Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: DBMail: users

Using sasl with dbmail and md5 login

 

 

DBMail users RSS feed   Index | Next | Previous | View Threaded


lelandj at mail

Feb 5, 2010, 6:42 AM

Post #1 of 16 (1824 views)
Permalink
Using sasl with dbmail and md5 login

Whoops, here is the email again without HTML stripping line feeds and
carriage returns:

I need to configure sasl for dbmail to allow postfix fo relay emails sent
from a couple of roaming users via their iphones. The Iphones connect to
different networks wirelessly, as the users roam about. The iPones receive
a dynamic IP address from the network to which they connect. It is my
understanding that postfix will allow relaying of emails from remote users
that can connect to the mail server using sasl.

I used Cyrus with sasl four or five years ago and had sasl configured to
work with it using the sasldb file, which stored users names and passwords,
but I'm currently using Dbmail Administrator to add/delete users using MD5
authentication.

Below is the /etc/imapd.conf file on my Fedora 6 mail server:

allowplaintext: yes
hashimapspool: 1
sasl_mech_list: PLAIN
sharedprefix: shared
virtdomains: 0
maxmessagesize: 5000000
sievedir: /var/lib/imap/sieve
admins: cyrus root
sasl_pwcheck_method: saslauthd
configdirectory: /var/lib/imap
tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt
altnamespace: 1
autocreatequota_units: 1
tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
sendmail: /usr/sbin/sendmail
unixhierarchysep: 1
partition-default: /var/spool/imap
sieve_maxscriptsize: 320
userprefix: user
tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem

Regards,

LelandJ

--
View this message in context: http://old.nabble.com/Using-sasl-with-dbmail-and-md5-login-tp27468767p27468767.html
Sent from the dbmail users mailing list archive at Nabble.com.

_______________________________________________
DBmail mailing list
DBmail [at] dbmail
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail


lelandj at mail

Feb 5, 2010, 6:36 AM

Post #2 of 16 (1779 views)
Permalink
Using sasl with dbmail and md5 login [In reply to]

I need to configure sasl for dbmail to allow postfix fo relay emails sent
from a couple of roaming users via their iphones. The Iphones connect to
different networks wirelessly as the users roam about. The iPones receive a
dynamic IP address from the network to which it connects. It is my
understanding that postfix will allow relaying of emails from remote user
that can connect to the mail server using sasl.

I used Cyrus with sasl four or five years ago and had sasl configured to
work with it using the sasl.db file to create users and passwords, but I
currently using Dbmail Administrator to add/delete users.

Below is the /etc/imapd.conf file on my Fedora 6 mail server:

allowplaintext: yes
hashimapspool: 1
sasl_mech_list: PLAIN
sharedprefix: shared
virtdomains: 0
maxmessagesize: 5000000
sievedir: /var/lib/imap/sieve
admins: cyrus root
sasl_pwcheck_method: saslauthd
configdirectory: /var/lib/imap
tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt
altnamespace: 1
autocreatequota_units: 1
tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
sendmail: /usr/sbin/sendmail
unixhierarchysep: 1
partition-default: /var/spool/imap
sieve_maxscriptsize: 320
userprefix: user
tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem

Regards,

LelandJ

--
View this message in context: http://old.nabble.com/Using-sasl-with-dbmail-and-md5-login-tp27468622p27468622.html
Sent from the dbmail users mailing list archive at Nabble.com.


h.reindl at thelounge

Feb 5, 2010, 6:57 AM

Post #3 of 16 (1778 views)
Permalink
Re: Using sasl with dbmail and md5 login [In reply to]

We are using dovecot as imap/pop3-proxy which solves CRAM-MD5, NTLM,
POP3S, IMAPS, TLS and other nice things and can also be used for
postfix-sasl-auth.

But passwords should be plaintext in the userdb if you want
MD5-Authentication because dovecot takes the password from
the databases and calculates himself the hash to verify
with the one from the client

http://www.postfix.org/SASL_README.html#server_dovecot

So you have ONE software for all authentications which can also
replace chars in usernames as we need for % to @

Am 05.02.2010 15:42, schrieb lelandj:
>
> Whoops, here is the email again without HTML stripping line feeds and
> carriage returns:
>
> I need to configure sasl for dbmail to allow postfix fo relay emails sent
> from a couple of roaming users via their iphones. The Iphones connect to
> different networks wirelessly, as the users roam about. The iPones receive
> a dynamic IP address from the network to which they connect. It is my
> understanding that postfix will allow relaying of emails from remote users
> that can connect to the mail server using sasl.
>
> I used Cyrus with sasl four or five years ago and had sasl configured to
> work with it using the sasldb file, which stored users names and passwords,
> but I'm currently using Dbmail Administrator to add/delete users using MD5
> authentication.
>
> Below is the /etc/imapd.conf file on my Fedora 6 mail server:
>
> allowplaintext: yes
> hashimapspool: 1
> sasl_mech_list: PLAIN
> sharedprefix: shared
> virtdomains: 0
> maxmessagesize: 5000000
> sievedir: /var/lib/imap/sieve
> admins: cyrus root
> sasl_pwcheck_method: saslauthd
> configdirectory: /var/lib/imap
> tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt
> altnamespace: 1
> autocreatequota_units: 1
> tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
> sendmail: /usr/sbin/sendmail
> unixhierarchysep: 1
> partition-default: /var/spool/imap
> sieve_maxscriptsize: 320
> userprefix: user
> tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
>
> Regards,
>
> LelandJ
>

--

Mit besten GrŘ▀en, Reindl Harald
the lounge interactive design GmbH
A-1060 Vienna, HofmŘhlgasse 17
software-development / cms-solutions
p: +43 (1) 595 3999 33, m: +43 (676) 40 221 40
icq: 154546673, http://www.thelounge.net/
Attachments: signature.asc (0.25 KB)


paul at nfg

Feb 5, 2010, 7:49 AM

Post #4 of 16 (1776 views)
Permalink
Re: Using sasl with dbmail and md5 login [In reply to]

Why not use the rimap saslauthd mechanism??

that way you don't need to worry about password encodings.

