On Mon, 24 May 2010 16:43:18 -0400, Victor Duchovni <victor.ducho...@morganstanley.com> wrote: > On Mon, May 24, 2010 at 09:18:44PM +0200, Julien Vehent wrote: > >> === case 2: authentification succeeds =================================== >> >> Same authz-regex in slapd, same smtpclient command, I just removed the >> smtpd_sasl_local_domain value: >> >> ---- >> # postconf |grep "smtpd_sasl" >> smtpd_sasl_auth_enable = yes >> smtpd_sasl_authenticated_header = yes >> smtpd_sasl_exceptions_networks = >> smtpd_sasl_local_domain = >> smtpd_sasl_path = smtpd >> smtpd_sasl_security_options = noanonymous >> smtpd_sasl_tls_security_options = $smtpd_sasl_security_options >> smtpd_sasl_type = cyrus >> ---- >> >> Authentication works: >> > > This is the correct configuration for you. Your SASL<->LDAP integration > requires "realm-less" security principals. > > Now change any passwords used during testing, and especially those where > the SASL raw debug data was posted to this list. After that, you're all > set.
Excellent, thanks a lot for you help. I think I understood everything here, which is pretty satisfying. I'm still not too sure about this smtpd_sasl_local_domain and how/when it should be used, but I will just ignore it for now. I wrote my configuration down here http://wiki.linuxwall.info/doku.php/en:ressources:dossiers:postfix:sasl_ldapdb And, of course, I changed all the passwords :) Julien
