|
(please note that this is a "dirty hack", a better explanation how
everything is and how to make
it working can be found in a wonderful Postfix: SMTP AUTH (and TLS) HOWTO)
This basically summarizes how to make it work :(
# apt-get install libsasl2{,-modules}
# apt-get install sasl2-bin
Make sure the file /etc/default/saslauthd has the START=yes line
uncommented.
# dpkg-statoverride --force --add root sasl 711 /var/run/saslauthd
# /etc/init.d/saslauthd stop
# /etc/init.d/saslauthd start
(this effectively changes the ownership of /var/run/saslauthd directory)
Make sure that the file /etc/pam.d/smtp exists and has a reasonable
configuration or that the file /etc/pam.d/smtp does not exist, and the file
/etc/pam.d/other has a correct configuration
(I strongly suggest to create the file /etc/pam.d/smtp and modify it
accordingly)
This instruction was checked with the postfix version 2.0.14-1, and
postfix-tls version 2.0.14-1, but it also proved to work with other version
(which I am not going to specify to avoid the confusion).
# apt-get install postfix{,-tls}
Make sure that smtpd that receives the smtp/smtps requests where authentication
might occur is not chroot-ed. otherwise you might need to perform a lot of
copying symlinking etc (file to check: /etc/postfix/master.cf)
Make sure that the parameter
smtpd_sasl_local_domain =
(in /etc/postfix/main.cf) is exactly like this (nothing at all) and
not something like (smtpd_sasl_local_domain = "" (shameless plug: in certain
cases you might want to check my pam-module pam_realm)). These two are defining completely
different things.
And, as it turned out this is useful, you may consider putting these lines
into your /etc/postfix/sasl/smtpd.conf:
pwcheck_method: saslauthd
mech_list: plain login
(files to help to understand what is happening and how to solve the problems
are: /var/log/mail.log, /var/log/auth.log,
/usr/share/doc/postfix/SASL_README.gz (provided the package
postfix-doc is installed))
If you have any questions, you can contact me “Mikhail Sobolev
<mss@mawhrin.net>”
|