I'm sure I did an entry on the wiki once, but I can't seem to find it
anymore...



lelandj wrote:
> Whoops, here is the email again without HTML stripping line feeds and
> carriage returns:
>
> I need to configure sasl for dbmail to allow postfix fo relay emails sent
> from a couple of roaming users via their iphones. The Iphones connect to
> different networks wirelessly, as the users roam about. The iPones receive
> a dynamic IP address from the network to which they connect. It is my
> understanding that postfix will allow relaying of emails from remote users
> that can connect to the mail server using sasl.
>
> I used Cyrus with sasl four or five years ago and had sasl configured to
> work with it using the sasldb file, which stored users names and passwords,
> but I'm currently using Dbmail Administrator to add/delete users using MD5
> authentication.
>
> Below is the /etc/imapd.conf file on my Fedora 6 mail server:
>
> allowplaintext: yes
> hashimapspool: 1
> sasl_mech_list: PLAIN
> sharedprefix: shared
> virtdomains: 0
> maxmessagesize: 5000000
> sievedir: /var/lib/imap/sieve
> admins: cyrus root
> sasl_pwcheck_method: saslauthd
> configdirectory: /var/lib/imap
> tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt
> altnamespace: 1
> autocreatequota_units: 1
> tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
> sendmail: /usr/sbin/sendmail
> unixhierarchysep: 1
> partition-default: /var/spool/imap
> sieve_maxscriptsize: 320
> userprefix: user
> tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
>
> Regards,
>
> LelandJ
>


--
________________________________________________________________
Paul Stevens paul at nfg.nl
NET FACILITIES GROUP GPG/PGP: 1024D/11F8CD31
The Netherlands________________________________http://www.nfg.nl
_______________________________________________
DBmail mailing list
DBmail [at] dbmail
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail


lelandj at mail

Feb 5, 2010, 8:19 AM

Post #5 of 16 (1781 views)
Permalink
Re: Using sasl with dbmail and md5 login [In reply to]

Hello Reindl Harald-2. I would rather remain with the Postfix MTA and
DBbmail server, rather than switching to something else like Cyrus or
Dovecot mail servers, as Postfix and DBmail are working fine. I can relay
emails from within my local network, once I have enter the user's local IP
address in "/etc/mail/access", eg (192.168.1.45 RELAY), and built the
"access.db" file, but Postfix will not relay email coming from my IPhones
out in the internet.

Before switching to Postfix and DBmail, I used sendmail MTA, and the Cyrus
email server. I had local IP addresses entered in the sendmail
/etc/mail/access file, which I used to build the access.db file as follows:

portmap hash /etc/mail/access.db < /etc/mail/access

Postfix seems to be using Sendmail's access.db; because, when I add a new
user, I must include their local ip address in the /etc/mail/access file and
build the /etc/mail/access.db before the new local user can sent out emails..
I though that was kind of strange, but that how it works for local users.

However, Postfix is refusing to relay emails from the iPhones that connect
to my mail server from outside networks. This is a good thing, as I don't
want to be an open relay. I just need some way to let Postfix know that the
iPhones should be trusted for relaying emails.

That where sasl comes in. Postfix will recgonize emails coming from my
roaming iPhone users, who connects from an outside networks, if the iPhone
connect using sasl. Thanks for your information, though.

Regards,

LelandJ


Reindl Harald-2 wrote:
>
> We are using dovecot as imap/pop3-proxy which solves CRAM-MD5, NTLM,
> POP3S, IMAPS, TLS and other nice things and can also be used for
> postfix-sasl-auth.
>
> But passwords should be plaintext in the userdb if you want
> MD5-Authentication because dovecot takes the password from
> the databases and calculates himself the hash to verify
> with the one from the client
>
> http://www.postfix.org/SASL_README.html#server_dovecot
>
> So you have ONE software for all authentications which can also
> replace chars in usernames as we need for % to @
>
> Am 05.02.2010 15:42, schrieb lelandj:
>>
>> Whoops, here is the email again without HTML stripping line feeds and
>> carriage returns:
>>
>> I need to configure sasl for dbmail to allow postfix fo relay emails sent
>> from a couple of roaming users via their iphones. The Iphones connect to
>> different networks wirelessly, as the users roam about. The iPones
>> receive
>> a dynamic IP address from the network to which they connect. It is my
>> understanding that postfix will allow relaying of emails from remote
>> users
>> that can connect to the mail server using sasl.
>>
>> I used Cyrus with sasl four or five years ago and had sasl configured to
>> work with it using the sasldb file, which stored users names and
>> passwords,
>> but I'm currently using Dbmail Administrator to add/delete users using
>> MD5
>> authentication.
>>
>> Below is the /etc/imapd.conf file on my Fedora 6 mail server:
>>
>> allowplaintext: yes
>> hashimapspool: 1
>> sasl_mech_list: PLAIN
>> sharedprefix: shared
>> virtdomains: 0
>> maxmessagesize: 5000000
>> sievedir: /var/lib/imap/sieve
>> admins: cyrus root
>> sasl_pwcheck_method: saslauthd
>> configdirectory: /var/lib/imap
>> tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt
>> altnamespace: 1
>> autocreatequota_units: 1
>> tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
>> sendmail: /usr/sbin/sendmail
>> unixhierarchysep: 1
>> partition-default: /var/spool/imap
>> sieve_maxscriptsize: 320
>> userprefix: user
>> tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
>>
>> Regards,
>>
>> LelandJ
>>
>
> --
>
> Mit besten Gr├╝├čen, Reindl Harald
> the lounge interactive design GmbH
> A-1060 Vienna, Hofm├╝hlgasse 17
> software-development / cms-solutions
> p: +43 (1) 595 3999 33, m: +43 (676) 40 221 40
> icq: 154546673, http://www.thelounge.net/
>
>
>
> _______________________________________________
> DBmail mailing list
> DBmail [at] dbmail
> http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail
>
>

--
View this message in context: http://old.nabble.com/Using-sasl-with-dbmail-and-md5-login-tp27468767p27470027.html
Sent from the dbmail users mailing list archive at Nabble.com.

