FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian ISP

 
 
LinkBack Thread Tools
 
Old 01-25-2010, 09:36 AM
Marek Podmaka
 
Default Postfix + Cyrus-SASL passwords

Hello all,

Does anyone use this combination for smtp auth? Do you have passwords
stored in plaintext? I have read that without special patches cyrus
does not support crypted passwords in SQL database. I have found this
patch, but isn't something already integrated into debian packages? It
is not very secure to have plaintext passwords stored anywhere these
days...

http://www.gergely.risko.hu/cyrus-sasl.en.html



--
bYE, Marki


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 01-25-2010, 09:55 AM
Christian Schoepplein
 
Default Postfix + Cyrus-SASL passwords

Hi,

On Mo, Jan 25, 2010 at 11:36:40 +0100, Marek Podmaka wrote:
>Does anyone use this combination for smtp auth? Do you have passwords
>stored in plaintext?

Both yes .

>I have read that without special patches cyrus
>does not support crypted passwords in SQL database. I have found this
>patch, but isn't something already integrated into debian packages? It
>is not very secure to have plaintext passwords stored anywhere these
>days...

Yes, but I think you'll have to patch cyrus if you like to use crypted
passwords, unfortunatly . We use the setup with plaintext passwords on
FreeBSD, but I think it is the same with Debian .


Ciao,

Schoepp


--
Christian Schoepplein <chris at schoeppi.net>
 
Old 01-25-2010, 11:07 AM
Emanuele Balla
 
Default Postfix + Cyrus-SASL passwords

On 1/25/10 11:36 AM, Marek Podmaka wrote:
> Hello all,
>
> Does anyone use this combination for smtp auth? Do you have passwords
> stored in plaintext? I have read that without special patches cyrus
> does not support crypted passwords in SQL database. I have found this
> patch, but isn't something already integrated into debian packages? It
> is not very secure to have plaintext passwords stored anywhere these
> days...

If you plan to use SASL just to authenticate postfix, it may be simpler
for you to use dovecot as the authenticator instead.


Otherwise, I managed to authenticate on MySQL with hashed passwords on
sarge and etch, in the past, having SASL authenticating on PAM and PAM
using pam_mysql.so.

Works, but sucks.

--
# Emanuele Balla # #
# System & Network Engineer # Cell: +39 348 7747907 #
# Spin s.r.l. # Phone: +39 040 9869090 #
# Trieste # Email: balla@staff.spin.it #


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 01-25-2010, 12:07 PM
Marek Podmaka
 
Default Postfix + Cyrus-SASL passwords

Hello,

Monday, January 25, 2010, 13:07:11, Emanuele Balla wrote:

> Otherwise, I managed to authenticate on MySQL with hashed passwords on
> sarge and etch, in the past, having SASL authenticating on PAM and PAM
> using pam_mysql.so.

> Works, but sucks.

Friend suggested me using saslauthd to authentificate over imap. I
have Courier-IMAP which should support crypted passwords in SQL, so
I'm going to check that...

--
bYE, Marki


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 10:02 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org