diff -urNad postfix-2.3.8~/src/xsasl/xsasl_dovecot_server.c postfix-2.3.8/src/xsasl/xsasl_dovecot_server.c
--- postfix-2.3.8~/src/xsasl/xsasl_dovecot_server.c	2007-10-23 16:56:12.000000000 +0000
+++ postfix-2.3.8/src/xsasl/xsasl_dovecot_server.c	2007-10-23 17:47:41.000000000 +0000
@@ -59,6 +59,7 @@
 #include <stringops.h>
 #include <vstream.h>
 #include <vstring_vstream.h>
+#include <myaddrinfo.h>
 
 /* Global library. */
 
@@ -104,6 +105,7 @@
     char   *service;
     char   *username;			/* authenticated user */
     VSTRING *sasl_line;
+    VSTREAM *stream;
 } XSASL_DOVECOT_SERVER;
 
  /*
@@ -255,7 +257,7 @@
 /* xsasl_dovecot_server_create - create server instance */
 
 static XSASL_SERVER *xsasl_dovecot_server_create(XSASL_SERVER_IMPL *impl,
-					             VSTREAM *unused_stream,
+					             VSTREAM *stream,
 						         const char *service,
 						         const char *realm,
 				               const char *unused_sec_props)
@@ -282,6 +284,7 @@
     server->sasl_line = vstring_alloc(256);
     server->username = 0;
     server->service = mystrdup(service);
+    server->stream = stream;
     server->last_request_id = 0;
 
     return (&server->xsasl);
@@ -424,6 +427,44 @@
     return 1;
 }
 
+static int xsasl_dovecot_server_get_local_addr(VSTREAM *stream, MAI_HOSTADDR_STR *lip) {
+    int ret = 0;
+    int err = 0;
+    struct sockaddr_storage ss;
+    struct sockaddr *sa = (struct sockaddr *) &ss;
+    SOCKADDR_SIZE salen = sizeof(ss);
+
+    if((ret = getsockname(vstream_fileno(stream), sa, &salen)) >= 0) {
+        if((err = sockaddr_to_hostaddr(sa, salen, lip, 0, 0)) != 0) {
+            msg_info("sockaddr_to_hostaddr: %s",
+                    err == EAI_SYSTEM ? strerror(errno) : gai_strerror(err));
+            return (-1);
+        }
+        return (0);
+    } else
+        lip->buf[0] = '\0';
+    return (-1);
+}
+
+static int xsasl_dovecot_server_get_remote_addr(VSTREAM *stream, MAI_HOSTADDR_STR *rip) {
+    int ret = 0;
+    int err = 0;
+    struct sockaddr_storage ss;
+    struct sockaddr *sa = (struct sockaddr *) &ss;
+    SOCKADDR_SIZE salen = sizeof(ss);
+
+    if((ret = getpeername(vstream_fileno(stream), sa, &salen)) >= 0) {
+        if((err = sockaddr_to_hostaddr(sa, salen, rip, 0, 0)) != 0) {
+            msg_info("sockaddr_to_hostaddr: %s",
+                    err == EAI_SYSTEM ? strerror(errno) : gai_strerror(err));
+            return (-1);
+        }
+        return (0);
+    } else
+        rip->buf[0] = '\0';
+    return (-1);
+}
+
 /* xsasl_dovecot_server_first - per-session authentication */
 
 int     xsasl_dovecot_server_first(XSASL_SERVER *xp, const char *sasl_method,
@@ -432,6 +473,9 @@
     const char *myname = "xsasl_dovecot_server_first";
     XSASL_DOVECOT_SERVER *server = (XSASL_DOVECOT_SERVER *) xp;
     int     i;
+    /* local, remote ip attributes */
+    MAI_HOSTADDR_STR lip;
+    MAI_HOSTADDR_STR rip;
 
 #define IFELSE(e1,e2,e3) ((e1) ? (e2) : (e3))
 
@@ -450,12 +494,19 @@
 	    if (xsasl_dovecot_server_connect(server->impl) < 0)
 		return (0);
 	}
+
+    /* Find the endpoints for lip, rip auth-proto attributes */
+    xsasl_dovecot_server_get_local_addr(server->stream, &lip);
+    xsasl_dovecot_server_get_remote_addr(server->stream, &rip);
+
 	/* send the request */
 	server->last_request_id = ++server->impl->request_id_counter;
 	vstream_fprintf(server->impl->sasl_stream,
-			"AUTH\t%u\t%s\tservice=%s",
+			"AUTH\t%u\t%s\tservice=%s\tlip=%s\trip=%s",
 			server->last_request_id, sasl_method,
-			server->service);
+			server->service,
+            lip.buf, rip.buf);
+
 	if (init_response) {
 
 	    /*