Re: Fall back when dovecot SASL is unavailable?
- On Thu, Oct 01, 2009 at 03:08:31PM +0200, Hagen F??rstenau wrote:
> I'm using dovecot for SASL authentication:This would incorrectly reject mail, due to a transient problem
> smtpd_sasl_auth_enable = yes
> smtpd_recipient_restrictions =
> smtpd_sasl_type = dovecot
> smtpd_sasl_path = private/auth-client
> Now if for whatever reason dovecot is not running, smtpd will also
> refuse to work, complaining "fatal: no SASL authentication mechanisms".
> I would much prefer it to fall back to "smtpd_sasl_auth_enable = no" in
> that case, so that mail for local recipients can still be received. Is
> this possible?
(authentication down). A better solution would be to 4XX fail all auth
Frankly, configure SASL just on port 587, and *require* SASL there, in
which case, no point in running the service while SASL is down.
Keep your dovecot server running.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
- Ralf Hildebrandt wrote:
> * Hagen Fürstenau <hfuerstenau@...>:for the auth part, only enable auth for submission (587).
>> I'm using dovecot for SASL authentication:
>> smtpd_sasl_auth_enable = yes
>> smtpd_recipient_restrictions =
>> smtpd_sasl_type = dovecot
>> smtpd_sasl_path = private/auth-client
>> Now if for whatever reason dovecot is not running, smtpd will also
>> refuse to work, complaining "fatal: no SASL authentication mechanisms".
>> I would much prefer it to fall back to "smtpd_sasl_auth_enable = no" in
>> that case, so that mail for local recipients can still be received. Is
>> this possible?
> It's the one problem we're having here as well: When updating dovecot,
> postfix won't work due to that...
for the "deliver" part, make it after the filter, so that mail is still
kept in the local queue.
I used to stop postfix while upgrading dovecot, but I don't do that
anymore. I now only stop postfix if upgrading mysql (I thought about
dumping the db and changing postfix config, but this is too much...).