preauth with lmtpproxyd
Andrew Morgan
morgan at orst.edu
Fri Apr 21 13:29:20 EDT 2006
On Thu, 20 Apr 2006, Andrew Morgan wrote:
> I'm testing out cyrus murder with v2.2.12 and I noticed that lmtpproxyd
> doesn't seem to support the -a (preauth) option that the regular lmtpd does.
>
> On my standalone cyrus system, I use lmtpd -a to accept mail from our campus
> mail relays running postfix, and I use tcpwrappers to block all connections
> except the mail relays.
>
> I attempted to use a similar configuration on my test frontend server
> running lmtpproxyd, but the -a option is not supported.
>
> Am I going about this wrong? Is there a different or better way to accept
> mail over the network using lmtp in a murder?
After playing around with some help from our postfix admin, I came up with
the following working config.
In postfix's main.cf:
lmtp_sasl_auth_enable = yes
lmtp_sasl_password_maps=hash:/etc/postfix/lmtp_passwd
lmtp_sasl_security_options = noanonymous
In /etc/postfix/lmtp_passwd:
cyrus-fe1.onid.oregonstate.edu cyr_lmtp:password
In imapd.conf on the frontend server:
lmtp_admins: cyr_lmtp
proxy_authname: cyr_proxy
In imapd.conf on the backend server:
lmtp_admins: cyr_proxy
proxyservers: cyr_proxy
I'm a little confused that I had to add cyr_proxy to lmtp_admins. The
description of proxyservers seems to imply that I wouldn't. In any case,
it seems to be working now and hopefully this is the correct way to do
lmtp auth in a murder environment. Please let me know if I've done this
wrong. :)
Andy
More information about the Info-cyrus
mailing list