Voutsinas Nikos wrote:
:)
I always thought that what was mentioned is not primary a cyrus issue, but given the opportunity from Kevin's idea here is an extension
What Kevin said is also possible with sendmail. (MTA passes the authid of the sender to the lmtpd). In 8.12.2 this was under _FFR code, I dont know the current status. (Hey sendmail we are you ??). Actually this concept is applicable when the MTA plays the role of an MSA, where each intranet user is "forced" to follow the SMTP authentication procedure.
non-local user local/authenticated user
or
other MTA |
| |
| |
< <
MTA MSA
| |
| |
< <
-------------------------- MAIL FROM:<lala _@_ noc.edunet.gr>
| AUTH=nvoutsin
| or
< AUTH=nvoutsin@realm
lmtpd
MSA:intranet users should declare the MSA server in thier
clients as outgoing mail server. The MSA server according to RFC(???)(can't remember...) accepts user's submissions if and only
if user is succefully authenticated (in ldap :) ). Sendmail passes the authid (auth author or authen... ) to lmtpd as parameter on the mail from: command.
MTA: This is nothing else than the MX server.
Notes:
1) LMTP connections on the lmtpd are only allowed from the MSA, and MTA
2) MTA rejects each mail/connection if : a)the mail from:<> command contains one of the localmail domains b) originated from the local address space
b) NOT originated from the local address space
