saslauth configuration question

Charles Bradshaw brad at gx110.bradcan.homelinux.com
Mon Jan 14 14:39:41 EST 2013


I am considering switching my smptd from sendmail to postfix, but I am a
little confused.

The following snip from http://www.postfix.org/SASL_README.html

"
/etc/sasl2/smtpd.conf:
    pwcheck_method: saslauthd
    mech_list: PLAIN LOGIN

Do not specify any other mechanisms in mech_list than PLAIN or LOGIN when
using saslauthd! It can only handle these two mechanisms, and authentication
will fail if clients are allowed to choose other mechanisms.
"

Appears to be wrong! I have the sasl2 configuration:

/etc/sasl2/Sendmail.conf:
    pwcheck_method: saslauthd
    mech_list: DIGEST-MD5 PLAIN

>> DEFINITELY WORKING <<

Admittedly, I am using sendmail and not postfix so perhaps I have a miss
configuartion somewhere. The server in question is using /etc/salsdb with some
test users NOT having accounts on the server and the debug dialogs clearly
show that DIGEST-MD5 is being used.

The above quote, cut and paste from the readme, contains a clear enough
statement, except for the grammer, ie the word "other" missing  between the
words "mech_list" and "than". But:

I'm confused because I have a solid, tested, working example which contradicts
the postfix readme.

Is the operation of Sendmail.conf somehow different to smtpd.conf?

Further on the readme does say:

/etc/sasl2/smtpd.conf:
    pwcheck_method: auxprop
    auxprop_plugin: sasldb
    mech_list: CRAM-MD5 PLAIN

Which also works.

Is there a rational explanation or do I just put it down to a ghost in the
machine?



More information about the Cyrus-sasl mailing list