From: Michael Bacon (no email)
Date: Fri Nov 09 2001 - 16:57:02 EST
Yes, but it's not easy. The short answer is authenticated SMTP/LMTP.
Any user wanting to post then has to connect to one of your SMTP servers
and authenticate through some mechanism (PLAIN+TLS tends to work well for
many applications). Then, you have to set up authenticated trust between
every server that the message goes through before it gets to your Cyrus
server. If they're on the same server, this gets considerably easier,
obviously, but then you have to make sure that your MTA can authenticate to
lmtpd via the AUTH command and that the user that the MTA authenticates as
is allowed to proxy authenticate for other users. The easiest way to do
this is to put the user the MTA as authenticating as in the admins: line of
the imapd.conf file, but there are security issues with this. (Not
terribly hard to figure out...) Finally, you add the "p" permission to the
ACL for all users who you want to let post, and hope that it all works.
If it works in the end, though, you've got one rockin' conferencing server.
Michael
--On Monday, November 05, 2001 23:27:13 +0200 Nikos Voutsinas
<> wrote:
> Hi,
>
> I am trying to figure out, how someone could
> a) allow posting to BB+folders only to specific set of users
> b) pass to the lmtpd, the auth_id (authuser ? authstate ?)
> of sender in a case where the last one is already defined
> by the MSA.
>
> (ie: Is there anyway to avoid "p" permission for the "user" anyone ;)
>
>
>
>
|
|
|