Jose Ildefonso Camargo Tolosa wrote: > Hi! > > On Tue, Jul 7, 2009 at 3:16 PM, Victor Duchovni > <victor.ducho...@morganstanley.com > <mailto:victor.ducho...@morganstanley.com>> wrote: > > On Mon, Jul 06, 2009 at 09:36:17PM +0200, Patrick Ben Koetter wrote: > > > * Terry L. Inzauro <tinza...@ha-solutions.net > <mailto:tinza...@ha-solutions.net>>: > > > What is the recommended and most scalable method for > implementing SMTP Auth > > > against OpenLDAP that currently manages all IMAP accounts? > > > > Cyrus SASL ldapdb plugin: > > > > The ldapdb auxprop plugin provides access to credentials stored > in an > > OpenLDAP LDAP server. It is the only plugin that implements proxy > > authorization. > > > > Proxy authorization in this context means: The ldapdb plugin > must SASL > > authenticate with the OpenLDAP server. The server then decides > if the > > ldapdb plugin should be authorized to read the authenticating users > > password. > > > > Once the ldapdb plugin has gone through proxy authorization it > may proceed > > and authenticate the submitted credentials. > > Is there another plugin which authenticates users by binding to LDAP > *as the user*, and using the success/failure of that to decide whether > a user's password is valid? > > This could perhaps also be accomplished via a suitable PAM stack or via > indirect mechanisms such as "rimap" or dovecot auth. > > > I actually use: postfix -- SASL --> dovecot -- PAM --> LDAP > > There is no particular reason why you can't do: > > postfix --> dovecot --> LDAP > > You just need to check dovecot's documentation, I used pam because I was > already using it. > > Ildefonso Camargo > > > > > -- > Viktor. > > Disclaimer: off-list followups get on-list replies or get ignored. > Please do not ignore the "Reply-To" header. > > To unsubscribe from the postfix-users list, visit > http://www.postfix.org/lists.html or click the link below: > <mailto:majord...@postfix.org > <mailto:majord...@postfix.org>?body=unsubscribe%20postfix-users> > > If my response solves your problem, the best way to thank me is to not > send an "it worked, thanks" follow-up. If you must respond, please put > "It worked, thanks" in the "Subject" so I can delete these quickly. > >
can you elaborate a little more on the postfix -> dovecot -> ldap setup? is there a specifc reason why dovecot was used? can courier imap be used?
