Hello,

I'm attempting to configure SMTP authentication to permit
[authenticated] remote users to relay messages and I'm having very
little luck.

I started out with SASL, and later determined I was going about it the
wrong way, as it required a database (sasldb) of user names and
passwords. As all users already have a Unix login, I felt it was
redundant to provide them with a second account to keep track of.
Afterwards, I read more on saslauthd and realized that it was possible
to use PAM for authentication. So, if my understanding is correct, I
could theoretically use this method to check the local Unix account
names and passwords to verify validity. I'm currently using PAM to
authenticate Cyrus-IMAP with success. I just can't get it to work with
Postfix, to save my life!

My /etc/sasl2/smtp.conf file looks like:

# $Header: /var/cvsroot/gentoo-x86/mail-mta/postfix/files/smtp.sasl,v
1.2 2004/07/18 03:26:56 dragonheart Exp $
#pwcheck_methodam
#mech_list: plain login
pwcheck_method: auxprop
auxprop_plugin: pam

/etc/postfix/main.cf has the following options (plus more):

smtpd_sasl_auth_enable = yes
smtpd_sasl2_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_local_domain =
smtpd_use_tls = yes
smtpd_tls_key_file = /etc/postfix/newreq.pem
smtpd_tls_cert_file = /etc/postfix/newcert.pem
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

If there is any information that anybody could provide for me, I would
greatly appreciate it.

Thank you much in advance,

--
Sean

> Fao, Seanwrote:
Hello,
> My /etc/sasl2/smtp.conf file looks like:
> # $Header:
/var/cvsroot/gentoo-x86/mail-mta/postfix/files/smtp.sasl,v
> 1.2 2004/07/18 03:26:56 dragonheart Exp $
> #pwcheck_methodam
> #mech_list: plain login
> pwcheck_method: auxprop
> auxprop_plugin: pam
>
shouldn't this be in /usr/lib/sasl2 or something like this ... where
the libraries are.
use a tool like strace to see if the sasl libraries are loaded
correctly and if the smtp.conf file is opened when postfix is
started.

"Fao, Sean" <enceladus311@yahoo.comI-WANT-NO-SPAM> wrote:

> If there is any information that anybody could provide for me, I would
> greatly appreciate it.

This works for me:

$ cat /etc/sasl2/smtpd.conf

pwcheck_method: saslauthd
mech_list: PLAIN LOGIN

$ tail /etc/postfix/main.cf

smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, check_relay_domains

smtpd_tls_auth_only = yes
smtpd_use_tls = yes
smtpd_tls_key_file = /etc/ssl/private/server.key
smtpd_tls_cert_file = /etc/ssl/private/server.crt
smtpd_tls_CAfile = /etc/ssl/private/server.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

HTH,
haaner

I just figured it out. Thank you both for your responses.

--
Sean