pam setup

Hello

Has anyone setup dbmail with pam
I made an attempted to do this but I am not sure what to do
with these:
logmsgcolumn=msg logusercolumn=user loghostcolumn=host
logpidcolumn=pid logtimecolumn=time


account sufficient pam_mysql.so user=dbUserName
passwd=dbUserPasswd
host=localhost db=dbmail table=dbmail_users
usercolumn=userid passwd$

auth sufficient pam_mysql.so user=dbUserName
passwd=dbUserPasswd
host=localhost db=dbmail table=dbmail_users
usercolumn=userid
passwdcolumn=passwd crypt=encryption_type
logtable=last_login
## What about these? ##
logmsgcolumn=msg logusercolumn=user loghostcolumn=host
logpidcolumn=pid logtimecolumn=time


--
Demi

           ,
        .--'|}        "Goodbye England's rose,
       /    /}}   may you ever grow in our hearts.
     .=\.--'`\} You were the grace that placed itself
    //` '---./`      where lives were torn apart.
    ||  /|
     \\| |          You called out to our country,
   |\_\\/         and you whispered to those in pain.
   \__/\\              Now you belong to heaven,
        \\        and the stars spell out your
name."
_______________________________________________
Dbmail mailing list
Dbmaildbmail.org
htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail

It would seem that 'rimap' is the simplest authentication 
method. You are asking saslauthd to do the IMAP login 
request for an SMTP authentication. It's fast and it's
good.

CYRUS-SASL2 is what you'll need to install first.

Your /usr/local/lib/sasl2/smtpd.conf would be:
mech_list: PLAIN LOGIN ANONYMOUS
pwcheck_method: saslauthd

Postfix's main.cf should have *at least* this:
smtpd_sasl_auth_enable=yes

Your /etc/default/saslauthd would need this:
START=yes
MECHANISMS="rimap -O localhost"

Yup. I was surprised to learn myself it's really that
simple.

Using SASL2 saslauthd/PAM/SQL
i.e.:
where /etc/pam.d/smtp is something like:
auth    sufficient      pam_mysql.so user=dbmail 
passwd=dbmail host=127.0.0.1 db=dbmail table=dbmail_users 
usercolumn=userid passwdcolumn=passwd crypt=1

account required        pam_mysql.so user=dbmail 
passwd=dbmail host=127.0.0.1 db=dbmail table=sbmail_users 
usercolumn=userid passwdcolumn=passwd crypt=1


In the alternative to rimap you can have SASL2 do direct PAM

SQL queries to the database which you might find a tad 
challenging (annoying?) to configure -- very efficient once 
working. Saslauthd doesn't quite play nice with MySQL
unless 
you do a tiny re-jigging of the Makefiles (via configure).

This latter method also requires that you insert user 
account passwords as plain text which is not the case with 
rimap.

I now use rimap for smaller systems and SQL for large 
(*large*) systems.

If you would like a 1-2-3 how-to on the SQL, see the Wiki or

give me a shout out and I'll send you mine. Rimap is likely

your best bet.

best...
Mike






Demi wrote:
> Hello
> 
> Has anyone setup dbmail with pam
> I made an attempted to do this but I am not sure what
to do with these:
> logmsgcolumn=msg logusercolumn=user loghostcolumn=host
> logpidcolumn=pid logtimecolumn=time
> 
> 
> account sufficient pam_mysql.so user=dbUserName
passwd=dbUserPasswd
> host=localhost db=dbmail table=dbmail_users
usercolumn=userid passwd$
> 
> auth sufficient pam_mysql.so user=dbUserName
passwd=dbUserPasswd
> host=localhost db=dbmail table=dbmail_users
usercolumn=userid
> passwdcolumn=passwd crypt=encryption_type
logtable=last_login
> ## What about these? ##
> logmsgcolumn=msg logusercolumn=user loghostcolumn=host
> logpidcolumn=pid logtimecolumn=time
> 
> 
> --
> Demi
> 
>            ,
>         .--'|}        "Goodbye England's rose,
>        /    /}}   may you ever grow in our hearts.
>      .=\.--'`\} You were the grace that placed
itself
>     //` '---./`      where lives were torn apart.
>     ||  /|
>      \\| |          You called out to our country,
>    |\_\\/         and you whispered to those in
pain.
>    \__/\\              Now you belong to heaven,
>         \\        and the stars spell out your
name."
> _______________________________________________
> Dbmail mailing list
> Dbmaildbmail.org
> htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
_______________________________________________
Dbmail mailing list
Dbmaildbmail.org
htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail

On 4/27/06, M. J. [Mike] O'Brien <mikemobrien.com> wrote:
> It would seem that 'rimap' is the simplest
authentication
> method. You are asking saslauthd to do the IMAP login
> request for an SMTP authentication. It's fast and
it's good.

Hi Mike
I figured I send you the Debian way for your wiki aka manual
but you
guest it that's not all I have some questions.

What is the ANONYMOUS for in 'mech_list: PLAIN LOGIN
ANONYMOUS'
and
you said with rimap we are authenticating against imap.
Does that mean it goes goes like this?
saslauthd
-->rimap
---->imap
-------->mysql   answer OK or NOPE
------------->imap
----------------->rimap
---------------------->saslauthd

Does that also work with LDAP?
See my plan is it to have LDAP as the user DB so I was OK
with
pam-mySQL for now till dbMail is ready to go production with
the LDAP
module.
I mainly am going to move my xoops users over to this server
and xoops
is going LDAP. I am also setting up egroupware which is also
OK with
LDAP.

Now tell me is this rimap think still ok for my setup?

We are having sasl in postfix because we are running it
chrooted:
  nano /etc/postfix/sasl/smtpd.conf

  mech_list: PLAIN LOGIN ANONYMOUS
  pwcheck_method: saslauthd

  nano /etc/default/saslauthd

 START=yes
  PARAMS="-m /var/spool/postfix/var/run/saslauthd
-r"
  #MECHANISMS="pam"
  MECHANISMS="rimap -O localhost"

--
Demi
_______________________________________________
Dbmail mailing list
Dbmaildbmail.org
htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail