Sponsoring a canon_user plugin for LDAP lookup

Torsten Schlabach tschlabach at gmx.net
Fri Jan 12 08:04:46 EST 2007


Hi Patrick,

 > you can build it yourself anyway.

If I knew how to do it / had time, why would I ask if someone is 
interested in this?

 > The problem is on the SMTP.

No, it isn't. It's SMTP's job when a mail comes in to do the LDAP lookup 
to find the mailbox ID to deliver the mail to. That's just working fine 
and is not what I am asking for.

What I am talking about is the IMAP *user* that want's to login to her 
mailbox. For the sake of this discussion, using a service like 
http://www.mail2web.com/. The MUA to *read* mail in the *mailbox* is 
talking to the IMAP daemon. No SMTP involved there.

Regards,
Torsten

Patrick T. Tsang schrieb:
> 
> I would like to tell you that we are already working with email as login 
> name without so-called plugin for very long time.
> The problem is on the SMTP.
> 
> you can build it yourself anyway.
> 
> Regards
> Patrick
> 
> 
> 
> ----- Original Message ----- From: "Torsten Schlabach" <tschlabach at gmx.net>
> To: <cyrus-sasl at lists.andrew.cmu.edu>
> Sent: Thursday, January 11, 2007 6:55 PM
> Subject: Sponsoring a canon_user plugin for LDAP lookup
> 
> 
>> Hi!
>>
>> We are in needed of a canon_user plugin.
>>
>> The scope is quite simple:
>>
>> We use technical IDs for mailbox names in Cyrus IMAPd. Our mailboxes 
>> are called mb00001, mb00002, mb00003, ... You get the concept. In our 
>> MTA we have defined aliases for the actual email addresses that point 
>> to a mailbox, so each user can have multiple email addresses connected 
>> to a single mailbox, for example:
>>
>> info at domain.com -> mb000002
>> john.doe at domain.de -> mb000002
>> john.doe at another.de -> mb000002
>> someome at else.net -> mb000816
>>
>> This is handles by the MTA (Exim) querying LDAP for object like this one:
>>
>> dn: mailAlias=someone,ou=...
>> dc: else.com
>> mailAlias: someone
>> objectClass: mailAlias
>> objectClass: mailDomain
>> objectClass: top
>> mailAliasedName: mb000816
>>
>> We've also configured Cyrus IMAPd to query LDAP via the SASL layer 
>> where we store user objects, such as:
>>
>> dn: uid=mb000816,ou=.....
>> uid: mb000816
>> objectClass: account
>> objectClass: simpleSecurityObject
>> objectClass: top
>> userPassword: xxxxxxx
>>
>> Now users would like to be able to use one of their email addresses to 
>> login, rather than having to remember their mbXXXXXX id.
>>
>> I understand that this is what a canon_user plugin would be suitable 
>> for, so it would just take the user's input of a username (in this 
>> case someone at else.com), do a lookup for a mailAlias object in LDAP 
>> which has dc={domain part of email address} and mailAlias={local part 
>> of email address} and return the mailAliasedName attribute, which id 
>> the Cyrus IMAPd mailbox id.
>>
>> From looking at a sample I would guess that this will be 100 lines of 
>> code or less. But we don't have any experienced C programmer and as 
>> this is meant for production use, I would appreciate this done by 
>> someone who knows that he doing. And it would be great if this had a 
>> chance to become part of the codebase.
>>
>> So as nobody obviously felt the need for that before, we're thinking 
>> of paying someone to do it and donate the code. As I think this is a 
>> quite limited scope, we'd be hoping this could be done for a lower 
>> 3-digit USD figure?
>>
>> Anyone intersted?
>>
>> Regards,
>> Torsten
>>


More information about the Cyrus-sasl mailing list