On Fri, Apr 09, 2010 at 12:26:47PM -0400, Victor Duchovni wrote:
> On Fri, Apr 09, 2010 at 06:36:10AM -0500, Mike Abbott wrote:
>
> > Attached please find a patch that adds support to postfix-2.7.0 for RFC
> > 4468 - Submission BURL.
>
> > BURL requires a pre-configured trust relationship between the submission
> > server and the IMAP server. This patch adds a new configuration file
> > normally named "submit.cred" that contains text entries each specifying
> > an IMAP server hostname, a submit username, and a password. The patched
> > submission server logs into the IMAP server using:
>
> This is not the security model in RFC 4468. In the RFC the server either
> uses its own credentials (recommended username=submit) to access the
> IMAP server via RFC 4467 URLs (I would strongly recommend this approach),
> or may forward the SASL PLAIN credentials of the SMTP user to the IMAP
> server if the IMAP server is believed to be in the same administrative
> domain (i.e. is listed in a config file or table for such a policy).
Sorry, this is more clear in the code, indeed you the cred file holds
submission credentials, not per-user credentials. Sorry, ...
The rest of the discussion should probably move to Postfix-devel from
postfix-users.
--
Viktor.
P.S. Morgan Stanley is looking for a New York City based, Senior Unix
system/email administrator to architect and sustain our perimeter email
environment. If you are interested, please drop me a note.
