Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
postfix:smtp-auth [2006/03/21 21:34] a created |
postfix:smtp-auth [2009/05/25 00:35] (current) |
||
---|---|---|---|
Line 2: | Line 2: | ||
**'' | **'' | ||
smtpd_recipient_restrictions = | smtpd_recipient_restrictions = | ||
- | reject_unauth_pipelining, | + | ... |
- | | + | |
- | reject_non_fqdn_recipient, | + | ... |
- | reject_unknown_sender_domain, | + | |
- | reject_unknown_recipient_domain, | + | |
- | permit_mynetworks, | + | |
- | | + | |
- | | + | |
- | reject_rbl_client relays.ordb.org | + | |
- | reject_rbl_client list.dsbl.org, | + | |
- | reject | + | |
smtp_use_tls = yes | smtp_use_tls = yes | ||
smtpd_tls_auth_only = no | smtpd_tls_auth_only = no | ||
+ | | ||
tls_random_source = dev:/ | tls_random_source = dev:/ | ||
tls_daemon_random_source = $tls_random_source | tls_daemon_random_source = $tls_random_source | ||
+ | | ||
+ | # [[How to make SSL key]] FIXME | ||
smtpd_tls_cert_file = / | smtpd_tls_cert_file = / | ||
smtpd_tls_key_file = / | smtpd_tls_key_file = / | ||
smtpd_use_tls = yes | smtpd_use_tls = yes | ||
+ | | ||
smtpd_sasl_auth_enable = yes | smtpd_sasl_auth_enable = yes | ||
smtpd_sasl_security_options = noanonymous | smtpd_sasl_security_options = noanonymous | ||
smtp_sasl_security_options = noanonymous | smtp_sasl_security_options = noanonymous | ||
smtpd_sasl_local_domain = | smtpd_sasl_local_domain = | ||
- | |||
==== sasl + pam-mysql (encrypted passwords in db) ==== | ==== sasl + pam-mysql (encrypted passwords in db) ==== | ||
- | ==== the other way ==== | ||
+ | === Installing the saslauthd and connection with pam.d === | ||
+ | # apt-get install libsasl2 libsasl2-modules libsasl2-modules-sql sasl2-bin | ||
+ | **''/ | ||
+ | # This needs to be uncommented before saslauthd will be run automatically | ||
+ | | ||
+ | # You must specify the authentication mechanisms you wish to use. | ||
+ | # This defaults to " | ||
+ | # " | ||
+ | # MECHANISMS=" | ||
+ | | ||
+ | |||
+ | === Postix-extra configuration === | ||
+ | |||
+ | **''/ | ||
+ | # | ||
+ | | ||
+ | | ||
+ | # | ||
+ | | ||
+ | |||
+ | in this case you cannot use CRAM-MD5, DIGEST-MD5 password hashes, bause cannot they cannot be generated since the password are already oneway encripted in the database; | ||
+ | |||
+ | === pam.d-mysql === | ||
+ | |||
+ | # apt-get install libpam-mysql | ||
+ | |||
+ | **''/ | ||
+ | auth required pam_mysql.so host=< | ||
+ | | ||
+ | | ||
+ | | ||
+ | |||
+ | |||
+ | ==== the other way ==== |