Cool, Paul. I plain forgot.
I should have said using saslauthd w/pam_mysql.so dictates you must use
plain text passwords for user accounts in DBMail system.
I once used cyrus saslauthd =>UW IMAP together. But DBMail's RDBMS storage
allows quick access to user and mail data for many things none the least of
which is authentication. It's faster.Verify from the database directly as I
would ask LDAP. The former seems to be the way of the future but I have no
crystal ball.
Having saslauthd ask the DBMail IMAP daemon to fetch the user data from the
MySQL server is cute but it strikes me as adding a significant extra step
and CPU utilization plus when busy, spawned children and processes.... etc.
when sasl can just get the data directly from the RDBMS.
Do you have any experience to compare imap vs mysql direct authentication
for sasl on DBMail? I like the idea but... maybe I should test that out a
bit and do a wiki. What do you put into /usr/local/lib/sasl2/smtpd.conf ?
BTW svn trunk rocks -- very stable with recent changes. Congrats.
best...
Mike
----- Original Message -----
From: "Paul J Stevens" <[EMAIL PROTECTED]>
To: "DBMail mailinglist" <[email protected]>
Sent: Wednesday, March 08, 2006 4:28 PM
Subject: Re: [Dbmail] Client Support
M. J. [Mike] O'Brien wrote:
Hello Jim...
I just add a little to what our friend Micah was saying:
SASL is certainly not a problem but is apart from DBMail except to note
that using SASL dictates you must use plain text passwords for user
accounts in DBMail system.
Not quite true. You can use the imap authentication mechanism for
saslauthd which can be used against the dbmail-imapd directly. Or if you
use ldap support you can use the pam mechanism against your ldap database.
So if you run debian you do:
apt-get install sasl2-bin libsasl2-modules
cat /etc/default/saslauthd << EOF
START=yes
MECHANISMS="rimap -O localhost"
EOF
/etc/init.d/saslauthd restart
And your sasl installation is ready to authenticate against your dbmail
users, in whatever form.
