Folks:
I'm trying to use Cyrus SASL as the SASL library for Postfix (v3.5.9) on a Rocky Linux 9.1 system. The Cyrus library that Rocky installed is 2.1.27-20 (via Anaconda at system installation).
I'm a little hampered because the documentation seems to be in transition, and a lot of information (such as where configuration files for services are) is outdated, but not everywhere.
Because this is a small deployment, I have elected to use sasldb and the auxprop for a plaintext password database---seemed the simplest approach for a community of about 4 users, not all of which are in the /etc/passwd or /etc/shadow file anyway.
As I understand it, Postfix will be asking Cyrus SASL to read the "smtpd.conf" file (because my Postfix config parameter "smtpd_sasl_path" is set to smtpd). However, I'm not sure that this is really happening. In particular, I have set logging to be 7 (highest level defined in sasl.h) and I don't see any additional logging going on.
I'm also trying to enable the MD5 challenge/response authentication methods---whether this is legal or not for sasldb is unclear from the documentation---and adding them to the mech_list doesn't seem to be propagating into Postfix.
Here's my /etc/sasl2/smtpd.conf file:
#/jms/ changed to auxprop to force plaintext file locally
pwcheck_method: auxprop
auxprop_plugin: sasldb
#sasldb_path: <path to sasldb file> (default according to docs is /etc/sasldb2)
sasldb_path: /etc/sasl2/sasldb2
#sasldb_mapsize: <size in bytes> (default 1M)
#sasldb_maxreaders: <max threads> (default 128)
log_level: 7
mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
Is there some other documentation I can consult (other than 'use the source, Luke') to figure out whether I'm even going down the right path here?
Thanks,
Joel Snyder
