Added the LOGIN SASL authentication mechanism.

1 files changed, 8 insertions, 4 deletions

diff --git a/fripost-docs.org b/fripost-docs.org
index 13a772f..aa0ff35 100644
--- a/fripost-docs.org
+++ b/fripost-docs.org
@@ -1340,7 +1340,7 @@ TODO: add the necessary configuration files
 
 **** Install packages
 
-sudo aptitude install postfix postfix-ldap
+sudo aptitude install postfix
 
 :: /etc/postfix/main.cf
 
@@ -1434,6 +1434,8 @@ To do it by hand, copy the files (don't forget the symlink targets) under
 The issue is fixed under Postfix 2.8. For the time being, a script to automatize
 the above process can be found in the fripost-admin repository.
 
+  $~ sudo postfix-fixcerts.sh
+
 **** Configure SASLauthd
 
  :: /etc/default/saslauthd
@@ -1490,6 +1492,9 @@ If everything goes through, it is now time to modify Postfix's main.cf:
             reject_unauth_destination
     [...]
 
+  :: /etc/postfix/sasl/smtpd.conf
+    pwcheck_method: saslauthd
+    mech_list: PLAIN LOGIN
 
 Finally, we can add the submission service to our master.cf, with customized policy:
 
@@ -1534,11 +1539,10 @@ What the user type is here emphasized and prefixed with a `*'
          Verify return code: 0 (ok)
      ---
      250 DSN
-  *  EHLO localhost.localdomain
+  *  EHLO localhost
      [...]
      250-ETRN
      250-AUTH LOGIN PLAIN
-     250-AUTH=LOGIN PLAIN
      250-ENHANCEDSTATUSCODES
      250-8BITMIME
      250 DSN
@@ -1561,7 +1565,7 @@ can be obtained by the command
 
     echo -ne '\000user@fripost.org\000user' | openssl base64
 
-or slightly better (does not write password in your ~/.bash_history)
+or slightly better (does not write password in the ~/.bash_history)
 
     read U PW; echo -ne "\000$U\000$PW" | openssl base64