lmtp user lmtp_admins or admins on murder front-end system
Dan White
dwhite at olp.net
Sun Jul 1 17:37:15 EDT 2012
On 06/29/12 18:13 -0700, Stephen Ingram wrote:
>I'm trying to test an lmtp connection from the MTA using lmtptest. I'm
>connecting to a murder frontend system which then lmtpproxy's to the
>backend.
>
>On the frontend system I have:
>
>lmtp_admins: lmtp-kerberos-principal
>
>On the backend system I have:
>
>lmtp_admins: lmtp-kerberos-principal
>
>Every time I try to connect using lmtptest -m GSSAPI
>frontend.system.com I get: badlogin: x.x.x.x GSSAPI SASL(-13):
>authentication failure: only admins may authenticate.
>
>When I switch the frontend configuration to:
>
>admins: lmtp-kerberos-principal
>
>everything works. I'm trying to limit admin access as much as
>possible. While the backend is still protected, the proxy is not. Is
>this possible to do or is it not a concern any way since it's only a
>frontend proxy?
Verify that the service name listed in /etc/cyrus.conf is 'lmtp'. If not,
you'll need to adjust 'lmtp_admins' to match.
--
Dan White
More information about the Info-cyrus
mailing list