deliver vs LMTP for shared folders
Scott Balmos
sbalmos at members.simunex.com
Fri May 13 11:34:29 EDT 2005
Ken Murchison wrote:
> Scott Balmos wrote:
>
>> Hi all,
>>
>> This is probably a bad subject line for the topic, but I can't think
>> of a better one. I've always heard, between here and on the Postfix
>> list, that delivering directly via LMTP to Cyrus is better than using
>> the deliver wrapper program. I was curious how much of a performance
>> hit there is by using deliver rather than LMTP directly? There's a
>> method to my madness.
>
>
> I can't give you any quantitative number, but its just an extra,
> needless process.
>
>> Anyway... The main problem is that I have found no way to get Postfix
>> to authenticate as an arbitary user over LMTP (e.g. to pull the
>> username from the user+folder address). I can set the Postfix LMTP
>> client to authenticate with SASL... But then Postfix requires a SASL
>> password map, which is impossible because the user account passwords
>> are not stored anywhere in cleartext.
>
>
> Keep in mind that deliver is just a simple LMTP client, so anything
> that it does, *should* be possible in any MTA. An admin can always
> proxy as another user as long as you use a SASL mechanism which
> supports it (PLAIN, DIGEST-MD5). But, in deliver's case its using the
> optional AUTH=<authuser> keyword with the MAIL FROM command. At least
> one of these methods should be supported by Postfix.
>
Should and does are not always the same, unfortunately. :) I think this
is one area where Postfix maintains its mutual distrust of itself (its
other component programs) in the name of security. From the LMTP client
protocol code in Postfix:
/*
* We authenticate the local MTA only, but not the sender.
*/
#ifdef USE_SASL_AUTH
if (var_lmtp_sasl_enable
&& (state->features & LMTP_FEATURE_AUTH)
&& state->sasl_passwd)
vstring_strcat(next_command, " AUTH=<>");
#endif
next_state = LMTP_STATE_RCPT;
break;
So using AUTH=<blah> is out of the question, not to mention the fact
that (as given by the state->sasl_passwd attribute check) Postfix
expects to need to log in successfully before even thinking about
putting in AUTH=<>. And as far as I can tell in the LMTP SASL code,
Postfix has support for authentication, but not authorization.
Whereabouts in the SASL docs, RFC, or whatever does it describe how to
specify the authorization name in an LMTP (or SMTP for that matter) AUTH
login conversation? If I'm reading the source code to deliver correctly,
it uses the AUTH=<> keyword regardless, so I'm guessing that keyword is
always available no matter whether or not you authenticate with SASL
during the LMTP conversation startup.
Like I said in the original message, I don't think this is an area that
Postfix will budge on. :/ I'll see what they say after I get more
information. But I seem to vaguely remember a conversation a year or so
ago (I'll have to check the archives) about this, with
less-than-positive results.
Thanks Ken & all for any more info.
--Scott
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list