I had trouble with the getpwent flag, so since the same box also does
IMAP*
this works for me:
$ cat /usr/local/lib/sasl2/Sendmail.conf
pwcheck_method: saslauthd
$ grep sas /etc/rc.local
if [ -x /usr/local/sbin/saslauthd ]; then
echo -n ' saslauthd'; /usr/local/sbin/saslauthd -a rimap -O
127.0.0.1 -V
$ pkg_info | grep -e sas -e imap
cyrus-sasl-2.1.22p2-db4 RFC 2222 SASL (Simple Authentication and
Security Layer)
imap-uw-2007-plaintext University of Washington IMAP4rev1/POP2/POP3
mail servers
(old versions I know...)
[*] actually IMAP listens on loopback (for squirrelmail), and IMAPS on
external i/fs via stunnel.
just to save you hours of sendmail joy, excerpt from: /usr/share/
sendmail/cf/myserver.mc
dnl ## disable default listeners ##
FEATURE(`no_default_msa')dnl
dnl
dnl ## port25 v4 loopback listener for local submission, and inbound
passed spamd ##
DAEMON_OPTIONS(`Family=inet, Address=127.0.0.1, Name=MTA, M=EA')dnl
dnl
dnl ## port587 for roaming submission with a=auth E=disable ETRN ##
DAEMON_OPTIONS(`Family=inet, Address=0.0.0.0, Port=587, Name=MSA,
M=Ea')dnl
dnl
dnl ## port 465 for SMTP o/SSL for MS clients - s=SSL
DAEMON_OPTIONS(`Family=inet, Address=0.0.0.0, Port=465, Name=MSCRAP,
M=Eas')dnl
dnl
dnl ## SASL AUTH ## OS.X++ use PLAIN, MSOE uses LOGIN
TRUST_AUTH_MECH(`PLAIN LOGIN')dnl
define(`confAUTH_MECHANISMS', `PLAIN LOGIN')dnl
define(`confAUTH_OPTIONS', `p')dnl
dnl
dnl debug with:
define(`confLOG_LEVEL', `63')dnl
/Pete
On 27. aug.. 2009, at 21.48, stupidmail4me wrote:
I know this topic has been touched on before but I have what I
believe is a simple question.
Instead of creating a SASL password db and having to keep two
password databases in check I want SASL to use OpenBSD's password
file. There's no definitive answer so I want to try and put it out
there.
In /usr/local/lib/sasl2/Sendmail.conf I would have pwcheck_method:
saslauthd. This would tell Sendmail to use saslauthd to authenticate
SMTP connections. I would start saslauthd with the -a getpwent flag
to have it check not against a SASL password database but against
the system database.
Are my assumptions correct?