_______________________________________________
DBmail mailing list
DBmail [at] dbmail
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail


lelandj at mail

Feb 5, 2010, 8:33 AM

Post #6 of 16 (1769 views)
Permalink
Re: Using sasl with dbmail and md5 login [In reply to]

Paul Stevens-2 wrote:
>
>
> Why not use the rimap saslauthd mechanism??
>
> Will that work with the DBmail Administrator? I use DBmail Administrator
> to Add/Delete all users, so It would be helpful to know how ther DBmail
> Administrator handles Adding/Deleting user, and how the md5 setting
> inegrates into that. When I was using Cyrus, all the users password pairs
> were in a sasldb file, but I don't know where the DBmail Administrator
> stores the user name and password, or if its independent of the Fedora 6
> user name and password or not.
>
> that way you don't need to worry about password encodings.
>
> I'm sure I did an entry on the wiki once, but I can't seem to find it
> anymore...
>
> I just want to be sure that whatever I use will work with the DBmail
> Administrator. The DBmail Administrator is really helpful.
>
> Regards,
>
> LelandJ
>
>
> lelandj wrote:
>> Whoops, here is the email again without HTML stripping line feeds and
>> carriage returns:
>>
>> I need to configure sasl for dbmail to allow postfix fo relay emails sent
>> from a couple of roaming users via their iphones. The Iphones connect to
>> different networks wirelessly, as the users roam about. The iPones
>> receive
>> a dynamic IP address from the network to which they connect. It is my
>> understanding that postfix will allow relaying of emails from remote
>> users
>> that can connect to the mail server using sasl.
>>
>> I used Cyrus with sasl four or five years ago and had sasl configured to
>> work with it using the sasldb file, which stored users names and
>> passwords,
>> but I'm currently using Dbmail Administrator to add/delete users using
>> MD5
>> authentication.
>>
>> Below is the /etc/imapd.conf file on my Fedora 6 mail server:
>>
>> allowplaintext: yes
>> hashimapspool: 1
>> sasl_mech_list: PLAIN
>> sharedprefix: shared
>> virtdomains: 0
>> maxmessagesize: 5000000
>> sievedir: /var/lib/imap/sieve
>> admins: cyrus root
>> sasl_pwcheck_method: saslauthd
>> configdirectory: /var/lib/imap
>> tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt
>> altnamespace: 1
>> autocreatequota_units: 1
>> tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
>> sendmail: /usr/sbin/sendmail
>> unixhierarchysep: 1
>> partition-default: /var/spool/imap
>> sieve_maxscriptsize: 320
>> userprefix: user
>> tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
>>
>> Regards,
>>
>> LelandJ
>>
>
>
> --
> ________________________________________________________________
> Paul Stevens paul at nfg.nl
> NET FACILITIES GROUP GPG/PGP: 1024D/11F8CD31
> The Netherlands________________________________http://www.nfg.nl
> _______________________________________________
> DBmail mailing list
> DBmail [at] dbmail
> http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail
>
>

--
View this message in context: http://old.nabble.com/Using-sasl-with-dbmail-and-md5-login-tp27468767p27470385.html
Sent from the dbmail users mailing list archive at Nabble.com.

_______________________________________________
DBmail mailing list
DBmail [at] dbmail
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail


h.reindl at thelounge

Feb 5, 2010, 9:02 AM

Post #7 of 16 (1807 views)
Permalink
Re: Using sasl with dbmail and md5 login [In reply to]

Nobody said you should go away from postfix/dbmail :-)
Dovecot can work as proxy which is also good for security

For relay you need SASL and dovecot can do this with
much more features as dbmail/postfix alone

Here a working configuration which shows how it works
But you can not use all of the features with sucking dbma because most of them
based on self developed webui/tables while there is no useable one existing
_____________________________

[root [at] dbmai:/etc/postfix]$ cat /etc/dovecot-sql.conf
driver = mysql
connect = host=localhost dbname=dbmail user=proxy password=****
password_query = SELECT passwd as password, '127.0.0.1' as host, userid as destuser, passwd AS pass, 'Y' AS
nologin, 'Y' AS nodelay, 'Y' AS proxy FROM dbmail_users WHERE userid='%u'
default_pass_scheme = plain
_____________________________

[root [at] dbmai:/etc/postfix]$ cat /etc/dovecot.conf
# Provided services
protocols = imap imaps pop3 pop3s

# Allow plaintext-auth and do not restart while software-updates are running, manually restart for security-updates!
disable_plaintext_auth = no
shutdown_clients = no

# SSL - Enable SSL/TLS and path to certificate-files
ssl_disable = no
ssl_cert_file = /etc/postfix/certs/dbmail.pem
ssl_key_file = /etc/postfix/certs/dbmail.net.pem

# Configure ports and network-interfaces we listen
protocol imap {
listen = public-ip:143
ssl_listen = public-ip:993
}
protocol pop3 {
listen = public-ip:110
ssl_listen = public-ip:995
}

# Logging
info_log_path = /var/log/maillog
syslog_facility = mail

# Login processes
login_greeting = Mail-Service
login_dir = /var/run/dovecot/login
login_process_per_connection = no
login_processes_count = 4
login_max_processes_count = 250

# capability - make sure that this are the same as the proxied-service
login_greeting_capability = yes
imap_capability = IMAP4 IMAP4rev1 ACL NAMESPACE CHILDREN SORT QUOTA THREAD=ORDEREDSUBJECT UNSELECT IDLE

# Authentication process
auth_cache_size = 8192
auth_cache_ttl = 1800
auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@%
auth_username_translation = %@

# Debug-Options
auth_debug = no
auth_debug_passwords = no
auth_verbose = no
mail_debug = no
verbose_ssl = no

# Set limit for MySQL lookup processes
auth_worker_max_count = 45

# Configure authentciation and socket for postfix-sasl-auth
auth default {
mechanisms = CRAM-MD5 DIGEST-MD5 APOP PLAIN LOGIN
user = root
count = 1
userdb static {
args = static uid=5000 gid=5000 home=/dev/null
}
passdb sql {
args = /etc/dovecot-sql.conf
}
socket listen {
client {
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
group = postfix
}
}
}
_____________________________

