On Thu, 20 Apr 2006, Andrew Morgan wrote:
I'm testing out cyrus murder with v2.2.12 and I noticed that lmtpproxyd
doesn't seem to support the -a (preauth) option that the regular lmtpd does.
On my standalone cyrus system, I use lmtpd -a to accept mail from our campus
mail relays running postfix, and I use tcpwrappers to block all connections
except the mail relays.
I attempted to use a similar configuration on my test frontend server
running lmtpproxyd, but the -a option is not supported.
Am I going about this wrong? Is there a different or better way to accept
mail over the network using lmtp in a murder?
After playing around with some help from our postfix admin, I came up with
the following working config.
In postfix's main.cf:
lmtp_sasl_auth_enable = yes
lmtp_sasl_password_maps=hash:/etc/postfix/lmtp_passwd
lmtp_sasl_security_options = noanonymous
In /etc/postfix/lmtp_passwd:
cyrus-fe1.onid.oregonstate.edu cyr_lmtp:password
In imapd.conf on the frontend server:
lmtp_admins: cyr_lmtp
proxy_authname: cyr_proxy
In imapd.conf on the backend server:
lmtp_admins: cyr_proxy
proxyservers: cyr_proxy
I'm a little confused that I had to add cyr_proxy to lmtp_admins. The
description of proxyservers seems to imply that I wouldn't. In any case,
it seems to be working now and hopefully this is the correct way to do
lmtp auth in a murder environment. Please let me know if I've done this
wrong. :)
Andy
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
