Postfix, SASL and LDAPDB: no worthy mech found

Dieter Kluenter dieter at
Fri May 21 11:12:58 EDT 2010

Am Fri, 21 May 2010 09:02:33 -0500
schrieb Dan White <dwhite at>:

> On 21/05/10 15:52 +0200, Dieter Kluenter wrote:
> >try ldapsearch -x -H ldap://<host> -b "" -s base
> >suppportedSASLMechanisms
> >Mostlikely SASL PLAIN mechanism is not available.
> >Because OpenLDAP only supports PLAIN in a protected network
> >environment, that is either TLS or ldapi
> It's possible Postfix has a similar policy.
> However, he's doing digest-md5 proxy auth to the ldap server.

According to the logs provided, it has been a PLAIN mechanism

May 21 12:56:44 samchiel postfix/smtpd[11862]: warning:
localhost[]: SASL plain authentication failed: authentication


Dieter Klünter | Systemberatung
sip: +49.40.20932173

More information about the Cyrus-sasl mailing list