[root [at] dbmai:/etc/postfix]$ cat /etc/postfix/main.cf
myhostname = dbmail
smtpd_banner = Mail-Gateway with ESMTP
mynetworks = 127.0.0.0/8, proxy:mysql:/etc/postfix/mysql-mynetworks.cf
inet_protocols = ipv4
inet_interfaces = all

double_bounce_sender = postmaster [at] dbmai
address_verify_sender = postmaster [at] dbmai

mailbox_size_limit = 0
recipient_delimiter = +
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
broken_sasl_auth_clients = yes

smtp_sasl_auth_enable = yes
smtp_sender_dependent_authentication = yes
smtp_sasl_security_options = noanonymous

smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_pipelining
smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated,
reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient
smtpd_recipient_restrictions = permit_mynetworks, reject_authenticated_sender_login_mismatch,
permit_sasl_authenticated, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_non_fqdn_sender,
reject_non_fqdn_recipient, reject_unauth_destination, reject_invalid_hostname, reject_unauth_pipelining,
check_policy_service unix:/var/spool/postfix/postgrey/socket, check_recipient_access
mysql:/etc/postfix/mysql-spamfilter.cf

mydestination = mysql:/etc/postfix/mysql-mydestination.cf
local_recipient_maps = mysql:/etc/postfix/mysql-recipients.cf
recipient_canonical_maps = mysql:/etc/postfix/mysql-rewritedomains.cf
sender_canonical_maps = mysql:/etc/postfix/mysql-rewritesenders.cf
transport_maps = mysql:/etc/postfix/mysql-transport.cf
sender_dependent_relayhost_maps = mysql:/etc/postfix/mysql-sender_relay_hosts.cf
smtp_sasl_password_maps = mysql:/etc/postfix/mysql-sender_relay_hosts_auth.cf
alias_maps = mysql:/etc/postfix/mysql-aliases.cf
smtpd_sender_login_maps = mysql:/etc/postfix/mysql-senderaccess.cf

unknown_local_recipient_reject_code = 550
bounce_template_file = /etc/postfix/bounce.cf

body_checks_size_limit = 65535
queue_run_delay = 300
minimal_backoff_time = 900
maximal_backoff_time = 3600
message_size_limit = 36700160
initial_destination_concurrency = 5
smtp_destination_concurrency_limit = 5
default_destination_recipient_limit = 15
transport_retry_time = 30
max_idle = 60

lmtp_max_idle = 180
dbmail-lmtp_destination_concurrency_limit = 30

in_flow_delay = ${stress?3}${stress:1}s
smtpd_error_sleep_time = ${stress?1}${stress:2}s
smtpd_soft_error_limit = ${stress?2}${stress:5}
smtpd_hard_error_limit = ${stress?5}${stress:10}
smtp_connect_timeout = ${stress?5}${stress:15}s
smtp_helo_timeout = ${stress?10}${stress:30}s
smtp_mail_timeout = ${stress?10}${stress:30}s

smtpd_tls_cert_file = /etc/postfix/certs/dbmail.pem
smtpd_tls_key_file = /etc/postfix/certs/dbmail.pem
smtpd_tls_CAfile = /etc/postfix/certs/dbmail.pem
smtpd_tls_security_level = may
smtp_tls_note_starttls_offer = yes
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache
smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_scache

queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix

sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no

debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5
readme_directory = /usr/share/doc/postfix-2.6.2/README_FILES
sample_directory = /usr/share/doc/postfix-2.6.2/samples
manpage_directory = /usr/share/man
_____________________________

[root [at] dbmai:/etc/postfix]$ cat /etc/postfix/mysql-aliases.cf
user = dbmailro
password = ****
dbname = dbmail
hosts = localhost
query = select target from dbma_aliases where source like '%s'
_____________________________

[root [at] dbmai:/etc/postfix]$ cat /etc/postfix/mysql-mydestination.cf
user = dbmailro
password = ****
dbname = dbmail
hosts = localhost
query = select transport from dbma_mta where mydestination like '%s'
_____________________________


[root [at] dbmai:/etc/postfix]$ cat /etc/postfix/mysql-recipients.cf
user = dbmailro
password = ****
dbname = dbmail
hosts = localhost
query = select alias from dbma_recipients where alias like '%s'
_____________________________


[root [at] dbmai:/etc/postfix]$ cat /etc/postfix/mysql-rewritedomains.cf
user = dbmailro
password = ****
dbname = dbmail
hosts = localhost
query = select target from dbma_rewrite_domains where source like '%d'
_____________________________

[root [at] dbmai:/etc/postfix]$ cat /etc/postfix/mysql-rewritesenders.cf
user = dbmailro
password = ****
dbname = dbmail
hosts = localhost
query = select target from dbma_rewrite_senders where source like '%s'
_____________________________

[root [at] dbmai:/etc/postfix]$ cat /etc/postfix/mysql-spamfilter.cf
user = dbmailro
password = ****
dbname = dbmail
hosts = localhost
query = select filter from dbma_spamfilter where domain like '%d'
_____________________________

[root [at] dbmai:/etc/postfix]$ cat /etc/postfix/mysql-transport.cf
user = dbmailro
password = ****
dbname = dbmail
hosts = localhost
query = select transport from dbma_transports where mydestination like '%d' or mydestination like '%s'
_____________________________

[root [at] mai:/etc/postfix]$ cat mysql-sender_relay_hosts.cf
user = dbmailro
password = ****
dbname = dbmail
hosts = localhost
query = select transport from dbma_sender_relay where email like '%s'
_____________________________

[root [at] mai:/etc/postfix]$ cat mysql-sender_relay_hosts_auth.cf
user = dbmailro
password = ****
dbname = dbmail
hosts = localhost
query = select concat(username, ':', password) from dbma_sender_relay where email like '%s'
_____________________________

[root [at] dbmai:/etc/postfix]$ cat /etc/postfix/mysql-senderaccess.cf
user = dbmailro
password = ****
dbname = dbmail
hosts = localhost
query = select userid from dbmail_users where ((select count(*) from dbma_mta where mydestination like '%d')
> 0 or (select count(*) from dbma_sender_relay where email like '%s') > 0) and user_idnr>3;

