On 03/07/14 17:13 +0100, Andrey wrote: >Hi everyone, > >I am stack. I would like to use in my test environment virtual domains and emails. > >I have 2 domains. The users from default domain i can via sasl and pam authenticate without problem. I use in my mail software credentials like user password. >Now I don’t want to use pam mechanism, but sasldb. See hereunder my configs: > >/etc/default/saslauthd > >START=yes >MECHANISMS="sasldb" >MECH_OPTIONS="" >THREADS=5 saslauthd, with default compile options, does not contain support for sasldb. It is recommended to use the sasldb auxprop plugin in this scenario rather than saslauthd. Configure /etc/imapd.conf with: sasl_auxprop_plugin: sasldb sasl_pwcheck_method: auxprop >#chroot Postfix >OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd” > > >/etc/postfix/main.cf >#only sasl/virtual related config info! >mydomain = domain.tld >myhostname = mail.domain.tld >mydestination = mail.domain.tld, domain.tld, localhost.domain.tld, localhost > >mailbox_transport = lmtp:unix:/var/run/cyrus/socket/lmtp Configure your postfix smtpd.conf with: auxprop_plugin: sasldb pwcheck_method: auxprop The sasldb database is typically contained in /etc, and not underneath underneath the Postfix chroot. Either disable chrooting of smtpd in /etc/postfix/master.cf, or configure an appropriate 'sasl_sasldb_path' in /etc/imapd.conf, and a 'sasldb_path' in your postfix smtpd.conf file. If you continue to chroot postfix, you will also need to specify the location of the sasldb database with 'saslpasswd2 -f <path>'. >/etc/imapd.conf >#only sasl/virtual related config info! >allowplaintext: yes >sasl_mech_list: PLAIN >loginrealms: domain.tld,domain2.tld >virtdomains: userid >defaultdomain: domain.tld >sasl_pwcheck_method: saslauthd >sasl_auto_transition: no > > >Then I did following steps: >saslpasswd2 -u domain.tld info >testsaslauthd -u info -r domain.tld -p Pa77w0rd >0: OK "Success." >testsaslauthd -u info@xxxxxxxxxx -p Pa77w0rd >0: NO "authentication failed" With saslauthd, you may wish to experiment with the '-r' option (/etc/default/saslauthd OPTIONS). -- Dan White ---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
