Cyrus Postfix SASL Auth SMTP MySQL Always Authenticate multiple mech_list

Dan White dwhite at olp.net
Wed Feb 3 14:39:26 EST 2010


On 03/02/10 20:09 +0200, Eugene van der Merwe wrote:
>I am trying to create a destination NAT SMTP intercept server. I need this
>because for SPAM reporting our upstream are providing our NAT gateway IPs
>instead of our client's internal network IPs and now they are blocking us.
>
>Our clients use many authentication methods, including plain and cram-md5.
>Ideally I want to support these mech_list:
>plain login digest-md5 cram-md5
>
>I install the auxprop_plugin: sql and I pipe requests to the MySQL. But the
>MySQL insists on checking the password. I tried manipulating the MySQL to
>always return true but this seems impossible.
>
>What I would like to know is how to use Cyrus SASL Auth redirection to
>always authenticate the SMTP user regardless of username and password.
>
>My workaround for now is to use just 'plain' and this works quite well but I
>suspect Exchange server are reporting EHLO problems and I can see cram-md5
>failures.

Eugene,

Are these your customers? Where do they normally authenticate to when your
intercept server is not in place? Do you have a central authentication
setup (such as a central mysql database) that you can use on the intercept
server?

-- 
Dan White


More information about the Info-cyrus mailing list