SASL AUTH with postfix
Hi,
I just moved from Cyrus SASL to Dovecot SASL, with postfix. Works great, and no issue with non-ascii chars, has i had with Cyrus.
With Cyrus i was getting the username/passwd via SQL, with this:
sql_select: select password from smtp_auth_users where username='%u@%r' and status='true'
worked ok for users with email addresses, and i had some special users that were just a name, like "user-1", and i was able to AUTH it. Postfix had: smtpd_sasl_local_domain = fastmail
and in the database i had the username in the format: user-1@fastmail and worked ok.
How can i have the same with dovecot SASL? Thanks in advanced,
Jorge Bastos via dovecot skrev den 2019-11-13 22:00:
How can i have the same with dovecot SASL? Thanks in advanced,
Jorge Bastos via dovecot skrev den 2019-11-13 22:00:
How can i have the same with dovecot SASL? Thanks in advanced,
https://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL
Hi benny, Thanks, That's exactly what i have in postfix:
smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes
plus: smtpd_sasl_local_domain = fastmail
but the user that i have in the table, that worked with Cyrus, in the format: "username@fastmail", it's not working with dovecot
meanwhile i was thinking, the auth is beeing made into the main table... i just figured it out now! How could i have the auth for dovecot SASL in a different table? I'd like to keep having one sql table for imap/pop3 auth, and another for smtp, This gives me the advantage of blocking only the outgoing emails for the users, in case if a password is caught, which is very handy at least for me as sysadm
Jorge Bastos via dovecot skrev den 2019-11-13 23:53:
Jorge Bastos via dovecot skrev den 2019-11-13 22:00:
plus: smtpd_sasl_local_domain = fastmail
but the user that i have in the table, that worked with Cyrus, in the format: "username@fastmail", it's not working with dovecot
if that fails dovecot have no password for that non fqdn mail
solution dont add this to postfix
in dovecot is realm setup ?
Hi Benny,
I've tried to search for the realm part in dovecot but didn't found it, Could you guide me to it?
-----Original Message----- From: dovecot <dovecot-bounces@dovecot.org> On Behalf Of Benny Pedersen via dovecot Sent: 13 de novembro de 2019 23:33 To: dovecot@dovecot.org Subject: Re: SASL AUTH with postfix
Jorge Bastos via dovecot skrev den 2019-11-13 23:53:
Jorge Bastos via dovecot skrev den 2019-11-13 22:00:
plus: smtpd_sasl_local_domain = fastmail
but the user that i have in the table, that worked with Cyrus, in the format: "username@fastmail", it's not working with dovecot
if that fails dovecot have no password for that non fqdn mail
solution dont add this to postfix
in dovecot is realm setup ?
On 2019-11-14 15:41, Benny Pedersen via dovecot wrote:
Jorge Bastos via dovecot skrev den 2019-11-14 16:25:
I've tried to search for the realm part in dovecot but didn't found it, Could you guide me to it?
doveconf -d | grep realm
doveconf -n if more help is needed
Thanks Benny,
It was in my front and didn't saw it. Now i need to go further, have the SASL auth being read from a diferrent table than the password_query for *sql.
In the below conf, would it be possible and how, to check an specific sql table for auth?
service auth {
Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0660
# Assuming the default Postfix user and group
user = postfix
group = postfix
}}
On 2019-11-14 22:57, Jorge Bastos via dovecot wrote:
It was in my front and didn't saw it. Now i need to go further, have the SASL auth being read from a diferrent table than the password_query for *sql.
https://doc.dovecot.org/configuration_manual/authentication/sql/
In the below conf, would it be possible and how, to check an specific sql table for auth?
missguiding, the auth below is just the dovecot socket for dovecot-sasl auth in postfix
for sql baackends you need to read above link, are you have solved the realm problem or want to ditt it ?
service auth {
Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth { mode = 0660 # Assuming the default Postfix user and group user = postfix group = postfix }}
participants (3)
-
Benny Pedersen
-
Benny Pedersen
-
Jorge Bastos