[Dovecot] Dovecot using authsasld

Dag Wieers dag at wieers.com
Sat Sep 16 21:05:15 EEST 2006


On Sat, 16 Sep 2006, Gerard Seibert wrote:

> On Saturday 16 September 2006 13:46, Dag Wieers wrote:
> 
> > But I found a workaround, apparently authsasld is able to authenticate
> > against dovecot IMAP using 'rimap' authentication mechanism. Sadly this
> > means I have to enable PLAIN IMAP password authentication in dovecot.
> 
> Where did you find the documentation for 'rimap'? I might like to look into 
> it also.

It was vaguely mentioned in the saslauthd manpage. As a result, when I 
skimmed the file I had no clue what it meant :)

On a RHEL4, what is required is this:

	/etc/sysconfig/saslauthd:
		MECH=rimap
		FLAGS="-O 127.0.0.1 -r"

The -r was required so a username like "user at realm" is forwarded verbatim 
to dovecot. The -O option is the new way to specify the IMAP 
hostname/ip, this used to be -H. You can debug using -d.

Also I had to change the saslauthd conf-file as used by postfix:

	/usr/lib64/sasl/smtpd.conf
		saslauthd_version: 2
		pwcheck_method: saslauthd
		mech_list: plain login
and
	/etc/lib64/sasl2/smtpd.conf
		pwcheck_method: saslauthd
		mech_list: plain login

The previous method I used was auxprop, but that seemed to interfere with 
rimap.

I'd be happy to receive feedback about this, as I'm not sure if all these 
changes were necessary. Other improvements are welcomed as well :)

Kind regards,
--   dag wieers,  dag at wieers.com,  http://dag.wieers.com/   --
[all I want is a warm bed and a kind word and unlimited power]


More information about the dovecot mailing list