On 02/27/12 10:32 -0600, Dan White wrote: >Another option would be to utilize SASL EXTERNAL authentication to >authenticate your users, locally, based on peercred. Cyrus IMAP does not >currently have support for external auth, but I'm attaching a Linux >specific patch, against cyrus 2.3.12, which works for me. > >I'm not sure how your spam processing fits into the picture, but your >spawned processes will need to function as IMAP clients, and will need to >be able to select the GSSAPI or EXTERNAL SASL mechanisms to use either of >the above scenarios. I forgot to mention that to use the EXTERNAL mechanism in this way, you'll need to spawn an imapd process on a unix socket. E.g., in /etc/cyrus.conf: imapunix cmd="imapd -U 30" listen="/var/run/cyrus/socket/imap" And your IMAP client will need the capability to speak to an IMAP server over that unix socket, like: socat -d READLINE /var/run/cyrus/socket/imap (c01 AUTHENTICATE EXTERNAL) -- Dan White ---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
