著者: Ron McKeating 日付: To: mb CC: Exim-Users (E-mail) 題目: Re: [Exim] Fun with Cyrus
On Wed, 2003-08-13 at 13:36, mb wrote: > At 11:16 +0100 Ron McKeating wrote:
>
> >so they will not exist in /etc/passwd. In our old config we had
> >check_local_user in the router. Is there anything else I should look at
> >besides this if I want to deliver to cyrus for users that do not exist
> >on as local users?
>
> You can do a callout over LMTP if you use a manualroute router. This is
> an edit (for simplicity and thus untested) of what I do, which should
> queue messages for users who are over quota, but reject (at SMTP time)
> invalid local-parts:
>
> [in your RCPT ACL]
>
> require verify = recipient/defer_ok/callout=10s/callout_defer_ok
>
> [routers]
>
> cyrus:
> driver = manualroute
> domains = cyrus
> transport = lmtpsock
> route_list = * localhost
> log_as_local
>
> local_user:
> driver = redirect
> domains = +local_domains
> data = ${lc:$local_part}@cyrus
> redirect_router = cyrus
>
> [transports]
>
> lmtpsock:
> driver = lmtp
> socket = /var/lib/cyrus/socket/lmtp
> batch_max = 1000
Hmm been doing some playing. Firstly got rid of check_local_user in the
local_user router. Now it does not care that there is no homedir for
that user. But I still need to have user in /etc/passwd as cyrus is
authenticating the user against the local linux pam module (which in
turn is authenticating against the active directory using the kerberos
pam module). We would have like to use kerberos direct from cyrus but
could not make it work as it needed some md5 encryption that was only
available from America under license.
I think if we could get cyrus to use kerberos to authenticate against
the active dir then we would not need to create the user in the
/etc/passwd file. Anyhow this is all getting too off topic for the exim
list, but a big thanks to all of you who contribute so much.
Ron
--
Ron McKeating
Senior IT Services Specialist
Internet Services and Software Solutions
Loughborough University
01509 222329