Authentication backend choice

Discussion in 'Mail Server Support' started by ychaouche, Mar 22, 2016.

  1. ychaouche

    ychaouche New Email

    Mar 22, 2016
    Likes Received:
    Hi !

    I am setting up a mail server for the first time. Postfix as MTA, courier as MDA, cyrus as a password verification service (SASL). My question is with cyrus. Cyrus an store the user/password pair in a variety of ways, and the most simple way seems to be sasldb2, because no database setup is required on my part, the software takes care of it itself. The problem with this backend is that it stores the passwords in clear text, unencrypted. This means that if someone has access to my server he can get a copy of that file and get all the passwords. If they were encrypted he would have hard times decifering them.

    So my question is : is there a simple enough setup to store the login/password pair or do I really have to go the mysql route as everyone else ?

    Context : postfix in virtual domain setup with virtual mailboxes.

  2. popowich

    popowich EQ Forum Admin Staff Member

    Aug 12, 2008
    Likes Received:
    I'm going to link these discussions together since they'll likely stay related to each other - The benefits of using mysql as a backend

    Yes, I'd go the MySQL route. Something else I forgot to mention is that depending on the size of the mail server, it might be useful to use a virtual domain manager such as vpopmail that supports postfix. The link is broken, maybe support was dropped.

    If it's not too late, I like the qmail + vpopmail combination for medium size email hosting that's going to be bigger than a single server with a couple domains.

    I haven't used it, but as is this might be a good match for your server - Postfix Admin - Web based administration interface

Want to reply or ask your own question?

It only takes a minute to sign up (and it's free!). Click the orange sign up button to choose a username and then you can ask your own questions on the forum.