On Sat, 16 Sep 2006, Gerard Seibert wrote:
On Saturday 16 September 2006 13:46, Dag Wieers wrote:
But I found a workaround, apparently authsasld is able to authenticate against dovecot IMAP using 'rimap' authentication mechanism. Sadly this means I have to enable PLAIN IMAP password authentication in dovecot.
Where did you find the documentation for 'rimap'? I might like to look into it also.
It was vaguely mentioned in the saslauthd manpage. As a result, when I skimmed the file I had no clue what it meant :)
On a RHEL4, what is required is this:
/etc/sysconfig/saslauthd:
MECH=rimap
FLAGS="-O 127.0.0.1 -r"
The -r was required so a username like "user@realm" is forwarded verbatim to dovecot. The -O option is the new way to specify the IMAP hostname/ip, this used to be -H. You can debug using -d.
Also I had to change the saslauthd conf-file as used by postfix:
/usr/lib64/sasl/smtpd.conf
saslauthd_version: 2
pwcheck_method: saslauthd
mech_list: plain login
and /etc/lib64/sasl2/smtpd.conf pwcheck_method: saslauthd mech_list: plain login
The previous method I used was auxprop, but that seemed to interfere with rimap.
I'd be happy to receive feedback about this, as I'm not sure if all these changes were necessary. Other improvements are welcomed as well :)
Kind regards, -- dag wieers, dag@wieers.com, http://dag.wieers.com/ -- [all I want is a warm bed and a kind word and unlimited power]