On Wed, Oct 28, 2020 at 11:23:42AM -0400, Wietse Venema wrote:
> > The lookup key is a login name, given the syntax of the passwd(5)
> > file, no ":" characters can appear in a login name.
>
> However, one goal was to also expose this functionality in the smtps
> and submission services, where the login syntax is not constrained by
> UNIX password-file rules.
>
> The specific form "uid:u...@example.com" won't collide with
> "uid:[0-9]+", but other forms could. Perhaps we should make the
> prefix for numerical UIDs configurable.
But with SASL logins there's no notion of a numeric uid, but if the
*same* table is to be used to filter both unix login names and SASL
login names, then perhaps collisions with a SASL user named "uid:12345"
are possible, but bordering on the absurd.
https://xkcd.com/327/
I don't think the flexibility is warranted, it just complicates
documentation and giving users actionable advice on list.
And in fact overloading SASL login == Unix login is already fraught with
potential conflicts, the namespaces are not necessarily the same. If
anything that's the more likely problem than SASL logins of the
"uid:..." form.
--
Viktor.
