Debian Postfix backports and SASL2
markus.welsch at suk.net
Tue Apr 29 06:13:34 EDT 2003
> Hi, I've been following the Web-Cryadm howto to install Cyrus, Postfix
> etc and I've managed to get Cyrus working fine using SASL2. I'm using
> Debian Testing distro and using the backports of Cyrus, Postfix etc.
> The problem I can see, is that Cyrus is using SASL2, and Postfix is
> using (or depends on at least) SASL1. I've got both SASL2 and SASL1
> installed - but I think I've only configured it all for SASL2 (I
> think) - however when I enable SASL authentication in postfix, I get a
> "Bad command at startup - throttling" message whenever I try to send an
> email. If I turn SASL off, then it works.
> I'd prefer not to have to re-compile Postfix from the sources (I like
> the automatic updating facility of Debian packages).
> So - has anyone got SASL2 authentication working with Postfix using the
> Debian backports (http://people.debian.org/~hmh/woody/hmh)? Is it
> possible to still use the saslauthd (SASL2) with Postfix which is
> expecting SASL1? I'm quite confused by all this SASL stuff.
Well there is a more recent version of the postfix backport available at
You can't use SASL2 with Postfix 2.x backports if you are not compiling
Postfix yourself. This is because of a dependency problem that would
occur when Postfix would be using SASL2.
I have SMTP AUTH working fine with Postfix 2.09 (including
sender_login_map). All you need is
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sender_login_maps = hash:/etc/postfix/sender_login
If you do not want to use sender login maps then just disable that
stuff. When you use sasldblistusers be sure that the users that you want
to authentificate for is created correctly. E. g. if your $myhostname is
testing.isp.com then you could create a smtp auth user using:
saslpasswd -a -u testing.isp.com username
cp /etc/sasldb /var/spool/postfix/etc
Since postfix is running chrooted to /var/spool/postfix by default -
which is a good task :-))
More information about the Info-cyrus