|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
foil
mothra.dyndns.org
Date: Mon Mar 03 2003 - 13:19:05 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Hello,
I've been wrestling with SASL, Debian and postfix for a while now, and
I think I've finally gotten it. The key problem was that after
reading a particular news:mailing.postfix.users entry, it appears that
the CRAM-MD5 driver that's in the sasl library always authenticates
against sasldb, even if the sasl library is configured to authenticate
against PAM or whatever.
I've found that this is true. It causes major problems though since a
number of clients (particularly Eudora) always use CRAM-MD5 if it's
available.
The only fix seems to be to delete the /usr/lib/sasl/libcrammd5*
libraries in order to effectively drop support for CRAM-MD5. If you
don't, then you're pretty much lost regardless of what other
configuration is done.
Of course this pretty much sucks since it means you can't do
authentication against non-sasldb sources and support CRAM-MD5 at the
same time, but it doesn't appear to be postfix's fault. Anyway, I've
been having such a hell of time with this, I thought I'd post it so
people who find themselves in my sitation might benefit from it if
they search the archives.
The link to the information relating to the cram-md5 method:
http://groups.google.com/groups?q=group:mailing.postfix.users+insubject:SASL+insubject:authentication+insubject:in+insubject:debian+author:markus.schabel%40tgm.ac.at&hl=en&lr=&ie=UTF-8&oe=UTF-8&selm=b3n98g%241527%241%40FreeBSD.csie.NCTU.edu.tw&rnum=1
Once CRAM-MD5 support is dropped, Eudora and other clients fall back
to AUTH LOGIN which isn't the best, but is better than not working at
all.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]