Auth methods
Cristi Mitrana
cristian.mitrana at online.ie
Wed May 10 14:47:53 EDT 2006
Michael Johnson wrote:
> Hi all
>
> I've been looking into upgrading a server and part of that upgrade was
> to remove a lot of system users who simply need IMAP/SMTP access to the
> machine and nothing more. Basically, I want to make /etc/passwd a lot
> smaller than it currently is.
>
> I was browsing through the documentation on the web site and found:
>
> "The Cyrus IMAP server comes with two authorization mechanisms, one for
> use with Unix /etc/passwd files, one for use with Kerberos."
Do not mix authentication and authorization, the above talks about
authorization and it seems you need authentication.
> Is there no way to use Cyrus IMAP with
> MySQL/PostgreSQL/BDB/other_non_db_source as an authentication source?
> If there is, could someone please point me to a web site with some
> details on how to make this work?
It's possible. Authentication for cyrus-imapd is handled by the
cyrus-sasl library, which can authenticate users out of /etc/sasldb2,
mysql, postgresql (sqlite ?) and with the help of saslauthd from
/etc/passwd, GSSAPI, ldap or any pam stack setup. See the docs for more
options (docs from cyrus-sasl and from cyrus-imapd) and search the list
archive for setup pointers.
mitu
More information about the Info-cyrus
mailing list