Tue 16 Dec 2003
Blogs Clogging Google? Does this have to be bad?
Category : Technology/waishi.jp.txt
After solving the Postfix SMTP-AUTH problem, I looked through some of the URLs I had collected - these were links to pages that had mentioned Postfix Enabler. There's one - waishi.jp/~yosimoto - a "Postfix for Mac OS X Users" page in Japanese. If I could read Japanese, I would have saved myself a lot of trouble, because I saw some of the things I had done reflected on the page. The thing is, it's easier to recognise them among the Japanese words, only after I've done much the same thing. What's more, I realised the existence of /usr/lib/sasl2/disabled. That's where Apple stuck the two files I thought were missing from Panther.
Now, I'm also reading a book, "Worldy Goods: A New History of the Renaissance" by Lisa Jardine. Among the things it covered was the idea that much of the explosion of interest in books during the Renaissance - fuelled by the invention of printing - was because people warmed to the idea of immediacy in the information they were getting. Whereas before, books were manually transcribed and lovingly illustrated and therefore took a long time to produce, in the Renaissance the pace of production quickened by several orders of magnitude. People were getting used to seeing commentaries and annotations appear in quick succession. It's the commentaries and the addition of new knowledge that made people keen on buying new books, which of course made books even cheaper. So, that's a nice virtuous cycle.
Now, as I was researching the web for a solution to the problem I was solving over the weekend, it was the mailing lists, discussion groups and weblogs that I was keeping a look out for. Since Panther was out only a month or two ago, the solution I hoped to find has got to be in a newly created page. I don't care if it is in somebody's blog or not, so long as even a "I've done it on Panther" would have been enough to keep me going.
So I was wondering about a complaint I read a few months ago about how Google is being clogged up by people's blogs. As if only publications like Time or Fortune are worthy of being indexed. In the Enlightenment, scientists like Newton kept up with the findings of other researchers via their letters. In our age, the blog will do. I'm quite sure they would have kept blogs, if they lived in our age, and wished for them to be indexed.
SMTP-AUTH on Panther's Postfix
Category : Technology/panthersmtp-auth.txt
I hadn't realised that Panther's built-in Postfix binaries support SMTP-AUTH out-of-the-box, until I got a message from Jeff Bishop about doing an -
otool - L `which Postfix`
which results in -
/usr/sbin/postfix:/System/Library/Frameworks/DirectoryService.framework/Versions/A/DirectoryService (compatibility version 1.0.0, current version 1.0.0)/usr/lib/libssl.0.9.7.dylib (compatibility version 0.9.7, current version 0.9.7)/usr/lib/libsasl184.108.40.206.dylib (compatibility version 3.0.0, current version 1.0.0)/System/Library/Frameworks/Kerberos.framework/Versions/A/Kerberos (compatibility version 5.0.0, current version 5.0.0)/usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 71.0.0)
which clearly shows Postfix linked against libsasl2, which is SASL's "glue" layer. I know that Panther's Postfix works with SSL, so this looked encouraging, by association.
So I looked through an old Jaguar installation that had Postfix's SMTP-AUTH mode enabled and copied over things that I needed, like saslpasswd2, sasldblistusers2 and also the old sasldb2.db file. (I couldn't build anything from the Cyrus SASL download on Panther - I keep getting compile errors that I don't think I'll ever know how to solve - will have to wait for these to be fixed.) Fortunately, the stuff from Jaguar looked like they continued to work in Panther.
At first I couldn't get it to work - puzzling over a system.log entry that says that the system can't find the sasldb plugin - until I realised that two files, libsasldb.2.so and libsasldb.la, were missing in Panther's /usr/lib/sasl2. So I copied them over from Jaguar, restarted Postfix ... and ... everything works!
Actually it was a lot more work than that. I must have tried a million combinations over the weekend when I wasn't feeling sick with flu. (I'm a Chinese of Fujian descent; so it must be the same strain that's coursing thru the Western half of the world right now; just kidding; it's a sick joke.)
Anyway, it's a nice discovery. Will this make it to Postfix Enabler? Implementing SMTP-AUTH via sasldb means having to maintain a separate password database, plus all the extra code needed to handle the user-interface. Instead, I'm trying to see if we can make SMTP authenticate against PAM, and thereby use the built-in OS X users and group password system. That'll be neater. SMTP works over SSL (TLS). So it'll probably be OK to use plain text passwords. Anyway, it's good that at least one way works. I would never have been able to do this with sendmail. Thanks to whoever at Apple was responsible for the decision to go with Postfix.