Loading ...
Sorry, an error occurred while loading the content.

Re: authenticated open relay postfix-mysql

Expand Messages
  • Lang Alex
    Thans very much. It sound like there is no way without sasl and all roads lead to dovecot Alex
    Message 1 of 9 , Aug 21, 2013
    • 0 Attachment
      Thans very much.

      It sound like "there is no way without sasl" and "all roads lead to
      dovecot"

      Alex


      On 21.8.2013 14:17, Wietse Venema wrote:
      > Lang Alex:
      > [no local mailboxes]
      >
      > Postfix relay-only configuration:
      >
      > /etc/postfix/main.cf:
      > smtpd_recipient_restrictions =
      > permit_sasl_authenticated, reject
      >
      > Then, configure your favorite SASL provider according to
      > http://www.postfix.org/SASL_README.html
      >
      > Wietse
    • Wietse Venema
      ... Postfix supports TLS client certificates. ... Postfix supports more than one SASL provider. Wietse
      Message 2 of 9 , Aug 21, 2013
      • 0 Attachment
        Lang Alex:
        > Thans very much.
        >
        > It sound like "there is no way without sasl"

        Postfix supports TLS client certificates.

        > and "all roads lead to dovecot"

        Postfix supports more than one SASL provider.

        Wietse
      • Manuel Bieling
        ... A quick Google search says you can use saslauthd and link it directly to MySQL. This is the Cyrus way, but without using the IMAP server as your
        Message 3 of 9 , Aug 21, 2013
        • 0 Attachment
          On 08/21/2013 01:08 PM, Lang Alex wrote:
          > Hi there,
          >
          > -debian 7, postfix 2.9.6
          > -no local domain, no mailboxes (root also aliased out of machine)
          > -only open relay with authorized people, mysql db backend
          > -no long way: postfix -dovecot sasl - pam - mysql conect
          > -only direct: postfix - local mysql ( - view to remote dbs,thats

          A quick Google search says you can use saslauthd and link it directly to
          MySQL. This is the Cyrus way, but without using the IMAP server as your
          authentication back-end. Hope this helps.

          Manuel
        • /dev/rob0
          ... While this seems to make more sense than choosing Dovecot, I still would not advise it. Cyrus SASL requires linking at compile time (though probably not a
          Message 4 of 9 , Aug 21, 2013
          • 0 Attachment
            On Wed, Aug 21, 2013 at 03:27:08PM +0200, Manuel Bieling wrote:
            > On 08/21/2013 01:08 PM, Lang Alex wrote:
            > >-debian 7, postfix 2.9.6
            > >-no local domain, no mailboxes (root also aliased out of machine)
            > >-only open relay with authorized people, mysql db backend
            > >-no long way: postfix -dovecot sasl - pam - mysql conect
            > >-only direct: postfix - local mysql ( - view to remote dbs,thats
            >
            > A quick Google search says you can use saslauthd and link it
            > directly to MySQL. This is the Cyrus way, but without using the
            > IMAP server as your authentication back-end. Hope this helps.

            While this seems to make more sense than choosing Dovecot, I still
            would not advise it. Cyrus SASL requires linking at compile time
            (though probably not a factor with Debian's dynamic linking patch.)
            Dovecot can be simplified to only provide the auth socket (no
            IMAP/POP3) and do the SQL lookups.
            --
            http://rob0.nodns4.us/ -- system administration and consulting
            Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
          Your message has been successfully submitted and would be delivered to recipients shortly.