> Hi, > Alexander Dalloz wrote: [ ... ] >> You are mixing things. saslauthd and sasldb are exclusive: either use >> one >> or the other (at least on CentOS). > > ok - I think we're coming closer to the point. > It will certainly be sasldb2, because I have an old machine with SMTP AUTH > users who are contained in /etc/sasldb2 > I want to transfer these users to the new machine without having them to > assign new passwords. > Given the scenario that I copy the old /etc/sasldb2 to the new machine, > how could postfix there authenticate these SMTP AUTH users? That is pretty easy. First you will have to configure Postfix through main.cf: smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = mail.example.com <-- this sets the realm[1] broken_sasl_auth_clients = yes smtpd_sasl_security_options = noanonymous [1] Using saslpasswd2 it is "-u DOM", which is if not specified by default the hostname. For your existing sasldb2 BDB you can use "sasldblistusers2" to list the usernames. At a proper place in smtpd_*_restrictions define "permit_sasl_authenticated". Next you have to make the link between Postfix and Cyrus-SASL in /usr/lib{64}/sasl2/smtpd.conf: pwcheck_method: auxprop auxprop_plugin: sasldb mech_list: login plain cram-md5 digest-md5 <- adjust to your needs You are done. >> On CentOS sasldb can only be used as a plugin by auxprop mechanism. You >> will have to decided for one way to store your credentials. > > see above - the decision is already taken by the fact of the migration. I understand. > Regards > Michael Hope this helps. If questions or trouble remain, feel free to ask. Best regards Alexander