Am 05.02.2010 17:19, schrieb lelandj:
>
> Hello Reindl Harald-2. I would rather remain with the Postfix MTA and
> DBbmail server, rather than switching to something else like Cyrus or
> Dovecot mail servers, as Postfix and DBmail are working fine. I can relay
> emails from within my local network, once I have enter the user's local IP
> address in "/etc/mail/access", eg (192.168.1.45 RELAY), and built the
> "access.db" file, but Postfix will not relay email coming from my IPhones
> out in the internet.
>
> Before switching to Postfix and DBmail, I used sendmail MTA, and the Cyrus
> email server. I had local IP addresses entered in the sendmail
> /etc/mail/access file, which I used to build the access.db file as follows:
>
> portmap hash /etc/mail/access.db < /etc/mail/access
>
> Postfix seems to be using Sendmail's access.db; because, when I add a new
> user, I must include their local ip address in the /etc/mail/access file and
> build the /etc/mail/access.db before the new local user can sent out emails..
> I though that was kind of strange, but that how it works for local users.
>
> However, Postfix is refusing to relay emails from the iPhones that connect
> to my mail server from outside networks. This is a good thing, as I don't
> want to be an open relay. I just need some way to let Postfix know that the
> iPhones should be trusted for relaying emails.
>
> That where sasl comes in. Postfix will recgonize emails coming from my
> roaming iPhone users, who connects from an outside networks, if the iPhone
> connect using sasl. Thanks for your information, though.
>
> Regards,
>
> LelandJ
>
>
> Reindl Harald-2 wrote:
>>
>> We are using dovecot as imap/pop3-proxy which solves CRAM-MD5, NTLM,
>> POP3S, IMAPS, TLS and other nice things and can also be used for
>> postfix-sasl-auth.
>>
>> But passwords should be plaintext in the userdb if you want
>> MD5-Authentication because dovecot takes the password from
>> the databases and calculates himself the hash to verify
>> with the one from the client
>>
>> http://www.postfix.org/SASL_README.html#server_dovecot
>>
>> So you have ONE software for all authentications which can also
>> replace chars in usernames as we need for % to @
>>
>> Am 05.02.2010 15:42, schrieb lelandj:
>>>
>>> Whoops, here is the email again without HTML stripping line feeds and
>>> carriage returns:
>>>
>>> I need to configure sasl for dbmail to allow postfix fo relay emails sent
>>> from a couple of roaming users via their iphones. The Iphones connect to
>>> different networks wirelessly, as the users roam about. The iPones
>>> receive
>>> a dynamic IP address from the network to which they connect. It is my
>>> understanding that postfix will allow relaying of emails from remote
>>> users
>>> that can connect to the mail server using sasl.
>>>
>>> I used Cyrus with sasl four or five years ago and had sasl configured to
>>> work with it using the sasldb file, which stored users names and
>>> passwords,
>>> but I'm currently using Dbmail Administrator to add/delete users using
>>> MD5
>>> authentication.
>>>
>>> Below is the /etc/imapd.conf file on my Fedora 6 mail server:
>>>
>>> allowplaintext: yes
>>> hashimapspool: 1
>>> sasl_mech_list: PLAIN
>>> sharedprefix: shared
>>> virtdomains: 0
>>> maxmessagesize: 5000000
>>> sievedir: /var/lib/imap/sieve
>>> admins: cyrus root
>>> sasl_pwcheck_method: saslauthd
>>> configdirectory: /var/lib/imap
>>> tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt
>>> altnamespace: 1
>>> autocreatequota_units: 1
>>> tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
>>> sendmail: /usr/sbin/sendmail
>>> unixhierarchysep: 1
>>> partition-default: /var/spool/imap
>>> sieve_maxscriptsize: 320
>>> userprefix: user
>>> tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
>>>
>>> Regards,
>>>
>>> LelandJ
>>>
>>
>> --
>>
>> Mit besten Gr├╝├čen, Reindl Harald
>> the lounge interactive design GmbH
>> A-1060 Vienna, Hofm├╝hlgasse 17
>> software-development / cms-solutions
>> p: +43 (1) 595 3999 33, m: +43 (676) 40 221 40
>> icq: 154546673, http://www.thelounge.net/
>>
>>
>>
>> _______________________________________________
>> DBmail mailing list
>> DBmail [at] dbmail
>> http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail
>>
>>
>

--

Mit besten Gr├╝├čen, Reindl Harald
the lounge interactive design GmbH
A-1060 Vienna, Hofm├╝hlgasse 17
software-development / cms-solutions
p: +43 (1) 595 3999 33, m: +43 (676) 40 221 40
icq: 154546673, http://www.thelounge.net/
Attachments: signature.asc (0.25 KB)


lelandj at mail

Feb 5, 2010, 9:47 AM

Post #8 of 16 (1790 views)
Permalink
Re: Using sasl with dbmail and md5 login [In reply to]

I configured DBmail to use PostgreSQL, rather than MySQL, when I configured
her four or five years ago, so my email is stored in a PostgreSQL database
named "dbmail". I see your working configuration touches very many
configuration files, especially MySQL configuartion files. Is that going to
create any kind of problem?

Is there some simple way to configure sasl to work with PostgreSQL DBmail,
DBmail Administator, and Postfix? I know Linux is very modular, which is
both good and bad.

It would be interested to know how DBmail Administrator currently
authenticates users. Is the DBmail username - password pair a PostgreSQL
user, a field in one of the "dbmail" tables or something else. It appears
the username - password pair are independent of the Fedora username -
password pair created when a new user is added to Fedora 6.

Also, any hints on where the DBmail configuration file lives on Fedora 6.
It might give some clue as to how thing are configure. It has been a long
time since I've been into DBmail; because, there have been no problems.

Regards,

LelandJ


Nobody said you should go away from postfix/dbmail :-)
Dovecot can work as proxy which is also good for security

For relay you need SASL and dovecot can do this with
much more features as dbmail/postfix alone
--
View this message in context: http://old.nabble.com/Using-sasl-with-dbmail-and-md5-login-tp27468767p27471557.html
Sent from the dbmail users mailing list archive at Nabble.com.

_______________________________________________
DBmail mailing list
DBmail [at] dbmail
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail


paul at nfg

Feb 5, 2010, 11:20 AM

Post #9 of 16 (1771 views)
Permalink
Re: Using sasl with dbmail and md5 login [In reply to]

lelandj wrote:
> I configured DBmail to use PostgreSQL, rather than MySQL, when I configured
> her four or five years ago, so my email is stored in a PostgreSQL database
> named "dbmail". I see your working configuration touches very many
> configuration files, especially MySQL configuartion files. Is that going to
> create any kind of problem?


