MTA: Exim

SMTP authentication with Cyrus SASL

by ross at 07:22:57 on October 28, 2011

Install:

# cd /usr/ports/security/cyrus-sasl2-saslauthd
# make install clean
# rehash

Options for cyrus-sasl-saslauthd:

  • Leave at their defaults

Add to /etc/rc.conf:

saslauthd_enable="YES"

Create /usr/local/lib/sasl2/exim.conf:

pwcheck_method: saslauthd

Start saslauthd:

# service saslauthd start

Rebuild exim with sasl authenticator support:

# cd /usr/ports/mail/exim
# make config
Check AUTH_SASL, SASLAUTHD
# make build deinstall reinstall clean

Edit /usr/local/etc/exim/configure:

# Uncomment the following:
daemon_smtp_ports = 25 : 465 : 587
tls_on_connect_ports = 465

# ... skipped ...

begin authenticators

sasl_plain:
  driver = cyrus_sasl
  public_name = PLAIN
  server_set_id = $auth1

sasl_login:
  driver = cyrus_sasl
  public_name = LOGIN
  server_set_id = $auth1

sasl_cram_md5:
  driver = cyrus_sasl
  public_name = CRAM-MD5
  server_set_id = $auth1

Restart exim:

# service exim restart

 

Comments