Auth methods

Cristi Mitrana cristian.mitrana at
Wed May 10 14:47:53 EDT 2006

Michael Johnson wrote:
> Hi all
> I've been looking into upgrading a server and part of that upgrade was 
> to remove a lot of system users who simply need IMAP/SMTP access to the 
> machine and nothing more.  Basically, I want to make /etc/passwd a lot 
> smaller than it currently is.
> I was browsing through the documentation on the web site and found:
> "The Cyrus IMAP server comes with two authorization mechanisms, one for 
> use with Unix /etc/passwd files, one for use with Kerberos."

  Do not mix authentication and authorization, the above talks about
authorization and it seems you need authentication.

> Is there no way to use Cyrus IMAP with 
> MySQL/PostgreSQL/BDB/other_non_db_source as an authentication source?  
> If there is, could someone please point me to a web site with some 
> details on how to make this work?

  It's possible. Authentication for cyrus-imapd is handled by the
cyrus-sasl library, which can authenticate users out of /etc/sasldb2,
mysql, postgresql (sqlite ?) and with the help of saslauthd  from
/etc/passwd, GSSAPI, ldap or any pam stack setup. See the docs for more
options (docs from cyrus-sasl and from cyrus-imapd) and search the list
archive for setup pointers.


More information about the Info-cyrus mailing list