Sponsoring a canon_user plugin for LDAP lookup
Torsten Schlabach
tschlabach at gmx.net
Fri Jan 12 08:04:46 EST 2007
Hi Patrick,
> you can build it yourself anyway.
If I knew how to do it / had time, why would I ask if someone is
interested in this?
> The problem is on the SMTP.
No, it isn't. It's SMTP's job when a mail comes in to do the LDAP lookup
to find the mailbox ID to deliver the mail to. That's just working fine
and is not what I am asking for.
What I am talking about is the IMAP *user* that want's to login to her
mailbox. For the sake of this discussion, using a service like
http://www.mail2web.com/. The MUA to *read* mail in the *mailbox* is
talking to the IMAP daemon. No SMTP involved there.
Regards,
Torsten
Patrick T. Tsang schrieb:
>
> I would like to tell you that we are already working with email as login
> name without so-called plugin for very long time.
> The problem is on the SMTP.
>
> you can build it yourself anyway.
>
> Regards
> Patrick
>
>
>
> ----- Original Message ----- From: "Torsten Schlabach" <tschlabach at gmx.net>
> To: <cyrus-sasl at lists.andrew.cmu.edu>
> Sent: Thursday, January 11, 2007 6:55 PM
> Subject: Sponsoring a canon_user plugin for LDAP lookup
>
>
>> Hi!
>>
>> We are in needed of a canon_user plugin.
>>
>> The scope is quite simple:
>>
>> We use technical IDs for mailbox names in Cyrus IMAPd. Our mailboxes
>> are called mb00001, mb00002, mb00003, ... You get the concept. In our
>> MTA we have defined aliases for the actual email addresses that point
>> to a mailbox, so each user can have multiple email addresses connected
>> to a single mailbox, for example:
>>
>> info at domain.com -> mb000002
>> john.doe at domain.de -> mb000002
>> john.doe at another.de -> mb000002
>> someome at else.net -> mb000816
>>
>> This is handles by the MTA (Exim) querying LDAP for object like this one:
>>
>> dn: mailAlias=someone,ou=...
>> dc: else.com
>> mailAlias: someone
>> objectClass: mailAlias
>> objectClass: mailDomain
>> objectClass: top
>> mailAliasedName: mb000816
>>
>> We've also configured Cyrus IMAPd to query LDAP via the SASL layer
>> where we store user objects, such as:
>>
>> dn: uid=mb000816,ou=.....
>> uid: mb000816
>> objectClass: account
>> objectClass: simpleSecurityObject
>> objectClass: top
>> userPassword: xxxxxxx
>>
>> Now users would like to be able to use one of their email addresses to
>> login, rather than having to remember their mbXXXXXX id.
>>
>> I understand that this is what a canon_user plugin would be suitable
>> for, so it would just take the user's input of a username (in this
>> case someone at else.com), do a lookup for a mailAlias object in LDAP
>> which has dc={domain part of email address} and mailAlias={local part
>> of email address} and return the mailAliasedName attribute, which id
>> the Cyrus IMAPd mailbox id.
>>
>> From looking at a sample I would guess that this will be 100 lines of
>> code or less. But we don't have any experienced C programmer and as
>> this is meant for production use, I would appreciate this done by
>> someone who knows that he doing. And it would be great if this had a
>> chance to become part of the codebase.
>>
>> So as nobody obviously felt the need for that before, we're thinking
>> of paying someone to do it and donate the code. As I think this is a
>> quite limited scope, we'd be hoping this could be done for a lower
>> 3-digit USD figure?
>>
>> Anyone intersted?
>>
>> Regards,
>> Torsten
>>
More information about the Cyrus-sasl
mailing list