Enabling smtp authentication on postfix with users in another smtp server

Question

I am trying to replace an existing qmail installation with postfix.

Qmail is currently authenticating outgoing smtp from users clients with a perl script. This script checks user's provided username+password performing a AUTH LOGIN check on another external smtp server.

If the remote server responds with 235 return code, the provided username/password are ok and user is authenticated for qmail as well.

From what I understand it is possibile to use Cyrus or Dovecot SASL libraries on postfix to authenticate users, is it possibile to configure saslauthd or any of those libraries to replicate the perl script behaviour?

Unluckyly I do not have any other kind of access to the external smtp server cointaining users and passwords, I only can test AUTH LOGIN on an smtp connection.

Thanks

Postfix can accept SASL plugins, if you're willing to make a perl script that does that, and acts like a SASL implementer, I guess you could.. — NickW, Mar 01 '13 at 16:32
yup I was suspecting that... could you point out any example of plugin? Would that be easier with saslauthd or just sasl lib ? Thanks — golemwashere, Mar 01 '13 at 16:39
http://sepp.oetiker.ch/sasl-2.1.19-ds/plugprog.html, which talks about developing a plugin for the cyrus sasl implementation, it might be something worth exploring.. especially the auxprop part. — NickW, Mar 01 '13 at 16:45
that's a nice starting point thanks... if there could be any existing implementation in perl , maybe using http://search.cpan.org/~pboettch/Authen-SASL-Cyrus-0.13-server/Cyrus.pod would be great — golemwashere, Mar 01 '13 at 17:00
You're drifting way out of my skills range, but I wish you luck in the search.. — NickW, Mar 01 '13 at 17:01

golemwashere · Accepted Answer · 2013-03-05T20:22:04.897

0

I found a perl implementation for saslauthd which is compatible with postfix :

POE-Component-SASLAuthd

I configured postfix to use salsauthd:

/etc/sasl2/smtpd.conf:
    pwcheck_method: saslauthd
    mech_list: PLAIN LOGIN

and pointed the socket for salsauthd in

/var/run/saslauthd/mux

this implementation can be easyly customized to authenticate using various perl implementations

edited Mar 05 '13 at 20:22

answered Mar 05 '13 at 14:11

golemwashere

724
1
10
21

Glad to hear you got things working! – NickW Mar 05 '13 at 14:37

Enabling smtp authentication on postfix with users in another smtp server

1 Answers1