Athentication problem
Dan White
dwhite at olp.net
Wed Jul 16 12:55:20 EDT 2008
Stephen Liu wrote:
>> Do you explicitly want to support specific SASL mechanisms
>> (PLAIN, DIGEST-MD5...)?
> Sorry I don't follow. Please explain in more detail. Thanks
It looks like you have specified PLAIN as your only mechanism
within imapd.conf, and I'm guessing you have 'allowplaintext:
yes' set as well.
LOGIN is more typical within SMTP connections, so I would add it.
I'm not aware of any equivalent 'allowplaintext' option within
Postfix. I don't think you need one.
>> Do you intend to authenticate users like you're currently
>> authenticating them with cyrus pop3?
>
>
> I don't stick on the method of authentication. But I do expect that
> the authentication will be same on all mail application.
>
>
>> If so, what do your sasl_*
>> config options look like in /etc/imapd.conf?
>
>
> $ grep sasl_* /etc/imapd.conf
> sasl_mech_list: PLAIN
> sasl_pwcheck_method: saslauthd
> sasl_auto_transition: no
> sasl_saslauthd_path: /var/spool/postfix/var/run/saslauthd/mux
You will also need to create a SASL config file for Postfix which
matches this configuration, to get similar authentication
functionality. Typically, you'd create the file
'/etc/postfix/sasl/smtpd.conf' and put these lines into it (I
would add LOGIN):
mech_list: PLAIN LOGIN
pwcheck_method: saslauthd
auto_transition: no
saslauthd_path: /var/spool/postfix/var/run/saslauthd/mux
however, if you are running your postfix chrooted, which appears
to be the case, then you'll want to change that last line to:
saslauthd_path: /var/run/saslauthd/mux
- Dan
More information about the Cyrus-sasl
mailing list