Bloody hell. KISS. Use rimap.

On debian:
/etc/defaults/saslauthd

START=yes
MECHANISMS="rimap -O localhost"

/etc/postfix/sasl/smtpd.conf

mech_list: PLAIN LOGIN ANONYMOUS
pwcheck_method: saslauthd

And that is all she wrote. Postfix will use saslauthd for
authentication, saslauthd will use an imap connection
for authentication. Done. No need to worry about the imap server used,
or the encryption of the passwords therein.

RTFM: saslauthd(8)

cheers.




>
> Is there some simple way to configure sasl to work with PostgreSQL DBmail,
> DBmail Administator, and Postfix? I know Linux is very modular, which is
> both good and bad.
>
> It would be interested to know how DBmail Administrator currently
> authenticates users. Is the DBmail username - password pair a PostgreSQL
> user, a field in one of the "dbmail" tables or something else. It appears
> the username - password pair are independent of the Fedora username -
> password pair created when a new user is added to Fedora 6.
>
> Also, any hints on where the DBmail configuration file lives on Fedora 6.
> It might give some clue as to how thing are configure. It has been a long
> time since I've been into DBmail; because, there have been no problems.
>
> Regards,
>
> LelandJ
>
>
> Nobody said you should go away from postfix/dbmail :-)
> Dovecot can work as proxy which is also good for security
>
> For relay you need SASL and dovecot can do this with
> much more features as dbmail/postfix alone


--
________________________________________________________________
Paul Stevens paul at nfg.nl
NET FACILITIES GROUP GPG/PGP: 1024D/11F8CD31
The Netherlands________________________________http://www.nfg.nl
_______________________________________________
DBmail mailing list
DBmail [at] dbmail
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail


lelandj at mail

Feb 5, 2010, 11:57 AM

Post #10 of 16 (1776 views)
Permalink
Re: Using sasl with dbmail and md5 login [In reply to]

Thanks Paul. I'm looking into it. I'll let you know how it goes.

I did learn that dbmail uses its "dbmail-users" script to add or delete
users. At the time the script creates the user, a shadow user is created in
the "dbmail" database to hold the emails of the created user.

Regards,

LelandJ



Paul Stevens-2 wrote:
>
> lelandj wrote:
>> I configured DBmail to use PostgreSQL, rather than MySQL, when I
>> configured
>> her four or five years ago, so my email is stored in a PostgreSQL
>> database
>> named "dbmail". I see your working configuration touches very many
>> configuration files, especially MySQL configuartion files. Is that going
>> to
>> create any kind of problem?
>
>
> Bloody hell. KISS. Use rimap.
>
> On debian:
> /etc/defaults/saslauthd
>
> START=yes
> MECHANISMS="rimap -O localhost"
>
> /etc/postfix/sasl/smtpd.conf
>
> mech_list: PLAIN LOGIN ANONYMOUS
> pwcheck_method: saslauthd
>
> And that is all she wrote. Postfix will use saslauthd for
> authentication, saslauthd will use an imap connection
> for authentication. Done. No need to worry about the imap server used,
> or the encryption of the passwords therein.
>
> RTFM: saslauthd(8)
>
> cheers.
>
>
>
>
>>
>> Is there some simple way to configure sasl to work with PostgreSQL
>> DBmail,
>> DBmail Administator, and Postfix? I know Linux is very modular, which is
>> both good and bad.
>>
>> It would be interested to know how DBmail Administrator currently
>> authenticates users. Is the DBmail username - password pair a PostgreSQL
>> user, a field in one of the "dbmail" tables or something else. It
>> appears
>> the username - password pair are independent of the Fedora username -
>> password pair created when a new user is added to Fedora 6.
>>
>> Also, any hints on where the DBmail configuration file lives on Fedora 6.
>> It might give some clue as to how thing are configure. It has been a
>> long
>> time since I've been into DBmail; because, there have been no problems.
>>
>> Regards,
>>
>> LelandJ
>>
>>
>> Nobody said you should go away from postfix/dbmail :-)
>> Dovecot can work as proxy which is also good for security
>>
>> For relay you need SASL and dovecot can do this with
>> much more features as dbmail/postfix alone
>
>
> --
> ________________________________________________________________
> Paul Stevens paul at nfg.nl
> NET FACILITIES GROUP GPG/PGP: 1024D/11F8CD31
> The Netherlands________________________________http://www.nfg.nl
> _______________________________________________
> DBmail mailing list
> DBmail [at] dbmail
> http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail
>
>

--
View this message in context: http://old.nabble.com/Using-sasl-with-dbmail-and-md5-login-tp27468767p27473147.html
Sent from the dbmail users mailing list archive at Nabble.com.

_______________________________________________
DBmail mailing list
DBmail [at] dbmail
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail


paul at nfg

Feb 5, 2010, 12:03 PM

Post #11 of 16 (1772 views)
Permalink
Re: Using sasl with dbmail and md5 login [In reply to]

lelandj wrote:
> Thanks Paul. I'm looking into it. I'll let you know how it goes.
>
> I did learn that dbmail uses its "dbmail-users" script to add or delete
> users. At the time the script creates the user, a shadow user is created in
> the "dbmail" database to hold the emails of the created user.

the user exists nowhere else *but* in the database -- unless you're
using authldap. Only then should the record in dbmail_users be regarded
as a 'shadow' of ldap.

