AUTH is the mechanism that allows client email programs to relay their outgoing SMTP data through this server with username/password authentication, thus preventing having to hardcode IP addresses in your mail config, and allowing mobile/roaming users with changing IP addresses to relay.

• Get and build cyrus-sasl2 per readme/faq. On FreeBSD simply:

  ] cd /usr/ports/security/cyrus-sasl2
  ] make
  

If you get the following:


brix# make
Dependency warning: used OpenSSL version contains known vulnerabilities
Please update or define either WITH_OPENSSL_BASE or WITH_OPENSSL_PORT
*** Error code 1

Stop in /usr/ports/security/cyrus-sasl2.

this means you have both the "base" version of OpenSSL installed (came with FreeBSD distribution) and a (presumedly newer) "Port" version. You will want to do the following (as superuser) in order to clear up this confusion:

• cd /usr/bin
• mv openssl openssl.base
• ln -s /usr/local/bin/ openssl
This will remove the ambiguity.
• As superuser, install cyrus-sasl2 per readme/faq.

  ] make install
  

• If you want to authenticate your user by /etc/passwd, PAM or LDAP, you'll need to install 'cyrus-sasl2-saslauthd':
  • cd /usr/ports/security/cyrus-sasl2-saslauthd
  • make (need not be done as superuser)
  • make install
  • cd /usr/ports/mail/cyrus-imapd2
  • make (need not be done as superuser)
  • make install

You can use sasldb2 for authentication, to add users use:

        saslpasswd2 -c username

If you want to enable SMTP AUTH with the system Sendmail, read
Sendmail.README

NOTE: This port has been compiled with a default pwcheck_method of
      auxprop.  If you want to authenticate your user by /etc/passwd,
      PAM or LDAP, install ports/security/cyrus-sasl2-saslauthd and
      set sasl_pwcheck_method to saslauthd after installing the
      Cyrus-IMAPd 2.X port.  You should also check the
      /usr/local/lib/sasl2/*.conf files for the correct
      pwcheck_method.