FreeBSD + postfix + sasl2 + pam + mysql = Working Authenticated SMTP
This is most of all meant as a note-to-self to next time I’ll have to do this.
Installed the port mail/courier-authlib with the following options:
WITH_PAM=true
WITHOUT_VPOPMAIL=true
WITH_MYSQL=true
WITHOUT_POSTGRESQL=true
WITHOUT_LDAP=true
WITHOUT_GDBM=true
WITH_AUTHUSERDB=true
Installed Postfix with SASL2 and TLS. Config to Postfix’ main.cf:
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
SASL2 needs “-r -a pam” flags in /usr/local/etc/rc.d/saslauthd.sh and the following in /usr/local/lib/sasl2/smtpd.conf:
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
Finally, /etc/pam.d/smtp:
column=password crypt=0 logtable=log logmsgcolumn=msg logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time sqllog=1
auth required pam_mysql.so user=postfix passwd=xxxx host=host.domain.tld db=postfix table=mailbox usercolumn=username passwdcolumn=password crypt=0 logtable=log logmsgcolumn=msg logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time sqllog=1
# account
account required pam_mysql.so user=postfix passwd=xxxx host=host.domain.tld db=postfix table=mailbox usercolumn=username passwdcolumn=password crypt=0 logtable=log logmsgcolumn=msg logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time sqllog=1
# session
session required pam_permit.so
That should really be all there is to it.
Leave a Comment
If you would like to make a comment, please fill out the form below.
Hi Niklas,
Have you tried pam_mysql with MD5 or SHA-1 under FreeBSD?
I was able to use pam_mysql with clear text password, i.e. crypt=0 but I got an error when I tried MD5 crypt=3.