I used the following procedure to support SMTP Auth on a CentOS5 machine.
Created a name in my DNS to use for the outgoing mail server on remote mail clients. This will allow me to easilly migrate the service to another server or IP address.
Made the following modifications my /etc/postfix/mail.cf. This configures postfix to support SMTP Auth.
vi /etc/postfix/main.cf
…
# JGZ 4/16/2008 – Begin – To enable SMTP Auth using dovecot (IMAP) authentication.
# Enable SASL Authentication
smtpd_sasl_auth_enable = yes
# Report Authenticated Username In Headers
smtpd_sasl_authenticated_header = yes
# Set Path for SASL Auth (this references the smtpd.conf file created earlier)
smtpd_sasl_path = smtpd
# Support Broken Microsoft Clients
broken_sasl_auth_clients = yes
# Enable on authenticated user to send
smtpd_recipient_restrictions = permit_sasl_authenticated, reject_unauth_destination
# JGZ 4/16/2008 – End – To enable SMTP Auth using dovecot (IMAP) authentication.
…
Reload postfix to implement the changes:
postfix reload
Made a backup copy of my /etc/sysconfig/saslauthd:
cp -p /etc/sysconfig/saslauthd /etc/sysconfig/saslauthd.orig
Modify /etc/sysconfig/saslauthd to support IMAP authentication and specify the remote IMAP server. Note: you can use a name or IP address. Furthermore, you can use 127.0.0.1 is running the IMAP server on the same machine. I used a name to better accommodate changes I might need to make.
vi /etc/sysconfig/saslauthd
…
# JGZ 4/16/2008 – to authenicate via IMAP server
MECH=”rimap”
…
# JGZ 4/16/2008 – To send authentication request to remote server.
#FLAGS=
FLAGS=”-O imap.server.name”
…
Start saslauthd.
service saslauthd start
Configure saslauthd to start at boot up via ntsysv.
This works well. It is very simple. While the IMAP password is transmitted twice to send and receive mail, the password is encrypted.