From 9c6923c9ca67db6ba771b43df957a50d4ffc13d0 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Tue, 15 May 2012 17:47:11 +0200 Subject: wibble --- fripost-docs.org | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) (limited to 'fripost-docs.org') diff --git a/fripost-docs.org b/fripost-docs.org index 3514573..41655b4 100644 --- a/fripost-docs.org +++ b/fripost-docs.org @@ -1247,22 +1247,23 @@ the prefix. TODO: Postfix 2.7 does not support SASL binds. Hence one cannot SASL bind on the socket with the EXTERNAL mechanism, which leads to a flood of warnings "connection_read(XX): no connection!" in the syslog. One can also reproduce the -flood with +warning with ldapsearch -H 'ldapi://%2Fvar%2Fspool%2Fpostfix%2Fvar%2Frun%2Fldapi/' -x -WD 'cn=guilhem,ou=managers,o=mailHosting,dc=fripost,dc=org' -b 'o=mailHosting,dc=fripost.org,dc=org' -instead of +instead of the proper ldapsearch -H 'ldapi://%2Fvar%2Fspool%2Fpostfix%2Fvar%2Frun%2Fldapi/' -Y EXTERNAL -WD 'cn=guilhem,ou=managers,o=mailHosting,dc=fripost,dc=org' -b 'o=mailHosting,dc=fripost.org,dc=org' (The first one performs a simple bind and does not unbind properly, while the second one is safe and performs a SASL bind with the EXTERNAL mechanism.) -TODO: With Postfix 2.8, one could do [Not tested] - bind = sasl - sasl_mechs = EXTERNAL - See also http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=643970 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=660223 http://www.openldap.org/lists/openldap-software/200811/msg00078.html +TODO: In the time being, we stick to simple binds on 127.0.0.1:389, but with +Postfix 2.8, one could do [Not tested] + bind = sasl + sasl_mechs = EXTERNAL + :: /etc/postfix/ldap/ldap_virtual_mailbox_domains.cf -- cgit v1.2.3