From: Amos Gouaux (+archive.postfix-usersutdallas.edu)
Date: Tue Apr 01 2003 - 11:17:54 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>>>>> On Mon, 31 Mar 2003 10:15:33 -0500,
>>>>> Scott Balmos <sbalmosadelphia.net> (sb) writes:

sb> Has there ever been a patch that allows Postfix to passing along SMTP AUTH
sb> info to a delivering transport?

Not too long ago I think there was some effort to develop TLS
support for the Postfix LMTP client, but don't know where that's at,
nor if there was any plans to tie SMTP-AUTH to LMTP-AUTH. Though,
especially now that both Sendmail and Exim now support this, it
seems to be coming up with greater frequency on the Cyrus lists.

The other day I found myself wondering more about this LMTP-AUTH
business. I didn't get too far, but these are my rough thoughts
from that day:

> But what is meant by "trusted environment", and how does one
> establish such a "trusted environment".

  By using an MSA Message Submission Agent, Based on RFC 2476 (or a
  network of trusted MSAs)

So, if enable LMTP-AUTH to receive credentials from queue file,
only allow SMTP-AUTH from the Message Submission port, 587? What
variables should be added to control this?

  smtpd_cache_auth_credentials (yes|no) [no]

Perhaps...

/etc/services:
  submission 587/tcp # Mail Message Submission (RFC2476)

/etc/postfix/master.cf:
  submission inet n - n - - smtpd
    -o smtpd_enforce_tls=yes
    -o smtpd_sasl_auth_enable=yes
    -o smtpd_cache_auth_credentials=yes
    -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject

--
Amos

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]