Op 18-4-2016 om 18:02 schreef Charles Marcus:
Greetings Mike and Timo,
A question about BURL support in Thunderbird came up, and while there is
an open bug, it apparently is still not implemented.
I'd love to see this get done, so I've been checking on the status of
this in both postfix and dovecot...
Can someone comment on whether or not this was ever fully/properly
implemented?
Status:
URLAUTH - Fully implemented.
CATENATE - Fully implemented.
BURL - Not really a Dovecot concern, but we've created a Dovecot-based
SMTP submission proxy that adds BURL and other advanced functionality to
any SMTP backend. This feature is currently a set of patches that is
scheduled to be merged for Dovecot v2.3. The Dovecot v2.3 branch was
started just a few days ago.
Regards,
Stephan.
*/Charles/*/*
*/
On 1/14/2011 12:35 PM, Mike Abbott <[email protected]> wrote:
On Dec 5, 2010, at 11:17 PM, Timo Sirainen wrote:
I don't think there's any need to send "anonymous_username" to imap
process? It just seems to want to know if the current user is anonymous
or not. That same thing has been in my TODO list for a while already
because ManageSieve could use that information too. So committed now:
http://hg.dovecot.org/dovecot-2.0/rev/c41ba33b8e16
I just tried out this change and it does not replace the need for the
anonymous_username field. I only now fully understand the comment:
/* this is an anonymous login, either via ANONYMOUS
SASL mechanism or simply logging in as the anonymous
user via another mechanism */
Since the change does not distinguish between those two cases it breaks the "authuser" access identifier for the anonymous user when he is logged in
non-anonymously. I would not really care about this edge case except that the contributed implementation requires that the username in the IMAP URL matches
the authenticated user's username even for the "anonymous" and "authuser" access identifiers, in violation of RFC 4467 section 4. (The
implementation requires a match because Dovecot does not (can not) reach into another user's mail storage.) This means that the "anonymous" and
"authuser" access identifiers only work for the anonymous user in the implementation; your change makes the "authuser" access identifier
always fail for the anonymous user. The anonymous_username field in the original contributed patch does distinguish between SASL ANONYMOUS and logging in as
the anonymous user via another mechanism, so the "anonymous" and "authuser" access identifiers work properly for the anonymous user (but
not for any other user).
If you can teach me how to make urlfetch_url() access any user's mail storage from an IMAP process logged in
as a different user (subject to OS uid/gid permission constraints), I can make "anonymous" and
"authuser" work for all users and use your change instead of the "anonymous_username"
field.
Alternatively, you could edit your change to add the "anonymous" indication to
the auth reply only for SASL ANONYMOUS authentications rather than for all anonymous-user
authentications, unless that would cause trouble for ManageSieve.
