hello,

i tried to use the "dovecot sasl" with postfix using pam as backend (actually pam_krb5) but it doesn't work.

dovecot runs well as pop3 server authenticating with the pam_krb5 module with the config below, but it doesn't even connect with the kerberos server (a remote AD 2003) when it's called from postfix.

--------dovecot.conf--------- protocols = pop3 pop3s imap imaps disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " mail_location = maildir:/var/mail/vhosts/turboden.net/%Ln/ mail_extra_groups = mail protocol imap { }

protocol pop3 { pop3_uidl_format = %08Xu%08Xv } auth_default_realm = MYCORP.LOCAL auth_verbose = yes auth_debug = yes auth default { mechanisms = plain login passdb pam { args = dovecot } userdb static { args = uid=5000 gid=5000 } user = root socket listen { client { path = /var/spool/postfix/private/auth mode = 0660 user = postfix group = postfix } } } dict { } plugin { }

-----/etc/pam.d/dovecot------ auth required pam_krb5.so no_ccache ignore_root debug account required pam_permit.so

from syslog i only get: Mar 8 10:52:38 muletto dovecot: auth(default): client in: AUTH^I1^Iplain^Iservice=smtp^Iresp=<hidden> Mar 8 10:52:38 muletto dovecot: auth(default): passdb(username@MYCORP.LOCAL,master): Attempted master login with no master passdbs Mar 8 10:52:39 muletto dovecot: auth(default): client out: FAIL^I1^Iuser=username@MYCORP.LOCAL

note that it doesn't care about the content of the /etc/pam.d/dovecot when dovecot is called by postfix.

does the dovecot-sasl authentication works with the pam backend? maybe i should rename (or copy) the /etc/pam.d/dovecot to another name?

let me know.

bye.