LDAP Authentication for Postfix Saslauthd

August 24th, 2009

Awhile back I pondered the idea of having multiple distributed, replicated, isolated outgoing smtp servers. My idea was to use the following packages:

  • Postfix for sending the mail
  • Saslauthd for authentication senders
  • Dovecot for providing the authentication mechanisms for saslauthd

I tested it out and it worked, but I never got around to implementing it.

Today I tried setting up the same solution with LDAP as the authentication mechanism for saslauthd and it worked great! Its nice to have options. Here are some links to my notes on the subject:

Its great that LDAP and SASL can communicate using TLS. Currently and for some time I've used the "remote imap" server authentication capability of saslauthd. That has worked really well, but I'm wary to distribute a setup like this over too wide a scope unless the authentication connections are encrypted. I am not sure if the rimap connection can be done over tls / ssl, but I know for a fact that LDAP connections can be done securely.

Yearly Indexes: 2003 2004 2006 2007 2008 2009 2010 2011 2012 2013 2015 2019 2020 2022