[prev in list] [next in list] [prev in thread] [next in thread] 

List:       vchkpw
Subject:    Re: [vchkpw] Vpopmail Postfix and SQL query for SMTP-Auth
From:       Christopher Chan <christopher () ias ! com ! hk>
Date:       2009-10-08 1:47:37
Message-ID: 4ACD44B9.8070704 () ias ! com ! hk
[Download RAW message or body]

Alessio Cecchi wrote:
> Christopher Chan ha scritto:
>> Alessio Cecchi wrote:
>>> Hello,
>>>
>>> this is my situation, one qmail+vpopmail(MySQL)+dovecot server that 
>>> works like an MX record and provide access on mailbox via POP3 or IMAP.
>>>
>>> Another server with postfix and SASL for SMTP-Auth only, with SASL 
>>> that query the vpopmail DB for user authentication.
>>>
>>> My intention is to set a query into SASL for use the same flags for 
>>> SMTP-Auth that read vpopmail and qmail.
>>>
>>
>>
>> Do you run dovecot? If you do, just make use of dovecot's sasl 
>> provisions. That is supported by postfix.
>>
> 
> Thanks,
> 
> yes I run dovecot and I know the SASL + Postfix features, but on the 
> qmail server, postfix is on another server.
> 
> Summary:
> 
> server1
> 
> qmail + vpopmail with mysql backend + dovecot with vpopmail native 
> authentication ("passdb checkpassword" and "args = 
> /home/vpopmail/bin/vchkpw")
> 
> server2
> 
> postfix + SASL that read users from mysql on server1
> 
> How can postfix access to dovecot SASL auth mechanis?
> 
> I could install dovecot on server2, but dovecot can check vpopmail flags 
> on when run with "passdb checkpassword" and "args = 
> /home/vpopmail/bin/vchkpw" and in the same server with vpopmail binary.
> 
> Or not?


Eh? What version of dovecot are you running? dovecot can directly link 
into vpopmail. Install vpopmail on server2, point it to the mysql 
server, compile and install a dovecot version above 1.0 (prefereably 
latest) and compile and install a version of postfix that can make use 
of dovecot's sasl provision.

Quite a bit of fiddling I know...


postfix main.cf

smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth (under postfix spool directory - need to 
set this in dovecot.conf in the auth section under client subsection)
smtpd_sasl_auth_enable = yes

Read the SASL_README file for dovecot stuff:

Building Postfix with Dovecot SASL support

These instructions assume that you build Postfix from source code as 
described
in the INSTALL document. Some modification may be required if you build 
Postfix
from a vendor-specific source package.

Support for the Dovecot version 1 SASL protocol is available in Postfix 
2.3 and
later. At the time of writing, only server-side SASL support is 
available, so
you can't use it to authenticate to your network provider's server. Dovecot
uses its own daemon process for authentication. This keeps the Postfix build
process simple, because there is no need to link extra libraries into 
Postfix.

To generate the necessary Makefiles, execute the following in the 
Postfix top-
level directory:

     % make makefiles CCARGS='-DUSE_SASL_AUTH -
     DDEF_SERVER_SASL_TYPE=\"dovecot\"'

After this, proceed with "make" as described in the INSTALL document.

Notes:

   * The "-DDEF_SERVER_SASL_TYPE" stuff is not necessary; it just makes 
Postfix
     configuration a little more convenient because you don't have to 
specify
     the SASL plug-in type in the Postfix main.cf file.

   * If you also want support for LDAP or TLS, you will have to merge their
     CCARGS and AUXLIBS into the above command line.

!DSPAM:4acd44cd32715512521434!

[prev in list] [next in list] [prev in thread] [next in thread]