Subject: Re: My thoughts on SASL.
From: Joe Rhett (jrhett at isite dot net)
Date: Mon Apr 07 2003 - 16:17:42 EDT
There isn't a lot of developer assistance on this list for the
well-documentation problems, but the documentation at this point is pretty
much together. It's just very obtuse, in that it's not easy to realize
just how significant a given statement is.
If you can resubmit your questions with details about the configuration,
I'll try and help.
Biggest, most important question -- you have set up logging and you are
reading that, right?
On Sat, Apr 05, 2003 at 12:44:45PM -0700, Dan Vande More wrote:
> To whom it may concern:
> I signed up on this list a few days ago.
> Since then, I've asked a few questions, had some helpful responses, but
> I've come to the conclusion that very very few people really know how to
> get this software working. My nickname for SASL is "widowmaker". If you
> have any issues with pride, or tend to become obsessive compulsive, this
> software is not for you. You will spend more time on this than your
> friend spend on everquest.
> I tried to get this working on RH6.2 and 7.3.
> I ended up using OpenBSD, and it seemed to give me to best results.
> Almost certainly because I just pkg_add'd the SASL 1.5.27p1 package
> (Which would compile from source, but give me no authentication mechs no
> matter how hard I tried.)
> When I pkg_add'd, I compiled (postfix) with arguments for the installed
> SASL, and the pkg came with everything I needed.
> I used a perl pwcheck daemon I found at groups.google.com (Usenet), and
> modified it to my liking.
> It's made for mysql, but you can authenticate against almost anything
> you want with perl.
> I've come to the conclusion that it was NOT postfix causing me the
> problems, rather SASL's under documented approach at software.
> Don't get me wrong, I've documented my steps, and I would help document
> SASL, but know very little about C.
> I believe the guys and gals at CMU should set up an area where people
> have actually working sasl implementations, along with distros and steps
> If you need me to document the stuff, send it my way please! I'll set it
> up on a website or three, and submit it to google.
> The only thing I want is documented SASL installs. Please no howtos on
> mandrake and secure Imap.
> I'll setup my own forums, whatever. Noone else seems to want to help
> this project on that level...
> It is my opinion that the project has so much entropy on the
> organization level, that very little can be done to save it now.
> To the developers-Please don't take this personally. I've tried to post
> here what actually works for me with hopefully a little constructive
> criticism and an offer to help the best that I know how.
> -----Original Message-----
> From: Derek Ragona [mailto:derek at computinginnovations dot com]
> Sent: Saturday, April 05, 2003 11:35 AM
> To: cyrus-sasl at lists dot andrew dot cmu dot edu
> Subject: saslauthd documentation
> I am having trouble using saslauthd with FreeBSD. I have SASL2 2.1.7.
> The man page for saslauthd looks messed up and missing information.
> I am having trouble using saslauthd with Sendmail 8.12.9 to do SMTP
> AUTH. I keep getting authentication errors.
> The daemon is running as:
> /usr/local/sbin/saslauthd -a pam
> I am wondering if I need to do any setup for pam to work with the
> saslauthd? Is there some option to turn on logging that may show why
> authentication is failing?
> derek at computinginnovations dot com
-- Joe Rhett Chief Geek JRhett at ISite dot Net ISite Services, Inc.