Subject: Re: sasl and --disable-login
To: Johnny C. Lam <>
From: Andrew Brown <>
List: tech-pkg
Date: 03/19/2003 14:11:55
>> Also from what I remember about Cyrus SASL, there is no global
>> configuration file to specify which authentication mechanisms are allowed
>> or disallowed; it's merely a matter of which plugins are available in
>> ${PREFIX}/lib/sasl.  I think we can just build the LOGIN plugin separately
>> from the rest of Cyrus SASL in another package, e.g. cy-login or
>> cyrus-sasl-login, so that normal users of SASL aren't hobbled by a bad
>> authentication mechanism while users that need it can just install a
>> separate package for the extra functionality.
>I've created a new set of packages for cyrus-sasl and cy-login.  They may
>be found at:
>Simply move the old cyrus-sasl package out of the way, and extract
>sasl.tar.gz from within pkgsrc/security.  If you already have cyrus-sasl
>installed, then you can simply run "make install" in security/cy-login.
>I think this should provide the LOGIN authentication mechanism for use by
>Cyrus SASL-aware applications, but I don't know how to test this.  Testers
>are welcome to try this out and to provide feedback on whether this works,
>and also any other steps that were necessary to get this completely

works fine for me.  the LOGIN and PLAIN methods just showed up.  once
i removed noplaintext from smtpd_sasl_security_options in my
/usr/pkg/etc/postfix/ file, of course.  :)

thanks much!

|-----< "CODE WARRIOR" >-----|             * "ah!  i see you have the internet (Andrew Brown)                that goes *ping*!"       * "information is power -- share the wealth."