Why are only admins allowed to AUTH to lmtpd?
Voutsinas Nikos
nvoutsin at noc.uoa.gr
Sat Jan 4 09:25:13 EST 2003
Voutsinas Nikos wrote:
> :)
>
> I always thought that what was mentioned is not primary a cyrus issue,
> but given the opportunity from Kevin's idea here is an extension
>
> What Kevin said is also possible with sendmail. (MTA passes the authid
> of the sender to the lmtpd). In 8.12.2 this was under _FFR code, I dont
> know the current status. (Hey sendmail we are you ??). Actually this
> concept is applicable when the MTA plays the role of an MSA, where each
> intranet user is "forced" to follow the SMTP authentication procedure.
>
>
> non-local user local/authenticated user
> or
> other MTA |
> | |
> | |
> < <
> MTA MSA
> | |
> | |
> < <
> -------------------------- MAIL FROM:<lala _ at _ noc.edunet.gr>
> | AUTH=nvoutsin
> | or
> < AUTH=nvoutsin at realm
> lmtpd
>
> MSA:intranet users should declare the MSA server in thier
> clients as outgoing mail server. The MSA server according to
> RFC(???)(can't remember...) accepts user's submissions if and only
> if user is succefully authenticated (in ldap :) ). Sendmail passes the
> authid (auth author or authen... ) to lmtpd as parameter on the mail
> from: command.
>
> MTA: This is nothing else than the MX server.
>
> Notes:
> 1) LMTP connections on the lmtpd are only allowed from the MSA, and MTA
> 2) MTA rejects each mail/connection if : a)the mail from:<> command
> contains one of the localmail domains b) originated from the local
> address space
b) NOT originated from the local address space
More information about the Info-cyrus
mailing list