[KLUG Members] simple pop access setup
Richard Harding
rick at ricksweb.info
Fri Nov 12 17:37:26 EST 2004
Adam Tauno Williams wrote:
>>>What are you SASLing (?) against? PAM, RADIUS, LDAP, Kerberos?
>>>
>>>
>>I currently have all of the accounts setup in the normal passwd file
>>with false shells. I figure the easiest to work off of would be to auth
>>against that password right now. I have 58 accounts total with an extra
>>25ish a year so it works for now. Down the road I would like to use
>>ldap, but that's for another day.
>>
>>
>
>
>Then I'd assume your using PAM to auth plain text passwords against
>the /etc/passwd & /etc/shadow files (and that PAM already works).
>
>I don't user postfix, but for sendmail one would run the saslauthd
>servive. This listens on a local socket for chalanges (username+secret)
>and responds to the client (in this case your MTA) with an ACK or NACK
>type response.
>
>For sendmail I'd just add -
>define(`confAUTH_MECHANISMS', `PLAIN')dnl
>TRUST_AUTH_MECH(`PLAIN')dnl
>define(`confAUTH_OPTIONS', `A')dnl
> - to my mc file.
>
>and make sure "saslauthd -a pam" is running (called the saslauthd
>service in SuSe & RedHat). "-a" specifies the authentication mechanism
>(dce, getpwent, kerberos5, pam, sasldb, ldap, etc...)
>
>And for sendmail I have to create /usr/lib/sasl2/Sendmail.conf
>containing -
>pwcheck_method: saslauthd
>mech_list: plain
>- which tells the sasl libraries how to behave when loaded into the
>process calling itself sendmail.
>
>
>_______________________________________________
>Members mailing list
>Members at kalamazoolinux.org
>
>
>
I went through some instructions here:
http://www.mail-archive.com/debian-isp@lists.debian.org/msg13212.html
I am getting closer I think. I am now getting an error: "fatal: no SASL
authentication mechanims" when I start up postfix. This is if I set
/etc/default/saslauthd.conf to MECHANISM="shadow".
If I set it to PAM I don't get the error on loading postfix, but I am
still not getting any auth attempts. I can't seem to find out what steps
I need to get pam to auth for smtp though.
Any ideas where I am missing something?
Thanks
Rick
More information about the Members
mailing list