[IMGate] Re: AUTH to Imail user accounts via LDAP

2005-07-05 Thread Ed Lucero 

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
 On Behalf Of Dan Horne
 Sent: Tuesday, July 05, 2005 10:48 AM
 To: IMGate@mgw2.MEIway.com
 Subject: [IMGate] Re: AUTH to Imail user accounts via LDAP
 
 I agree, and I was already halfway down this road when I read your
 message.  I already export users for relay_recipient_maps, using
 imailusers.exe.  How would I get the passwords?  I would (I believe)
 first have to loop through the registry and get every username/password
 pair for each Imail host, then I would have to decrypt the passwords.  I
 don't really have the time (or the skills, really) to write a program to
 do either.  Maybe Martekware's Iplus Info Browser could output such a
 report.  I'll ask them.=20
 
 Moving on, reading the postfix SASL_README, it seems that SASL can
 either use the UNIX pw database or its own sasldb.  How would I
 configure it to look at an external file?  Or is there a way to map the
 contents of the external file into the sasldb?  I see the command in the
 README to add them one by one using saslpasswd2, but would I have to
 write a script that runs through the contents of my exported file and
 runs this command for each entry?  Or is there an easier way? =20
 
 It also says that SASL supports only one realm per postfix instance.
 How do I configure multiple domains into the same realm?  Can the
 smtpd_sasl_local_domain be a hash: map?
 
 
 
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of Len Conrad
 Sent: Tuesday, July 05, 2005 11:18 AM
 To: IMGate@mgw2.MEIway.com
 Subject: [IMGate] Re: AUTH to Imail user accounts via LDAP
 
 
 Is it possible to configure postfix to AUTH users based on the Imail=20
 database using LDAP?
 
 at one time, Imail LDAP didn't allow (secure) access to passwords, but I
 think that was added quite a while ago.
 
 It's probably no more difficult to export the users/passwords to file on
 postfix. The same file, or a file derived from it, could be used for=20
 rejecting unknown recipients.   one export file giving two usages.
 
 I prefer to avoid coupling MXs to the mailservers.
 
 Len
 
 
 
 
 

Yes. You will need to write a script to process the input file.

You do not need to worry about realms. The user ID will be the email
address.

Ed


Example:

 echo 'password' | /usr/local/sbin/saslpasswd2 -p -c [EMAIL PROTECTED]


 sasldblistusers2

[EMAIL PROTECTED]: userPassword

[IMGate] Re: AUTH to Imail user accounts via LDAP

2005-07-05 Thread Dan Horne 
Thanks, I'm working on it.=20

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ed Lucero
Sent: Tuesday, July 05, 2005 2:24 PM
To: IMGate@mgw2.MEIway.com
Subject: [IMGate] Re: AUTH to Imail user accounts via LDAP


 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED]
 On Behalf Of Dan Horne
 Sent: Tuesday, July 05, 2005 10:48 AM
 To: IMGate@mgw2.MEIway.com
 Subject: [IMGate] Re: AUTH to Imail user accounts via LDAP
=20
 I agree, and I was already halfway down this road when I read your=20
 message.  I already export users for relay_recipient_maps, using=20
 imailusers.exe.  How would I get the passwords?  I would (I believe)=20
 first have to loop through the registry and get every=20
 username/password pair for each Imail host, then I would have to=20
 decrypt the passwords.  I don't really have the time (or the skills,=20
 really) to write a program to do either.  Maybe Martekware's Iplus=20
 Info Browser could output such a report.  I'll ask them.=3D20
=20
 Moving on, reading the postfix SASL_README, it seems that SASL can=20
 either use the UNIX pw database or its own sasldb.  How would I=20
 configure it to look at an external file?  Or is there a way to map=20
 the contents of the external file into the sasldb?  I see the command=20
 in the README to add them one by one using saslpasswd2, but would I=20
 have to write a script that runs through the contents of my exported=20
 file and runs this command for each entry?  Or is there an easier way?

 =3D20
=20
 It also says that SASL supports only one realm per postfix instance.
 How do I configure multiple domains into the same realm?  Can the=20
 smtpd_sasl_local_domain be a hash: map?
=20
=20
=20
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of Len Conrad
 Sent: Tuesday, July 05, 2005 11:18 AM
 To: IMGate@mgw2.MEIway.com
 Subject: [IMGate] Re: AUTH to Imail user accounts via LDAP
=20
=20
 Is it possible to configure postfix to AUTH users based on the=20
 Imail=3D20 database using LDAP?
=20
 at one time, Imail LDAP didn't allow (secure) access to passwords, but

 I think that was added quite a while ago.
=20
 It's probably no more difficult to export the users/passwords to file=20
 on postfix. The same file, or a file derived from it, could be used
for=3D20
 rejecting unknown recipients.   one export file giving two usages.
=20
 I prefer to avoid coupling MXs to the mailservers.
=20
 Len
=20
=20
=20
=20
=20

Yes. You will need to write a script to process the input file.

You do not need to worry about realms. The user ID will be the email
address.

Ed


Example:

 echo 'password' | /usr/local/sbin/saslpasswd2 -p -c [EMAIL PROTECTED]


 sasldblistusers2

[EMAIL PROTECTED]: userPassword