Can't successfully test credentials I just created

Ann Onemouse annonemouse at me.com
Mon Nov 17 15:47:31 EST 2008 

Hello, Dan.

Thanks very much for your prompt reply.

On Nov 17, 2008, at 3:06 PM, Dan White wrote:
>  If you want to use sasldb with the SASL library, you probably want  
> to use the pwcheck_method of "auxprop" along with the sasldb auxprop  
> plugin  instead.
Well, I'm not attached to any particular password database format,  
except insofar as I have very limited RAM on the server in question.  
So I can't afford to run the memory-hogging LDAP server just to serve  
this function.

This server's sole job is to be an SMTP relay host for other systems.  
Each of systems that sends email will authenticate to this server  
using the same credentials, so I only need to store a single username/ 
password combination. These credentials will be used only for this  
purpose, and I don't want them to be used for anything else (like  
shell access!).

> So you could recompile saslauthd with the appropriate support,
Yech. I'd like to avoid this option if at all possible. Don't want to  
run down the dependencies or deal with recompiling for upgrades.

> if you really do need to use saslauthd,
I'm not sure that I *do* need saslauthd. I just want to set up a  
single username and password that other hosts can use to relay mail  
through this server, and could not see how to do it any other way.  :(

> or you could configure your postfix smtpd.conf file like:
> pwcheck_method: auxprop
> auxprop_plugin: sasldb
>
> smtptest is a great way to verify.
Well, I tried configuring postfix at the same time as SASL, but there  
are so many interdependent settings, and so much conflicting info on  
the web about this, that I decided to try to set up one software  
system at a time, and make sure it works with its own testing tools,  
before moving on to the next. I am not a postfix guru either, so I'd  
love to leave the postfix configuration out of this for the moment if  
possible.

Is there no way to just set up a flat file of username / password  
pairs and test SASL, without involving other software? Should I just  
stick with PAM, create a Unix account, and set the shell to "nologin"?

Thanks again,
- Ann

More information about the Cyrus-sasl mailing list