Configure Postfix to Authenticate with Courier and SASLauthd

Tags: - u b u n t u

Once upon a time I had Postfix configured to authenticate incoming SMTP connections with Courier’s authdaemond. Then I moved servers, it stopped working, and I never was able to figure out why it failed due to a rather generic error message. I worked through my options and arrived at the following:

  • Postfix authenticates with saslauthd
  • saslauthd authenticates with Courier’s IMAP server
  • Courier’s IMAP server authenticates with Postgresql

Courier and most of Postfix were configured a long time ago, so I’m going to focus on the changes I made this evening while they are fresh.

Configure saslauthd

Open /etc/default/saslauthd and change the following:

  • START=yes
  • MECHANISMS=”rimap”
  • MECH_OPTIONS=”localhost -r”

That last option tells it to connect to the IMAP server running on localhost and pass in the realm (domain) of the user. You will most likely need that -r option if you are hosting multiple domains.

Now start saslauthd: /etc/init.d/saslauthd start

Configure smtpd.conf

  • pwcheck_method: saslauthd
  • mech_list: PLAIN LOGIN

Restart postfix: /etc/init.d/postfix restart

Postfix now authenticates against my IMAP server, and I can forget that I wrote this until the next time I execute a server migration.