Next message: Tom Warfield: "RE: Forward domains email to IP?"
Hi all,
I am in the midst of moving delivery of email to my Cyrus system away from
the included deliver(8) program to directly over LMTP, since that seems to
be the generally-accepted Right Thing To Do. Delivering user email is
working fine. However, I used a bit of a trick with the arguments to
deliver(8) to get a form of access-controlled shared folders setup. Since
deliver is run by pipe(8), it has the ability to pull in variables from
the address, specifically ${user} and ${extension} for my purposes. In my
setup, I have shared folder posting addresses that are expanded to the
form, for example, of sbalmos+. Then, like in
a standard setup, I have in master.cf an entry for deliver that pulls the
authentication userid from ${user} (e.g. sbalmos) and the board name from
${extension}.
However, lmtp(8) does not have these variables, and thus my shared folders
setup falls flat on its face. The first step is what file in pipe(8), or
master(8) maybe, processes the variables ${user} and ${extension}, so
similar code could be copied into lmtp. Secondly, and this is probably
going to be a local modification instead of being generally accepted, the
LMTP protocol conversation code would be modified to insert this new
arbitrary username in the AUTH=<foo> keyword of the MAIL FROM state.
Currently, the code simply inserts AUTH=<>, with some comment about being
able to authenticate the MTA, but not the sender.
I remember some vague conversations about the previous sentence a while
ago. But due to the setup I have, with a policy server that expands the
addresses into the above expanded form (see the thread "LDAP
virtual_alias_maps based on envelope-from" 17 March 2005 18:14 EST), I am
relatively confident my setup is safe, allowing me to "forge" the
authenticated sender in the MAIL FROM.
Anyone have any general pointers on what code to copy from where into
lmtp(8) in order to handle this variable parsing and such? BTW, the Cyrus
mailing list says that deliver is a simple LMTP client, which allows MAIL
FROM <blah> AUTH=<blah> in all circumstances, yet lmtp(8) only allows it
if it authenticates with the LMTP server successfully using SASL upon
connection. Maybe I'm missing some RFC or standard documentation somewhere
in my reading, but why is this?
Thanks!
--Scott Balmos
