Re: Problem using non-plain SASL + Postfix + LDAP

From: Igor Brezac (igor at ipass dot net)
Date: Thu Jun 24 2004 - 12:22:31 EDT

  • Next message: Andrew Brink: "saslauthd + ldap woes"

    On Thu, 24 Jun 2004 Ali dot Naddaf at trilogy dot com wrote:

    > Hello everyone.
    >
    > I have installed postfix, and am using LDAP for various lookups. I also
    > want to let smtp relay for remote users and am trying to set up Cyrus-SASL
    > for that (to authenticate against my LDAP directory). Following the
    > instructions, I have been able to authenticate in plain mode but have had
    > no success with other methods such as DIGEST,CRAM, ...

    You cannot use secret based mechanisms with saslauthd. If you want to
    stick with ldap, you need to use ldapdb auxprop plugin which does not come
    with the cyrus-sasl distro. I developed a full patch if you are
    interested: https://bugzilla.andrew.cmu.edu/show_bug.cgi?id=2406

    >
    > To see what is going on, I started saslauthd with "-d". When I am using
    > the PLAIN method, I see some debug info on the console that I started the
    > daemon, but when I change the encryption method in my MUA, I don't see any
    > debug info, as if SASL is not even contacted. Here is some more info:
    >
    > -------------------------------------------------------------
    >
    > telnet naddaf.net 25
    > 220 florence.naddaf.net ESMTP Postfix (2.0.19-20040312)
    > ehlo naddaf.net
    > 250-florence.naddaf.net
    > 250-PIPELINING
    > 250-SIZE 10240000
    > 250-VRFY
    > 250-ETRN
    > 250-AUTH CRAM-MD5 DIGEST-MD5 PLAIN OTP
    > 250-AUTH=CRAM-MD5 DIGEST-MD5 PLAIN OTP

    I suppose this can be considered a bug (to advertise mechs which cannot be
    used).

    -- 
    Igor
    

  • Next message: Andrew Brink: "saslauthd + ldap woes"





    Hosted Email Solutions

    Invaluement Anti-Spam DNSBLs



    Powered By FreeBSD   Powered By FreeBSD