[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [bug-anubis] 'remote' usage of anubis

From: Jim Cheetham
Subject: Re: [bug-anubis] 'remote' usage of anubis
Date: Tue, 09 Sep 2003 09:14:49 +1200

On Mon, 2003-09-08 at 20:30, Wojciech Polak wrote:
> On Mon, 08 Sep 2003 06:32:32 +0200 Jim Cheetham wrote:
> Hi, Jim! You have started an interesting topic :).

> Without the Auth service you are not able to authenticate a specific
> user. Although you can specify *a whole* machine to be authenticated
> and translated into a specific user on the SMTP server machine,
> where Anubis is installed.
Like Greg, I'm not entirely convinced of the value of using ident at
all. I don't really feel that it is a suitable service to have in an
Internet-facing role, and it feels like Anubis is using a plain-text
authentication system over the net to access my account details, which
makes me feel slightly nervous.

ident is probably fine in an internal network, where workstations are
just trying to access their local mail server, and the security policy
prevents leakage of ident to the outside world ...

> translate = address@hidden into = account-JimB-A
> translate = Machine-C into = account-C-A
> ---END---
Thanks for this section, I had overlooked TRANSLATION when reading
through the documentation. I can solve one of my connection problems
with this method, although it is not a good solution.

> GNU Anubis cannot rely on the ESMTP Authentication mechanism,
> because the SMTP server might be a remote machine far away from
> Anubis.
Can Anubis use PAM? I am using v3.9.93, and I see that --with-pam is an
option to ./configure ... I guess in this case, it would be fine to let
PAM work out how to authenticate the connection, whether by ident or
other challenge ...

Jim Cheetham
Systems Administrator, eCOSM Limited.
Phone +64 3 365 4176 | Mobile +64 21 314 158

reply via email to

[Prev in Thread] Current Thread [Next in Thread]