Saslauthd

From Free Knowledge Base- The DUCK Project: information for everyone
Revision as of 10:50, 7 February 2014 by Admin (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

SASL (Simple Authentication and Security Layer) is a framework for authentication and data security in Internet protocols. To use the SASL specification, a protocol includes a command for identifying and authenticating a user to a server and for optionally negotiating a security layer for subsequent protocol interactions. The command has a required argument identifying a SASL mechanism.

Postfix SASL

SMTP servers need to decide whether an SMTP client is authorized to send mail to a remote host, which are email accounts not on the local server itself. Postfix supports SASL authentication so that a remote SMTP client can authenticate to the Postfix SMTP server, and the Postfix SMTP client can authenticate to a remote SMTP server.

The goal is to allow users to log in to the local mail server so they can send emails. Users will use teh same username and password as the one they will be using for checking email.

The Postfix SMTP server is linked with the Cyrus SASL library libsasl allowing communication between Postfix and Cyrus SASL to take place by calling functions in the SASL library. The SASL library may use an external password verification service, or an internal plugin to connect to authentication backends and verify the SMTP client's authentication data against the system password file or other databases, such as mysql. Communication between the Postfix SMTP server and the saslauthd server takes place over a UNIX-domain socket.