I'm running Slackware 13.0. I have cyrus SASL2 installed as well as Postfix 2.6. I have saslauthd running shadow for my system users. I use auth plain. I'm just experimenting so I will probably go with md5 digest later on Anybody know the exact reason why slack didn't go for PAM, I've always been interested to know the reason why. Anyhow postfix with sasl works great for allowing remote users to login to postfix server to relay mail out. I added in /usr/local/lib/sasl2/smtpd.conf with the appropriate lines. And of course, testsaslauthd successfully authenticates my test user.
Anyhow, I want to host pop and imap servers for these system users. I thought about using dovecot. Installed it. I definitely want to use auth plain and have shadow be the passwd db. So here is where I'm confused. I see several articles on how to use dovecot's own SASL. But I want to use Cyrus sasl instead. I can't seem to locate any good articles on setting up Cyrus sasl for dovecot. I'm thinking I need a configuration file similar to /usr/local/lib/sasl2/smtpd.conf. Anyhow, I have dovecot.conf setup to use shadow and auth plain. I set ssl_disable = yes and disble_plaintest_auth = no. Is this auth plain where it encodes my password into base64 or is it just really plain text? So I start the imap server. I try to login as my test user by using nc -v localhost 143. I do 'a login user password' but I get an instant bye.
In stdout
Code:
* BYE Internal login failure. Refer to server log for more information.
In /var/log/maillog
Code:
Mar 16 00:39:37 hostname dovecot: imap-login: Disconnected (auth failed, 1 attempts): user=<user@domain.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
I don't really need all the features of dovecot, so I figure I may as well try out /usr/bin/imapd and /usr/bin/ipop3d. I enabled these guys in rc.inetd and they work like a charm. Do these guys uses Cyrus sasl at all? or do they just connect directly to the/etc/shadow file for authentication? I'm guessing they use Cyrus sasl. Are they using plaintext or is it base64? Is there any way to add ssl to these guys? I guess I can use stunnel.
Anyhow, these inetd guys will definitely do the job. However, I would still like to understand and get Cyrus sasl to work with dovecot. And if not I'll give into dovecot's sasl and try it out. Can you guys point me in the right direction.