ychaouche
Valued Member
Hi !
I am setting up a mail server for the first time. Postfix as MTA, courier as MDA, cyrus as a password verification service (SASL). My question is with cyrus. Cyrus an store the user/password pair in a variety of ways, and the most simple way seems to be sasldb2, because no database setup is required on my part, the software takes care of it itself. The problem with this backend is that it stores the passwords in clear text, unencrypted. This means that if someone has access to my server he can get a copy of that file and get all the passwords. If they were encrypted he would have hard times decifering them.
So my question is : is there a simple enough setup to store the login/password pair or do I really have to go the mysql route as everyone else ?
Context : postfix in virtual domain setup with virtual mailboxes.
I am setting up a mail server for the first time. Postfix as MTA, courier as MDA, cyrus as a password verification service (SASL). My question is with cyrus. Cyrus an store the user/password pair in a variety of ways, and the most simple way seems to be sasldb2, because no database setup is required on my part, the software takes care of it itself. The problem with this backend is that it stores the passwords in clear text, unencrypted. This means that if someone has access to my server he can get a copy of that file and get all the passwords. If they were encrypted he would have hard times decifering them.
So my question is : is there a simple enough setup to store the login/password pair or do I really have to go the mysql route as everyone else ?
Context : postfix in virtual domain setup with virtual mailboxes.