Postfix smtp auth, using SASL to look at dbmail in mysql. Using FreeBSD 5.2.1, dbmail 2.0.4, cyrus sasl-2.1.20, mysql 4.0.16 (ports), Postfix 2.0.16 (ports). This was a giant pain. It does, however, finally, work now. TLS was already working at the time I needed to add smtp auth, so that is not included here now. I have no clue if this will work for anyone else and I don't claim that it will, I just hope that it will help the next poor soul who hunts around for how to do this. Most of the other examples I saw used saslauthd and pam to get to mysql, which seems like an unnecessary step. Configure sasl2 - I ended up grabbing the latest by itself, though I'm sure if you'd just tell ports to compile in mysql support it would be fine. (Its default setup had the sql plugin compiled static, not shared, and static was disabled and not loading. So I compiled static.) % ./configure --enable-static=yes --enable-shared=yes --enable-sql=yes \ --with-mysql=/usr/local --enable-login make, make install, the usual. Link /usr/local/lib/sasl2 to /usr/lib/sasl2. Create this file with appropriate username/password/database, possibly table name if your dbmail is the 1.0 schema. --- /usr/lib/sasl2/smtpd.conf sasl_pwcheck_method: auxprop sasl_auxprop_plugin: sql sasl_sql_engine: mysql sasl_mech_list: PLAIN sasl_sql_hostnames: localhost sql_user: USER sql_passwd: PASS sql_database: dbmail sql_verbose: yes sql_select: SELECT passwd FROM dbmail_users WHERE userid = '%u' --- Recompile postfix to link against your current sasl, ports did so just fine for me. Then add this to your main.cf, take out what you don't want, but at least one of the reject lines needs to stay, so says the postfix documentation. --- postfix's main.cf smtpd_sasl_auth_enable = yes smtpd_sasl_application_name = smtpd smtpd_recipient_restrictions = reject_unauth_pipelining reject_non_fqdn_recipient reject_unknown_recipient_domain permit_mynetworks permit_sasl_authenticated reject_unauth_destination permit --- Restart. It might just work. Candice Quates 04/20/05