Newbie lament on SASL authentication with Postscript...

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Please accept my apologies in advance for what is only venting my frustration with my own combination of hubris and incompetence...

I am building a new mail server to replace an existing FreeBSD 8.1/Postfix/CourierIMAP/SQWebwail mail server that seems to be working OK so far. It, and its predecessors, have been working for years.

But I want to make a new server (on another machine) that uses the most recent software, has SMTP user authentication (and maybe some other less important bells and whistles), and permit me to keep the old server for backup.

So I want to add SMTP user authentication to Postfix. Since Postfix's main interest in life is email and not authentication as such, it uses SASL from the Cyrus guys. Since Cyrus' main interest in life is authentication, and not databases as such, it uses MySQL from the MySQL guys. This is GOOD, in the spirit of Newton's remark "If I have seen further it is by standing on the shoulders of giants."

This really is GOOD, but I now have to configure three (3) different, rather complex (this is not a low blow since the software packages in question do all sorts of great things), sets of software.

To stay in the same imagery, I would rather stand on others' shoulders than have to figure it all out myself. In short, I would like a simple cook-book recipe which says "do steps 1 through 5" and voilà! (I agree with Tom Lehrer: "Don't strain your eyes. Plagiarize!").

But I have not found the magic recipe. Such recipes as I have found either 1) are very old or 2) describe FreeBSD/Postfix/Dovecot/SQWebwail or 3) describe FreeBSD/Postfix/Dovecot/Squirrelmail or 4) describe Ubuntu/Postfix/Dovecot/Squirrelmail or 5) describe FreeBSD/Postfix/CyrusIMAP/Squirrelmail or ..... 67) describe Windows/MSExchangeServer/Dovecot/SQWebwail.

So my next step is to see if, guided by the recipes I have found, I can adjust them by using the tried and trusted RTFM method.

In my newbieness, my perception of Cyrus SASL documentation is that it falls into a common pitfall for open source documentation: ultra-geek documentation for someone who already knows (almost) everything about the subject at hand, but is missing that little detail to change the package for his/her own ends (admittedly one of the glories of open source software). One comes across passages like "Bear in mind that the frazzleduper communicates through a noozle-socket (since release 2.3.1) but only if you are using IPV6. If you have installed Whizzbang 2 you will also have to configure your doosiewhatsis to conform to RFC2542.b" After reading passages like this, one wonders if one wouldn't enjoy doing one's taxes at least as much...

In the case at hand we have

1) mail clients logging into postfix mail server
2) postfix communicating (logging in?) to Cyrus SASL
3) Cyrus logging in to MySQL
4) and somewhere, Courier authdaemon is doing stuff

I contend there are times when it isn't clear in the documentation who's logging into what and for what purpose.

Feel free to flame me, I do deserve it for wanting something GOOD for free and with little effort, and I hope I have made it clear I understand this.

But right now I'm frustrated and trying to blame my shortcomings on others.

On the other hand, I can use a watch without having to know everything about it's insides.

If, after flaming me, you can point me to documentation that hits that delicate balance between over-generalized marketing hype and excessive technical detail that would be nice.

And finally (at last!), notwithstanding my rant, open source software is truly amazing!

Bernard Higonnet
PS I'll be happy with PLAIN LOGIN for now...

[Index of Archives]     [Info Cyrus]     [Squirrel Mail]     [Linux Media]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux