Hi All Thank you for the mailing list resource and thanks in advance for any help/advice.
I have a question about SASL (auth) in Postfix, particularly WRT setup when compiling from source. I searched in the mailing list archive but I don’t seem to see email(s) specifically covering my question. Background: I am setting up (replacing an old server) a home mail server for: Sending (via a paid relay service to improve/guarantee delivery) email via SMTP Accepting email from authorised users via submission (port 587) Receiving domain email (port 25) for delivery to IMAP mailboxes accessible via secure IMAP (port 993) The server is running Rocky (RHEL) 9. I want to use Dovecot, not Cyrus, for the IMAP server. I have had previous experience installing Postfix (from OS package), but not Dovecot as yet, I am learning that. I am compiling from source because the standard RHEL package version is only up to 3.5.25, but the version on the Postfix site is 3.10.7. The version 3.5.x update support ended in March 2024 — so compiling from source is really a must it seems to me. I carefully went through the documentation for compiling the system plus compiling SASL & TLS support. The makefiles command I used was: make makefiles CCARGS="-DUSE_SASL_AUTH -DDEF_SERVER_SASL_TYPE=\\\"dovecot\\\" -DUSE_TLS" AUXLIBS="-lssl -lcrypto" (nothing for Cyrus as can be seen). Running 'make makefiles' worked OK, then ‘make' then 'make install'. However now I am stuck on the implementation/usage of SASL in the system as I see there are two parts/aspects to it: 1) smtpd — which I take it is shown via: postconf -a (SASL support in the SMTP server) = dovecot 2) smtp — which I take it is shown via: postconf -A (SASL support in the SMTP+LMTP client) = BLANK So, as I understand (from also looking at the Dovecot documentation), smtpd is used/connected to Dovecot for authenticating users connecting to their mailboxes via IMAP. That should be fine, I am working on setting that up. But my problem now is SASL over smtp — which I seem to read now Dovecot does not support. So — it seems — I MUST use Cyrus for that. Currently my compiled Postfix has no support for smtp SASL (postconf -A is empty). But it seems I need it for Postfix to authenticate to the relay host server. relayhost = [relay.service.company]:2525 smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/relay_server_auth So my questions are: It is correct I need *both* Dovecot (preferred IMAP server) and Cyrus SASL for all the things I need to do? Dovecot SASL is only needed for IMAP users? Cyrus SASL won’t affect that? If I install Cyrus for SASL I don’t want the whole huge Cyrus IMAP server setup — I believe I can just install cyrus-sasl on the system. If I need to add Cyrus PLUS Dovecot in the compile makefiles CCARGS option what would that look like? If I recompile and do a make install (I believe it will need to be 'make install’ not ‘make upgrade’) I believe I should save my configuration files beforehand as they may be overwritten. Will ‘make install’ (fully) overwrite the existing installation cleanly/OK? Sorry for long email, I thought the background would be helpful. Regards Patrick
_______________________________________________ Postfix-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