--
________________________________________________________________
Paul Stevens paul at nfg.nl
NET FACILITIES GROUP GPG/PGP: 1024D/11F8CD31
The Netherlands________________________________http://www.nfg.nl
_______________________________________________
DBmail mailing list
DBmail [at] dbmail
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail


lelandj at mail

Feb 5, 2010, 12:44 PM

Post #12 of 16 (1775 views)
Permalink
Re: Using sasl with dbmail and md5 login [In reply to]

Paul Stevens-2 wrote:
>
> lelandj wrote:
>> Thanks Paul. I'm looking into it. I'll let you know how it goes.
>>
>> I did learn that dbmail uses its "dbmail-users" script to add or delete
>> users. At the time the script creates the user, a shadow user is created
>> in
>> the "dbmail" database to hold the emails of the created user.
>
> the user exists nowhere else *but* in the database -- unless you're
> using authldap. Only then should the record in dbmail_users be regarded
> as a 'shadow' of ldap.
>
>
> I was able to list my users using the following command:
>
> dbmail-users -l
>
> Not sure whether the names are being retrieved form the database or
> somewhere else. Where can I find the "authldap" setting, if any.
>
> The DBmail wiki below indicates that DBmail is fully integrated into LDAP
>
> http://en.wikipedia.org/wiki/DBMail_IMAP_and_POP3_server
>
> Regards,
>
> LelandJ
>
>
>
> Regards,
>
> LelandJ
>
>
>
> I have the following entry in my Postfix main.cf
>
> or the filethe dbmail user file
>
> --
> ________________________________________________________________
> Paul Stevens paul at nfg.nl
> NET FACILITIES GROUP GPG/PGP: 1024D/11F8CD31
> The Netherlands________________________________http://www.nfg.nl
> _______________________________________________
> DBmail mailing list
> DBmail [at] dbmail
> http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail
>
>

--
View this message in context: http://old.nabble.com/Using-sasl-with-dbmail-and-md5-login-tp27468767p27473664.html
Sent from the dbmail users mailing list archive at Nabble.com.

_______________________________________________
DBmail mailing list
DBmail [at] dbmail
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail


lelandj at mail

Feb 5, 2010, 4:39 PM

Post #13 of 16 (1764 views)
Permalink
Re: Using sasl with dbmail and md5 login [In reply to]

I download rimap form http://sourceforge.net/projects/rimap/, which appears
to be a python script. I placed the rimap script in the /usr/bin directory
of my mail server.

I found the following DBmail thread about using rimap, which was helpful,
but I'm still unable to relay anything coming from the iPhones, even after
going through the thread below:

http://www.mail-archive.com/dbmail [at] dbmail/msg13366.html

There is probably some simple configuration problem I'm missing in one of
the many configuration files, so I'll recheck all configurations. I may
fall back to using the below Postfix option, (eg see the link below about
it).

smtpd_recipient_restrictions =
check_sender_access hash:/etc/postfix/sender_access

http://www.informit.com/articles/article.aspx?p=24672&seqNum=4

Regards,

LelandJ



Paul Stevens-2 wrote:
>
> lelandj wrote:
>> Thanks Paul. I'm looking into it. I'll let you know how it goes.
>>
>> I did learn that dbmail uses its "dbmail-users" script to add or delete
>> users. At the time the script creates the user, a shadow user is created
>> in
>> the "dbmail" database to hold the emails of the created user.
>
> the user exists nowhere else *but* in the database -- unless you're
> using authldap. Only then should the record in dbmail_users be regarded
> as a 'shadow' of ldap.
>
> --
> ________________________________________________________________
> Paul Stevens paul at nfg.nl
> NET FACILITIES GROUP GPG/PGP: 1024D/11F8CD31
> The Netherlands________________________________http://www.nfg.nl
> _______________________________________________
> DBmail mailing list
> DBmail [at] dbmail
> http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail
>
>

--
View this message in context: http://old.nabble.com/Using-sasl-with-dbmail-and-md5-login-tp27468767p27475989.html
Sent from the dbmail users mailing list archive at Nabble.com.

_______________________________________________
DBmail mailing list
DBmail [at] dbmail
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail


paul at nfg

Feb 6, 2010, 1:37 AM

Post #14 of 16 (1763 views)
Permalink
Re: Using sasl with dbmail and md5 login [In reply to]

lelandj wrote:
> I download rimap form http://sourceforge.net/projects/rimap/, which appears
> to be a python script. I placed the rimap script in the /usr/bin directory
> of my mail server.

remove it. That is *not* what I'm talking about.

Please get a clue: read the manual: man saslauthd



>
> I found the following DBmail thread about using rimap, which was helpful,
> but I'm still unable to relay anything coming from the iPhones, even after
> going through the thread below:
>
> http://www.mail-archive.com/dbmail [at] dbmail/msg13366.html
>
> There is probably some simple configuration problem I'm missing in one of
> the many configuration files, so I'll recheck all configurations. I may
> fall back to using the below Postfix option, (eg see the link below about
> it).
>
> smtpd_recipient_restrictions =
> check_sender_access hash:/etc/postfix/sender_access
>
> http://www.informit.com/articles/article.aspx?p=24672&seqNum=4
>
> Regards,
>
> LelandJ
>
>
>
> Paul Stevens-2 wrote:
>> lelandj wrote:
>>> Thanks Paul. I'm looking into it. I'll let you know how it goes.
>>>
>>> I did learn that dbmail uses its "dbmail-users" script to add or delete
>>> users. At the time the script creates the user, a shadow user is created
>>> in
>>> the "dbmail" database to hold the emails of the created user.
>> the user exists nowhere else *but* in the database -- unless you're
>> using authldap. Only then should the record in dbmail_users be regarded
>> as a 'shadow' of ldap.
>>
>> --
>> ________________________________________________________________
>> Paul Stevens paul at nfg.nl
>> NET FACILITIES GROUP GPG/PGP: 1024D/11F8CD31
>> The Netherlands________________________________http://www.nfg.nl
>> _______________________________________________
>> DBmail mailing list
>> DBmail [at] dbmail
>> http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail
>>
>>
>


--
________________________________________________________________
Paul Stevens paul at nfg.nl
NET FACILITIES GROUP GPG/PGP: 1024D/11F8CD31
The Netherlands________________________________http://www.nfg.nl
_______________________________________________
DBmail mailing list
DBmail [at] dbmail
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail


paul at nfg

Feb 6, 2010, 1:38 AM

Post #15 of 16 (1761 views)
Permalink
Re: Using sasl with dbmail and md5 login [In reply to]

lelandj wrote:
>
>
>
>
>
> Paul Stevens-2 wrote:
>> lelandj wrote:
>>> Thanks Paul. I'm looking into it. I'll let you know how it goes.
>>>
>>> I did learn that dbmail uses its "dbmail-users" script to add or delete
>>> users. At the time the script creates the user, a shadow user is created
>>> in
>>> the "dbmail" database to hold the emails of the created user.
>> the user exists nowhere else *but* in the database -- unless you're
>> using authldap. Only then should the record in dbmail_users be regarded
>> as a 'shadow' of ldap.
>>
>>
>> I was able to list my users using the following command:
>>
>> dbmail-users -l
>>
>> Not sure whether the names are being retrieved form the database or
>> somewhere else. Where can I find the "authldap" setting, if any.


