Mailinglist Archive: opensuse-security (485 mails)

< Previous Next >
Re: [suse-security] postfix/imap/cyrus-sasl and Pam backend
  • From: Markus Feilner <lists@xxxxxxxxxxxxxx>
  • Date: Wed, 10 Mar 2004 13:05:06 +0100
  • Message-id: <200403101305.06834.lists@xxxxxxxxxxxxxx>
Am Mittwoch, 10. März 2004 12:20 schrieb sematin@xxxxxxxxx:
> Hmm! I haven't tried this before but have you looked at:
>
> http://www.postfix.org/docs.html
>
> There seem to be a number of howtos there that could be relevant.
>
> Noah.
Thank You!
Yes, and they are very good, esp. Patrick Koetter's, but i couldn't find
anything for pam, only sasldb...


>
> > -----Original Message-----
> > From: Markus Feilner [mailto:lists@xxxxxxxxxxxxxx]
> > Sent: 10 March 2004 14:12
> > To: Suse-Security
> > Subject: [suse-security] postfix/imap/cyrus-sasl and Pam backend
> >
> >
> > Hello List,
> > I am looking for a site with good information about postfix,
> > cyrus-sasl
> > (and later kerberos authentikation against Active Directory). I
> > have postifix and imap running with cyrus sasl and sasldb, but i
> > did not manage to get it to authenticate against pam or kerberos.
> > I have been googling, but i could not find a solution.
> >
> > I know that:
> > - /etc/sysconfig/saslauthd tells saslauthd which mech to use.
> > the entry is: SASLAUTHD_AUTHMECH=pam
> >
> > - /usr/lib/sasl2/smtpd.conf
> > pwcheck_method: saslauthd
> > mechlist: plain login crammd5 digestmd5
> >
> > -/etc/posstfix/main.cf
> > for testing:
> > (...)
> > smtpd_sender_restrictions = permit_sasl_authenticated,
> > permit_mynetworks, reject
> > smtpd_sasl_auth_enable = yes
> > smtpd_sasl_security_options = noanonymous
> > broken_sasl_auth_clients = yes
> > (...)
> >
> > Now: postfix grants all users access based on user/password
> > kombinations
> > in sasldb - and only those users. Shouldn't saslauth use the local
> > user/password Kombination?
> > (BTW: Why does sasl with PAM only work with PLAIN?)
> >
> > Thanks a lot!
> > --
> > Mit freundlichen Grüßen
> > Markus Feilner
> > --
> > Linux Solutions, Training, Seminare und Workshops - auch
> > Inhouse Feilner IT Linux & GIS Erlangerstr. 2 93059 Regensburg
> > fon: +49 941 70 65 23 - mobil: +49 170 302 709 2
> > web: http://feilner-it.net mail: mfeilner@xxxxxxxxxxxxxx
> >
> > --
> > Check the headers for your unsubscription address
> > For additional commands, e-mail: suse-security-help@xxxxxxxx
> > Security-related bug reports go to security@xxxxxxx, not here

--
Mit freundlichen Grüßen
Markus Feilner
--
Linux Solutions, Training, Seminare und Workshops - auch Inhouse
Feilner IT Linux & GIS Erlangerstr. 2 93059 Regensburg
fon: +49 941 70 65 23 - mobil: +49 170 302 709 2
web: http://feilner-it.net mail: mfeilner@xxxxxxxxxxxxxx

< Previous Next >
Follow Ups
References