Stephen Ingram:
> Reading through some very old posts on the list it seems as though,
> although not very popular, it is possible to perform authentication in
> Postfix using GSSAPI. Setting up the keytab for the smtpd server seems
> straightforward enough, however, I'm unsure what to do when it comes
> to the smtp or lmtp client. I'm guessing that these services would
> require tickets to connect to another postfix instance or mail store
> like cyrus-imap, but there doesn't seem to be a way to obtain those
> tickets. Is something like a cron job for user postfix that obtains a
> ticket from an accessible keytab the best way to go or does Postfix
> have some other built-in means to kinit for the tickets?
Postfix does not implement GSSAPI. Postfix does not implement SASL,
either.
Postfix proxies commands and responses between a remote host and
a local SASL implementation *outside Postfix*.
The SASL implementation does all the GSSAPI stuff. Your question
is therefore best directed at the SASL provider's documentation.
Wietse
