From 1991283e6b44edc4f190cfc61080944a829e4cd7 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Wed, 14 Nov 2012 11:03:58 +0100 Subject: Added the LOGIN SASL authentication mechanism. --- fripost-docs.org | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/fripost-docs.org b/fripost-docs.org index 13a772f..aa0ff35 100644 --- a/fripost-docs.org +++ b/fripost-docs.org @@ -1340,7 +1340,7 @@ TODO: add the necessary configuration files **** Install packages -sudo aptitude install postfix postfix-ldap +sudo aptitude install postfix :: /etc/postfix/main.cf @@ -1434,6 +1434,8 @@ To do it by hand, copy the files (don't forget the symlink targets) under The issue is fixed under Postfix 2.8. For the time being, a script to automatize the above process can be found in the fripost-admin repository. + $~ sudo postfix-fixcerts.sh + **** Configure SASLauthd :: /etc/default/saslauthd @@ -1490,6 +1492,9 @@ If everything goes through, it is now time to modify Postfix's main.cf: reject_unauth_destination [...] + :: /etc/postfix/sasl/smtpd.conf + pwcheck_method: saslauthd + mech_list: PLAIN LOGIN Finally, we can add the submission service to our master.cf, with customized policy: @@ -1534,11 +1539,10 @@ What the user type is here emphasized and prefixed with a `*' Verify return code: 0 (ok) --- 250 DSN - * EHLO localhost.localdomain + * EHLO localhost [...] 250-ETRN 250-AUTH LOGIN PLAIN - 250-AUTH=LOGIN PLAIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN @@ -1561,7 +1565,7 @@ can be obtained by the command echo -ne '\000user@fripost.org\000user' | openssl base64 -or slightly better (does not write password in your ~/.bash_history) +or slightly better (does not write password in the ~/.bash_history) read U PW; echo -ne "\000$U\000$PW" | openssl base64 -- cgit v1.2.3