Quoting Matt Vanderveer <[EMAIL PROTECTED]>: > On Thu, 2002-09-12 at 15:34, Ken Murchison wrote: > > Matt Vanderveer wrote: > > > > > > Hi, > > > > > > I'm running postfix-1.1.11-20020822, cyrus-imapd-2.1.8 and > > > cyrus-sasl-2.1.7 with authentication from an NT domain via PAM. I have > > > alternate name space turned on. I'm trying to set up shared mailboxes > > > that everyone can read but only certain users can post to. For > example, > > > I have a shared mailbox, announce, that is owned by the system and has > > > following acl: > > > anyone lrs > > > hagbardc lrswip > > > If user hagbardc sends a message to [EMAIL PROTECTED], delivery will > > > fail with "550-You do not have permission to post a message to this > > > mailbox." written to the mail log. Clearly hagbardc has permission to > > > post to the box and and posting works if I give "anyone" posting > > > permissions. Is posting to shared mailboxes an all or nothing > > > propostion, or am I just missing something? > > > > AFAIK, hagbardc's ACL will only be used if hagbardc authenticates to > > lmtpd. > > > > -- > > Kenneth Murchison Oceana Matrix Ltd. > > Software Engineer 21 Princeton Place > > 716-662-8973 x26 Orchard Park, NY 14127 > > --PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp > > Hi, > > I'm having problems getting lmtpd authentication working, at least as I > think I need it to. Posting directly to the shared box from the users's > mua works fine. However for various reasons, I need to let users mail > to a shared box, not just post from the mua, and still limit who can > mail to the shared box. This leads to several questions: > > Am I correct in thinking that my issue is on the Postfix side in getting > Postfix to pass the smtp-auth info through its lmtp client to cyrus' > lmtpd?
The auth info in question is the AUTH= keyword to the MAIL FROM command. So you need Postfix to do something like: MAIL FROM <[EMAIL PROTECTED]> AUTH=hagbardc RCPT TO <[EMAIL PROTECTED]> DATA .. I'd have to look at the source to see if lmtpd will allow you to do this over a UNIX socket without actually AUTHenticating. -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
