[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [bug-anubis] 'remote' usage of anubis

From: Wojciech Polak
Subject: Re: [bug-anubis] 'remote' usage of anubis
Date: Mon, 8 Sep 2003 10:30:11 +0200

On Mon, 08 Sep 2003 06:32:32 +0200 Jim Cheetham wrote:

Hi, Jim! You have started an interesting topic :).

> Anubis runs fine on my workstation, doing the Right Thing to my outgoing
> email.
> However, I have a number of different email-sending machines, not all of
> which are capable of running Anubis, and I'd like them to benefit from
> the facilities ...
> So I thought I'd install Anubis on the SMTP server machine itself, which
> works OK when I am logged in, and can provide a valid identd response.

The solution for the above is to install one Anubis on the SMTP server
machine and a couple of Auth (Ident) servers on each email-sending machine.
Then specify the TRANSLATION section on the SMTP server machine,
where GNU Anubis is installed. But still this requires an Auth (Ident)
service, so it won't help you for the problem below with e.g.
mobile phone without Identd built-in.

> But sometimes I cannot provide ident data, because the workstation does
> not support it (e.g. mobile phone). As far as I can see, Anubis will not
> allow me to connect ... which is a shame. The SMTP server uses an
> authenticated login - is there some way I can authenticate myself to
> Anubis, so that it will access my $HOME/.anubisrc ?

Without the Auth service you are not able to authenticate a specific
user. Although you can specify *a whole* machine to be authenticated
and translated into a specific user on the SMTP server machine,
where Anubis is installed.

Suppose we have
1) Machine-A, GNU Anubis and SMTP server (with Ident service running).
2) Machine-B, a common workstation with Ident service running.
3) Machine-C, a mobile device without Ident, but with its own
IP address...

Now, try to specify the following in the `/etc/anubisrc'
(syntax for v3.6.2):

translate = address@hidden into = account-JimB-A
translate = Machine-C into = account-C-A

In the example above all users from Machine-A are authenticated
as usual, but in addition we auth a special user `Jim' from
Machine-B by translating him into `account-JimB-A' on Machine-A.
Next, Machine-C is not running the Auth service, so we cannot auth
its users, but hopefully this is only a one-user box and let's
suppose we will translate him into `account-C-A' on Machine-A.
The last entry is exactly doing that
("translate = Machine-C into = account-C-A"), where `account-C-A'
in a common Unix account on Machine-A.

I know that this solution is not perfect and it has some limits,
so please email us if anybody has any suggestions. I would like
to extend and improve the TRANSLATION section.

GNU Anubis cannot rely on the ESMTP Authentication mechanism,
because the SMTP server might be a remote machine far away from


reply via email to

[Prev in Thread] Current Thread [Next in Thread]