Il vous faut:
Votre main.cf devrait ressembler à ça:
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no append_dot_mydomain = no myhostname = box.domaine.org alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = domaine.org, box.domaine.org, localhost.localdomain, localhost relayhost = relay_domains = mynetworks = 127.0.0.0/8 mailbox_command = procmail -a "$EXTENSION" mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all smtpd_sasl_auth_enable = yes broken_sasl_auth_clients = yes smtpd_sasl_local_domain = box.domaine.org smtpd_sasl_security_options = noanonymous smtpd_sender_restrictions = permit_sasl_authenticated unknown_local_recipient_reject_code = 450 smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_use_tls = yes smtpd_tls_cert_file = /etc/postfix/smtpd.cert smtpd_tls_key_file = /etc/postfix/smtpd.key
Maintenant on fait un lien symbolique entre /usr/lib/sasl2/smtpd.conf et /etc/postfix/sasl/smtpd.conf:
ln -s /usr/lib/sasl2/smtpd.conf /etc/postfix/sasl/smtpd.conf
On édite l'un des deux:
pwcheck_method: saslauthd mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5 saslauthd_path: /var/run/saslauthd/mux
Comme socket pour saslauthd nous spécifions /var/run/saslauthd/mux mais en vrai, postfix lira le socket /var/spool/postfix/var/run/saslauthd/mux car sous debian postfix tourne dans un chroot.
Maintenant, voyons /etc/default/saslauthd pour la conf de base:
START=yes MECHANISMS="ldap" MECH_OPTIONS="" THREADS=5 # la on donne le vrai path du socket OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"
Configuration de saslauthd pour le ldap dans /etc/saslauthd.conf:
ldap_servers: ldap://127.0.0.1 ldap_bind_dn: cn=proxyuser,dc=domaine,dc=org ldap_bind_pw: proxy ldap_version: 3 ldap_filter: uid=%u ldap_scope: sub ldap_search_base: ou=People,dc=domaine,dc=org
Maintenant, on relance tout:
/etc/init.d/postfix reload /etc/init.d/saslauthd restart
On teste, et c'est beau.