[KLUG Members] simple pop access setup

[Adam Tauno Williams]

> >What are you SASLing (?) against?  PAM, RADIUS, LDAP, Kerberos?
> I currently have all of the accounts setup in the normal passwd file 
> with false shells. I figure the easiest to work off of would be to auth 
> against that password right now. I have 58 accounts total with an extra 
> 25ish a year so it works for now. Down the road I would like to use 
> ldap, but that's for another day.


Then I'd assume your using PAM to auth plain text passwords against
the /etc/passwd & /etc/shadow files (and that PAM already works).

I don't user postfix, but for sendmail one would run the saslauthd
servive.  This listens on a local socket for chalanges (username+secret)
and responds to the client (in this case your MTA) with an ACK or NACK
type response.

For sendmail I'd just add -
define(`confAUTH_MECHANISMS', `PLAIN')dnl
TRUST_AUTH_MECH(`PLAIN')dnl
define(`confAUTH_OPTIONS', `A')dnl
 - to my mc file.

and make sure "saslauthd -a pam" is running (called the saslauthd
service in SuSe & RedHat).  "-a" specifies the authentication mechanism
(dce, getpwent, kerberos5, pam, sasldb, ldap, etc...)

And for sendmail I have to create /usr/lib/sasl2/Sendmail.conf
containing -
pwcheck_method: saslauthd
mech_list: plain
- which tells the sasl libraries how to behave when loaded into the
process calling itself sendmail.