[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [bug-anubis] Not relying on ident?

From: Sergey Poznyakoff
Subject: Re: [bug-anubis] Not relying on ident?
Date: Thu, 27 Nov 2003 00:11:48 +0200

Jim Cheetham <address@hidden> wrote:

> Anubis needs to do an ident query to enable it to find the relevant
> ~/.anubisrc file, I believe.

Yes, currently it is so.
> If it fails, couldn't we just run with the contents of the site-wide
> file?

Well, it is possible to remap any user to any existing account, thus
forcing the use of this account's profile. It is done via TRANSLATION
section. For example, the section below will use the configuration
file ~/anubis/.anubisrc for any user with domain name "mydomain.net"

translate mydomain.net into anubis

Of course, such usage is strongly discouraged.
> As an alternative, if SMTP/AUTH were used, could there be a mapping from
> AUTH data to system username/~/.anubisrc? That way, we would be relying
> on the final MTA to do the identification, rather than ident ...

Yes, the CVS version of Anubis actually uses this aproach. It will be
able to work in two modes: either a traditional one, using IDENTD to
authenticate incoming connections, or in "authentication mode", that
relies on ESMTP AUTH to establish the authenticity of users.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]