Postfix, SASL and LDAPDB: no worthy mech found

Dan White dwhite at
Fri May 21 09:41:17 EDT 2010

On 21/05/10 13:15 +0200, Julien Vehent wrote:
>May 21 12:56:44 samchiel postfix/smtpd[11862]: warning: SASL
>authentication failure: Password verification failed
>May 21 12:56:44 samchiel postfix/smtpd[11862]: warning:
>localhost[]: SASL plain authentication failed: authentication
>May 21 12:56:44 samchiel postfix/smtpd[11862]: > localhost[]: 535
>5.7.8 Error: authentication failed: authentication failure
>And Slapd has this weird message:
>May 21 12:56:44 samchiel slapd[1431]: conn=79 op=2 RESULT tag=120 err=123
>text=not authorized to assume identity
>While the proxy authorization is properly configured in the directory:
># ldapwhoami -Y DIGEST-MD5 -U postfix -H ldap://localhost -R
> -X u:julien
>SASL/DIGEST-MD5 authentication started
>Please enter your password:
>SASL username: u:julien
>SASL SSF: 128
>SASL data security layer installed.
>dn:cn=julien vehent,ou=people,dc=linuxwall,dc=info

What username are you logging in with to Postfix? The '-R'
in your ldapwhoami may not be doing what you expect.

Try using smtptest (which is part of cyrus imap). like:

smtptest -a julien -m digest-md5 localhost

Dan White

More information about the Cyrus-sasl mailing list