Admin/SetupGuides/SaslAuthD

SaslAuthD Setup

Daemon required for smtp authentication on the mail server.

Packages required:

For postfix to use sasl /etc/postfix/sasl/smtpd.conf must contain:

pwcheck_method: saslauthd
mech_list: plain login

To be started with /etc/init.d/saslauthd

/etc/default/saslauthd must have:

START=yes
PWDIR=/var/spool/postfix/var/run/saslauthd
PIDFILE="$PWDIR/saslauthd.pid"
PARAMS="$PARAMS -m $PWDIR"
MECHANISMS="pam"

PWDIR must also exist. This is so postfix can access saslauthd inside it's chroot.

If /etc/init.d/saslauthd doesn't work you must add $PWDIR to the statoverride list

# dpkg-statoverride --add postfix sasl 710 /var/spool/postfix/var/run/saslauthd

To enable sasl in postfix the following must be in main.cf:

smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, check_relay_domains
smtpd_sender_restrictions = permit_sasl_authenticated, reject_unknown_sender_domain, reject_maps_rbl
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =

To only allow smtp auth for TLS connections:

smtpd_tls_auth_only=yes

last edited 2006-02-17 10:50:28 by 83-71-24-225