If you don't know, the users are in the dbmail database. And nowhere else.

You only want to use LDAP if you *need* LDAP. If you don't know, you
don't need it.


>>
>> The DBmail wiki below indicates that DBmail is fully integrated into LDAP
>>
>> http://en.wikipedia.org/wiki/DBMail_IMAP_and_POP3_server
>>
>> Regards,
>>
>> LelandJ
>>
>>
>>
>> Regards,
>>
>> LelandJ
>>
>>
>>
>> I have the following entry in my Postfix main.cf
>>
>> or the filethe dbmail user file
>>
>> --
>> ________________________________________________________________
>> Paul Stevens paul at nfg.nl
>> NET FACILITIES GROUP GPG/PGP: 1024D/11F8CD31
>> The Netherlands________________________________http://www.nfg.nl
>> _______________________________________________
>> DBmail mailing list
>> DBmail [at] dbmail
>> http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail
>>
>>
>


--
________________________________________________________________
Paul Stevens paul at nfg.nl
NET FACILITIES GROUP GPG/PGP: 1024D/11F8CD31
The Netherlands________________________________http://www.nfg.nl
_______________________________________________
DBmail mailing list
DBmail [at] dbmail
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail


lelandj at mail

Feb 6, 2010, 12:27 PM

Post #16 of 16 (1759 views)
Permalink
Re: Using sasl with dbmail and md5 login [In reply to]

> Paul Stevens-2 wrote:

Please get a clue: read the manual: man saslauthd


Hi Paul,

Thanks for the clue. LOL

I'm a quy running a small network, and I'm not as young as I use to be. LOL
I created an account with Gmail, which works fine for relaying emails. I'm
thinking about making Gmail accounts the default for my iPhone users. The
iPhone users could then connect remotely to their Gmail accounts over an SSL
connection for relay emails out into the internet.

I would create two account on the iPhone user's Thunderbird mail client
located on their desktop computer. One of the Thunderbird accounts would
connect to Gmail, and the other account would connect to DBmail. Then, the
iPhone users could very easily move emails with retention value from Gmail
to DBmail. In this scenario the DBmail server would be acting as a kind of
backup system, and the iPhone user would be responsible for keeping their
Gmail accounts clean and under quotas.

Some of the advantages of using Gmail are:

1) Gmail would have a lot more muscle than I, at staying on top of security
problems and junk/spam emails. I was watching my Postfix log file last
night, using Komodo, while debuging my relay problem, and there were so many
entries hitting the logs file, I couldn't keep up with them. Every time I
refreshed Komodo, there were pages of new lines, mostly mail that wanted to
be relayed, but Postfix was doing her job and rejecting them. The spamming
going on today is ridiculous. I really don't have the time to stay on top
of all the spamming going on.

2) Gmail connect over SSL and will relay from remote users.

3) Gmail is free.

4) I wouldn't need to mess around with creating an ssl certificate, which I
could sign, I suppose. I have a certificate issued by a third party for my
shopping cart web application, and the same approach could be used for my
mail server.
The third party vouches that my website can be trusted, but certificates
issued by third parties aren't cheap. LOL

If Gmail does not work out for me, I would use DBmail on my Fedora 11
desktop. I installed DBmail, Postfix, and PostgreSQL in on my Fedora 11
desktop computer last night and configured PostgreSQL, (eg up until 4:30 AM
this morning). There is a configuration gui on Fedora 11, I believe, that
helps with the configuration of LDAP, which will probably be helpful. I
would need to research SELinux to make sure there were no issue with having
it enabled with the mail configuration running.

Once I had everything working locally on my Desktop computer, I would move
all mail from my Fedora 6 server onto my desktop server and have the router
relay email ports to the desktop computer. After everything is running
smoothly on the Desktop computer for awhile, I would copy the Fedora 11
image back onto the DB mail server. This would give me up to date libraries
and the latest versions of all the applications.

I'm a small home network, so I really don't want to use a proxy server on
the other side of my firewall, just to provide SSL; although, I can see
advantages of doing so for anyone with the proper resources and a larger
number of users.

I must say, I have really enjoyed DBmail, DBmail Administrator, PostgreSQL
and Postfix over the last five years. Its a rock solid system. My mail
server had dutifully performed her job on a 24/7 basis, never taking a break
or complaining about anything. The server has been a real mule, so I'm sure
the latest version of DBmail, DBmail Administrator, PostgreSQL and SSL with
LDAP would be greate. At some point I will probably upgrade my DBmail
server and website to run on Fedora 11 or Fedora 12, regardless of whether
Gmail work out or not.

Regards,

LelandJ
>
>
> Paul Stevens-2 wrote:
>> lelandj wrote:
>>> Thanks Paul. I'm looking into it. I'll let you know how it goes.
>>>
>>> I did learn that dbmail uses its "dbmail-users" script to add or delete
>>> users. At the time the script creates the user, a shadow user is
>>> created
>>> in
>>> the "dbmail" database to hold the emails of the created user.
>> the user exists nowhere else *but* in the database -- unless you're
>> using authldap. Only then should the record in dbmail_users be regarded
>> as a 'shadow' of ldap.
>>
>> --
>> ________________________________________________________________
>> Paul Stevens paul at nfg.nl
>> NET FACILITIES GROUP GPG/PGP: 1024D/11F8CD31
>> The Netherlands________________________________http://www.nfg.nl
>> _______________________________________________
>> DBmail mailing list
>> DBmail [at] dbmail
>> http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail
>>
>>
>


--
________________________________________________________________
Paul Stevens paul at nfg.nl
NET FACILITIES GROUP GPG/PGP: 1024D/11F8CD31
The Netherlands________________________________http://www.nfg.nl
_______________________________________________
DBmail mailing list
DBmail [at] dbmail
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail



--
View this message in context: http://old.nabble.com/Using-sasl-with-dbmail-and-md5-login-tp27468767p27483013.html
Sent from the dbmail users mailing list archive at Nabble.com.

_______________________________________________
DBmail mailing list
DBmail [at] dbmail
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail

DBMail users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.