From owner-freebsd-questions@FreeBSD.ORG Wed Aug 9 03:49:22 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E3E4916A4DA for ; Wed, 9 Aug 2006 03:49:22 +0000 (UTC) (envelope-from pauls@utdallas.edu) Received: from mail.stovebolt.com (mail.stovebolt.com [66.221.101.248]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5A5B043D78 for ; Wed, 9 Aug 2006 03:49:21 +0000 (GMT) (envelope-from pauls@utdallas.edu) Received: from [192.168.2.102] (adsl-68-93-60-54.dsl.rcsntx.swbell.net [68.93.60.54]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.stovebolt.com (Postfix) with ESMTP id 22DD3114313 for ; Tue, 8 Aug 2006 22:47:33 -0500 (CDT) Date: Tue, 08 Aug 2006 22:49:19 -0500 From: pauls@utdallas.edu To: freebsd-questions@freebsd.org Message-ID: <6B14B664E12894DC32F7DC0A@paul-schmehls-powerbook59.local> In-Reply-To: <20060808193523.BDD9.GERARD@seibercom.net> References: <20060808120629.F5AF.GERARD@seibercom.net> <44D8C496.80105@utdallas.edu> <20060808193523.BDD9.GERARD@seibercom.net> X-Mailer: Mulberry/4.0.0 (Mac OS X) MIME-Version: 1.0 Content-Type: multipart/signed; micalg=sha1; protocol="application/pkcs7-signature"; boundary="==========85171695ED99BEAB1D60==========" X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Re: Postfix & SASL Authentication X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Aug 2006 03:49:23 -0000 --==========85171695ED99BEAB1D60========== Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline --On August 8, 2006 7:40:20 PM -0400 Gerard Seibert = wrote: > Paul Schmehl wrote: > >> Apparently you're using the sasldb2 database for logins? If so, the >> sasldb2 database needs to be readable by postfix, and it has to be >> populated with the usernames@domains that you need. Have you populated >> the db? >> >> You would probably be better off using saslauthd as your >> pwcheck_method. Then start saslauthd with the -a sasldb flag. (See >> man 8 saslauthd.) Auxprop is an older method that wasn't very >> dependable. > > Thanks, that is what I did. I had to modify the > /usr/local/lib/smtpd.conf file, but that was about it. > Glad to hear it. > I do have one question though. The rc.d file has 'pam' listed rather > than sasldb for the '-a ' flag. I changed it there although the > directions said not too. Is there any reason that changing it in the = rc.d > file is a bad thing? Not a bad thing, but when the port gets updated, your changes will be=20 overwritten. Instead, use /etc/rc.conf: saslauthd_enable=3D"YES" saslauthd_flags=3D"-a sasldb" I could not figure out what it meant to do > otherwise. Was I suppose to create another file that would override that > one? If so, what was the syntax of the file suppose to be? Anyway, it > works, so that is all I am really interested in at the moment. > In general, you want to put variables for startup scripts in /etc/rc.conf, = rather than editing the individual startup files. The startup scripts=20 will source the /etc/rc.conf file and get the values of those variables=20 and use them when they run. Paul Schmehl (pauls@utdallas.edu) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/ --==========85171695ED99BEAB1D60==========--