- Previous message: Larry Rosenbaum: "RE: What is the correct mailbox delivery action in 2.3.3-2"
- In reply to: Andrew Morgan: "preauth with lmtpproxyd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
|
|
|
From: Andrew Morgan (no email)
Date: Fri Apr 21 2006 - 13:29:20 EDT
On Thu, 20 Apr 2006, Andrew Morgan wrote:
> I'm testing out cyrus murder with v2.2.12 and I noticed that lmtpproxyd
> doesn't seem to support the -a (preauth) option that the regular lmtpd does.
>
> On my standalone cyrus system, I use lmtpd -a to accept mail from our campus
> mail relays running postfix, and I use tcpwrappers to block all connections
> except the mail relays.
>
> I attempted to use a similar configuration on my test frontend server
> running lmtpproxyd, but the -a option is not supported.
>
> Am I going about this wrong? Is there a different or better way to accept
> mail over the network using lmtp in a murder?
After playing around with some help from our postfix admin, I came up with
the following working config.
In postfix's main.cf:
lmtp_sasl_auth_enable = yes
lmtp_sasl_password_maps=hash:/etc/postfix/lmtp_passwd
lmtp_sasl_security_options = noanonymous
In /etc/postfix/lmtp_passwd:
cyrus-fe1.onid.oregonstate.edu cyr_lmtp:password
In imapd.conf on the frontend server:
lmtp_admins: cyr_lmtp
proxy_authname: cyr_proxy
In imapd.conf on the backend server:
lmtp_admins: cyr_proxy
proxyservers: cyr_proxy
I'm a little confused that I had to add cyr_proxy to lmtp_admins. The
description of proxyservers seems to imply that I wouldn't. In any case,
it seems to be working now and hopefully this is the correct way to do
lmtp auth in a murder environment. Please let me know if I've done this
wrong. :)
Andy
---- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
|
|
|