| 1 |
I use stunnel to wrap imap and pop3. For SMTP I have TLS authentication |
| 2 |
using the saslauthd deamon and postfix. I have many virtual domains, but |
| 3 |
all accounts are local/plain unix accounts. Most do not have shell access. |
| 4 |
|
| 5 |
I use the following use flags |
| 6 |
mail-mta/postfix pam sasl ssl |
| 7 |
dev-libs/cyrus-sasl berkdb crypt ntlm_unsupported_patch pam ssl |
| 8 |
|
| 9 |
emerge --unmerge qmail |
| 10 |
emerge postfix |
| 11 |
|
| 12 |
in main.cf I have: |
| 13 |
smtpd_sasl_auth_enable = yes |
| 14 |
smtpd_sasl_security_options = noanonymous |
| 15 |
broken_sasl_auth_clients = yes |
| 16 |
smtpd_use_tls = yes |
| 17 |
smtpd_tls_auth_only = yes |
| 18 |
smtpd_tls_key_file = /etc/stunnel/stunnel.pem |
| 19 |
smtpd_tls_cert_file = /etc/stunnel/stunnel.pem |
| 20 |
smtpd_tls_CAfile = /etc/stunnel/stunnel.pem |
| 21 |
smtpd_tls_received_header = yes |
| 22 |
smtpd_tls_session_cache_timeout = 3600s |
| 23 |
tls_random_source = dev:/dev/urandom |
| 24 |
|
| 25 |
(I just use the same key from stunnel for TLS... I duno if it is even |
| 26 |
needed or not) |
| 27 |
|
| 28 |
~ # cat /etc/sasl2/smtpd.conf |
| 29 |
pwcheck_method: saslauthd |
| 30 |
log_level: 3 |
| 31 |
mech_list: PLAIN LOGIN |
| 32 |
authdaemond_path:/var/lib/sasl2/mux |
| 33 |
|
| 34 |
~ # grep -v -- \# /etc/conf.d/saslauthd |
| 35 |
SASLAUTHD_OPTS="${SASLAUTH_MECH} -a shadow -r" |
| 36 |
|
| 37 |
If you guys have any problems with the above... I lurk on this list if |
| 38 |
you need help. |
| 39 |
|
| 40 |
Tito Valentin wrote: |
| 41 |
> Hello list: |
| 42 |
> |
| 43 |
> I have been trying to get SMTP authentication on Gentoo to work with no |
| 44 |
> success. I am running qmail (netqmail package) with dovecot and |
| 45 |
> saslauth. |
| 46 |
> I am able to connect and read my mail through IMAP fine. The problem is |
| 47 |
> that I cannot send email using my own SMTP server due to an |
| 48 |
> authentication |
| 49 |
> issue. Every time we try to send email out we get an error saying |
| 50 |
> that it |
| 51 |
> cannot establish a connection because I am not part of the allowed |
| 52 |
> rcphost |
| 53 |
> list. I tried adding the remote host in the rcpthosts database but the |
| 54 |
> problem persists. The only error I see in the log files for dovecot is |
| 55 |
> "Disconnected" |
| 56 |
> |
| 57 |
> Can anyone point me in the right direction as to why I can't be |
| 58 |
> authenticated when sending email out? Another thing is, it keeps |
| 59 |
> prompting me for my passwd. |
| 60 |
> |
| 61 |
> GV |
| 62 |
> |
| 63 |
|
| 64 |
-- |
| 65 |
gentoo-user@g.o mailing list |
Archives