Rob, Thanks. SMTP AUTH was the answer. Now sendmail is authenticating to frontend lmtpproxyd as murder and delivering mail via the backend lmtpd with proper authentication. Next I have to figure out how to get mailbox moves between backends to work.
Just wanted to clarify, I am not running lmtpd -a on the backends. I had done some testing with "lmtpd -a" to allow only localhost to connect to the "localhost:lmtp" port via TCP socket. lmtpd was not open to the world:) Gautam On Wed, 2003-01-15 at 16:45, Rob Siemborski wrote: > On Wed, 15 Jan 2003, Gautam Das wrote: > > > /* secprops = mysasl_secprops(SASL_SEC_NOPLAINTEXT); */ > > secprops = mysasl_secprops(0); > > > > There was a discussion thread with the above tip from Rob (Thanks Rob). > > However it made imap proxy work but not mailbox move from one backend to > > another. > > I'm not going to make any guarantees about trying to use the murder in a > plaintext environment. It hasn't been tested in any way and there might be > some surprises that I haven't thought of. That said, it's entirely > possible that the backend imapd that is working as a client is refusing to > use plaintext in *its* authentication, so I'd troll around in backend.c > some. > > > 2. sendmail fails to deliver messages via lmtpproxyd due to > > authentication problems.This is a typical mail deliver test that fails > > on the frontend server running lmtpproxyd. > > > > root@spnode21$ mail -v test100 > > Subject: test > > test > > . > > Cc: > > test100... Connecting to [127.0.0.1] port 2003 via cyrusv2... > > 220 spnode21 LMTP Cyrus v2.1.11 ready > > >>> LHLO ufl.edu > > 250-spnode21 > > 250-8BITMIME > > 250-ENHANCEDSTATUSCODES > > 250-PIPELINING > > 250-SIZE > > 250-STARTTLS > > 250-AUTH PLAIN > > 250 IGNOREQUOTA > > >>> MAIL From:<[EMAIL PROTECTED]> SIZE=32 [EMAIL PROTECTED] > > 430 Authentication required > > test100... Deferred: 430 Authentication required > > Closing connection to [127.0.0.1] > > >>> QUIT > > 221 2.0.0 bye > [snip] > > The above mailer (lmtp via a tcp socket) works fine on backend machines, > > which is using preauthenticated lmtpd i.e. "lmtpd -a" in cyrus.conf. > > > > Any help will be appreciated. > > You shouldn't run lmtpd on a TCP socket with -a. That basically bypasses > any sense of delivery security LMTP is offering you. In reality, sendmail > should be configured to do SMTP AUTH. > > At the very least, lmtpproxyd has to be able to do authenticated delivery > from your smtp servers to the lmtpds on the backends. (and you can run > lmtpproxyd -a on a unix socket on the local machine). > > -Rob > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 > Research Systems Programmer * /usr/contributed Gatekeeper >
