Authentication backend choice

ychaouche

Valued Member
Hi !

I am setting up a mail server for the first time. Postfix as MTA, courier as MDA, cyrus as a password verification service (SASL). My question is with cyrus. Cyrus an store the user/password pair in a variety of ways, and the most simple way seems to be sasldb2, because no database setup is required on my part, the software takes care of it itself. The problem with this backend is that it stores the passwords in clear text, unencrypted. This means that if someone has access to my server he can get a copy of that file and get all the passwords. If they were encrypted he would have hard times decifering them.

So my question is : is there a simple enough setup to store the login/password pair or do I really have to go the mysql route as everyone else ?

Context : postfix in virtual domain setup with virtual mailboxes.
 

popowich

EQ Forum Admin
Staff member
I'm going to link these discussions together since they'll likely stay related to each other - The benefits of using mysql as a backend

Yes, I'd go the MySQL route. Something else I forgot to mention is that depending on the size of the mail server, it might be useful to use a virtual domain manager such as vpopmail that supports postfix. The link is broken, maybe support was dropped.

If it's not too late, I like the qmail + vpopmail combination for medium size email hosting that's going to be bigger than a single server with a couple domains.

I haven't used it, but as is this might be a good match for your server - Postfix Admin - Web based administration interface
 

Similar threads

Top