Postfix, SASL and LDAPDB: no worthy mech found

Dan White dwhite at
Thu May 20 11:41:30 EDT 2010

On 20/05/10 16:59 +0200, Dieter Kluenter wrote:
>Julien Vehent <julien at> writes:
>> Hello Cyrus folks,
>> I'm trying to make postfix query slapd through ldapdb/sasl (without
>> saslauthd).
>> My systems runs on debian squeeze.
>> I have configured postfix's sasl/smtpd.conf as follow and can see TCP
>> connections going to slapd.
>> ----
>> pwcheck_method: auxprop
>> auxprop_plugin: ldapdb
>> mech_list: DIGEST-MD5 PLAIN LOGIN
>> ldapdb_uri: ldap://localhost
>> ldapdb_id: postfix
>this has to be a DN.

I don't believe that is correct. ldapdb should work with any sasl identity,
either explicitly specified or derived via GSSAPI or EXTERNAL.

Dan White

More information about the Cyrus-sasl mailing list