Postfix where do I configure the SASL authentication methods?

OS type and version Ubuntu Linux 22.04.4
Webmin version 2.111
Usermin version 2.010
Virtualmin version 7.10.0
Theme version 21.10
Package updates 27 package updates are available

I cannot find where the SASL Authentication methods are defined like the are in dovecot:


I have

  • looked at postconf -d to see if I could see any information there which did not help me
  • tried finding the Cyrus SASL Authentication server config files, but I did not find anything of use
  • The only SASL settings I could find are in:
    Webmin --> Servers --> Postfix Mail Server --> SMTP Authentication And Encryption

Have I missed a setting in postfix somewhere or is this option missing?

Some pointers would be helpful.


Just learn the subject, once you have everything will make total sense. However with mail related topics there is a long learning curve. So i would trust virtualmins choices until you work out what works for you

You do not, unless you’re implementing a whole new mail stack on your own with users Virtualmin isn’t managing.

Virtualmin sets up system users for all types of users, which means you can only use plain; there’s no overlap between the encrypted methods mail can use and the encrypted methods Linux can use (at least in a simple way with hashed passwords in shadow). Virtualmin also sets up TLS, so they’ll be encrypted in transit assuming all your clients support TLS.

Does this mean the Cyrus SASL Authentication server is pointless? plaintext and login are part of Postfix without the need of Cyrus.

You sure about that? I don’t know for sure it hasn’t been added, but the last time I looked at the postfix docs for authenticating users, it was about using Cyrus saslauthd. If that isn’t the case, you’ll need to link me to the specific docs proving otherwise.

Yeah, I don’t see any evidence for that being implemented in Postfix.

Explicitly says, “Postfix does not implement SASL itself, but instead uses existing implementations as building blocks. This means that some SASL-related configuration files will belong to Postfix, while other configuration files belong to the specific SASL implementation that Postfix will use. This document covers both the Postfix and non-Postfix configuration.”

And: “Currently the Postfix SMTP server supports the Cyrus SASL and Dovecot SASL implementations.”

So, I think you’re looking at some other thing (maybe Postfix authenticating to other servers, acting as a client).

I feel some more study time for me is going to get scheduled. :smile:

Thanks for the clarification.

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.