[Postfix] sasl_passwd.db password protected

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[Postfix] sasl_passwd.db password protected

kasper4165
Hello all,

I have a problem during configuration of postfix smtp server.
My company policy is to not storage files with any credentials which are not
encrypted on any host. Is there any way to make sasl_passwd.db file
protected with password and at the same time it can be used by postfix?
Maybe there is any other way to do not keep passwords on host and still have
postfix working?

Thanks in advance for any advice!

P.S.
If you are 100% sure that this is impossible fell free to comment.

Have a nice day!
Kasper



--
Sent from: http://postfix.1071664.n5.nabble.com/Postfix-Users-f2.html
Reply | Threaded
Open this post in threaded view
|

Re: [Postfix] sasl_passwd.db password protected

Wietse Venema
kasper4165:

> Hello all,
>
> I have a problem during configuration of postfix smtp server.
> My company policy is to not storage files with any credentials which are not
> encrypted on any host. Is there any way to make sasl_passwd.db file
> protected with password and at the same time it can be used by postfix?
> Maybe there is any other way to do not keep passwords on host and still have
> postfix working?
>
> Thanks in advance for any advice!
>
> P.S.
> If you are 100% sure that this is impossible fell free to comment.

There is no need to store passwords in a file. You can store them
in any Postfix-supported database, including a local server that
answers queries over a UNIX-domain socket that is accessible only
for Postfix (or root).

Otherwise, options are a) unsealing the decryption key after secure
boot and modifying the Postfix master daemon to pass it to Postfix
SMTP client processes; or b) solving a chicken-and-egg problem.

        Wietse