Lawrence Greenfield wrote:
--On Friday, January 03, 2003 12:48 PM -0700 "Kevin P. Fleming"
wrote:
> This is all working fine, except that I had to add my dummy
> authentication user (which I create solely for Exim to authenticate
> itself to lmtpd with) to the "admins" entry in /etc/imapd.conf. I had to
> do this because lmptd specifically allows only admins to authenticate.
>
> Is there any particular reason why? It's not a big deal for me, but when
> I document this configuration for other people I'm sure this will raise
> some eyebrows.
Allowing anonymous users to directly submit via LMTP would defeat any
accounting done in the MTA and allow for perfectly forged Received
headers. Allowing arbitrary users to authenticate could be just as bad
with the current code, though it could be modified---but it's not clear
it's worth it.
Since there are some LMTP extensions like IGNOREQUOTA that require
administrative rights, it doesn't seem worthwhile to try to get finer
grained authorization than "lmtp_admins".
I responded to most of that in my reply to Rob, but thanks for the additional
information. lmtp_admins will do exactly what I need.