Okay, I must be clueless here... I have looked through the docs, looked through the archives, done google searches, etc. I just plain don't understand how to configure sendmail to do LMTP authentication correctly. I am in need to open up the TCP port of LMTP to more than just [localhost] and believe that LMTP AUTH is the way to do it. We do not have tcpwrapper support compiled in, and really need to find a way to do it without having to recompile lmtpd.
In the cyrus config file, I have the following config lines:
# LMTP is required for delivery
#lmtp cmd="lmtpd -a" listen="localhost:lmtp"
lmtp cmd="lmtpd" listen="lmtp"
lmtpunix cmd="lmtpd" listen="/var/imap/socket/lmtp"
We were running with the "-a" option forced to localhost. I removed it
and removed the localhost reference. The lmtpunix line is there in case
anyone uses the deliver program to deliver a message.
As far as the sendmail configuration goes, I have the following:
dnl server configuration for SMTP AUTH
define(`confAUTH_MECHANISMS', `PLAIN')dnl
TRUST_AUTH_MECH(`PLAIN')
define(`confAUTH_OPTIONS', `p,y')dnl
dnl server configuration for SMTPS
DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')
dnl cyrus configuration
define(`confLOCAL_MAILER', `cyrus')
MAILER(`local')
MAILER(`smtp')
MAILER_DEFINITIONS
Mcyrus, P=[IPC], F=lsDFMnqAwW@/:|SmXz, E=\r\n,
S=EnvFromL, R=EnvToL/HdrToL, T=DNS/RFC822/X-Unix,
U=cyrus:mail, A=TCP [localhost] lmtp
Note: This is obviously not the full file, but hopefully just the parts
relevant to the discussion.
Now, what do I need to change in order to get LMTP AUTH working? I do
have some questions regarding how LMTP AUTH actually occurs... First,
what username/password gets used for the authentication? Is it going to
be "postman", like it is for when lmtpd is ran with the "-a" option? I
can only guess that this might be the case, since delivery of email is
coming from an anonymous source and not a physical user on the system.
If this is the case, then what about the password? Is it stored in the
config file, or cached or what? Secondly, I assume this occurs in the
plain-text format, so, should I be setting up LMTP to be done over SSL?
Will sendmail use SSL to LMTP correctly? If this is the case, how do I
change the above setup to make SSL LMTP work?
By the way, please note that I have "allowplaintext: 1" in the imapd.conf
file, so authenticating over a plain-text connection for IMAP and POP is
not allowed... they have to authenticate over an SSL/TLS connection first.
Since this is set, won't this affect LMTP authentication as well?
Okay, lots of questions... I hope I can get some answers... I feel that I
am pouring more time and energy into this problem than I need, and really
need to turn my attention elsewhere...
Thanks!
Scott
--
+-----------------------------------------------------------------------+
Scott W. Adkins http://www.cns.ohiou.edu/~sadkins/
UNIX Systems Engineer mailto:[EMAIL PROTECTED]
ICQ 7626282 Work (740)593-9478 Fax (740)593-1944
+-----------------------------------------------------------------------+
PGP Public Key available at http://www.cns.ohiou.edu/~sadkins/pgp/
msg10668/pgp00000.pgp
Description: PGP signature
