posting to shared mailboxes

Ken Murchison ken at oceana.com
Mon Sep 23 19:27:38 EDT 2002 

Quoting Matt Vanderveer <mattv at boxerlearning.com>:

> On Thu, 2002-09-12 at 15:34, Ken Murchison wrote:
> > Matt Vanderveer wrote:
> > > 
> > > Hi,
> > > 
> > > I'm running postfix-1.1.11-20020822, cyrus-imapd-2.1.8 and
> > > cyrus-sasl-2.1.7 with authentication from an NT domain via PAM.  I have
> > > alternate name space turned on.  I'm trying to set up shared mailboxes
> > > that everyone can read but only certain users can post to.  For
> example,
> > > I have a shared mailbox, announce, that is owned by the system and has
> > > following acl:
> > > anyone lrs
> > > hagbardc lrswip
> > > If user hagbardc sends a message to +announce at foo.com, delivery will
> > > fail with  "550-You do not have permission to post a message to this
> > > mailbox." written to the mail log.  Clearly hagbardc has permission to
> > > post to the box and and posting works if I give "anyone" posting
> > > permissions.  Is posting to shared mailboxes an all or nothing
> > > propostion, or am I just missing something?
> > 
> > AFAIK, hagbardc's ACL will only be used if hagbardc authenticates to
> > lmtpd.
> > 
> > -- 
> > Kenneth Murchison     Oceana Matrix Ltd.
> > Software Engineer     21 Princeton Place
> > 716-662-8973 x26      Orchard Park, NY 14127
> > --PGP Public Key--    http://www.oceana.com/~ken/ksm.pgp
> 
> Hi,
> 
> I'm having problems getting lmtpd authentication working, at least as I
> think I need it to.  Posting directly to the shared box from the users's
> mua works fine.  However for various reasons, I need to let users mail
> to a shared box, not just post from the mua, and still limit who can
> mail to the shared box.  This leads to several questions:
> 
> Am I correct in thinking that my issue is on the Postfix side in getting
> Postfix to pass the smtp-auth info through its lmtp client to cyrus'
> lmtpd?

The auth info in question is the AUTH= keyword to the MAIL FROM command.  So 
you need Postfix to do something like:

MAIL FROM <hagbardc at example.com> AUTH=hagbardc
RCPT TO <+foo at example.com>
DATA
..


I'd have to look at the source to see if lmtpd will allow you to do this over a 
UNIX socket without actually AUTHenticating.

-- 
Kenneth Murchison     Oceana Matrix Ltd.
Software Engineer     21 Princeton Place
716-662-8973 x26      Orchard Park, NY 14127
--PGP Public Key--    http://www.oceana.com/~ken/ksm.pgp

More information about the Info-cyrus mailing list