Re: [exim] Why doesn't Exim authenticate against IMAP direct…

Pàgina inicial
Delete this message
Reply to this message
Autor: Marc Perkel
Data:  
A: exim-users, ph10
CC: 
Assumpte: Re: [exim] Why doesn't Exim authenticate against IMAP directly?


Fred Viles wrote:

>
>It sounds like in your case, the only reason you are running the SASL
>daemon is to connect exim to the IMAP authenticator. So I can
>understand why it seems to you like an obvious idea to eliminate the
>middleman.
>
>

Yes! Yes! - you got it now! That is exactly my point!

>But it's a slippery slope, and ISTM that that way lies madness. If
>you support authenticating against an IMAP server, then surely you
>must also support POP servers - what's the difference? And other
>SMTP servers. And go to think of it, what's the difference between
>that and authenticating against shell servers - better add support
>for using telnet, rlogin, ssh, etc.
>
>

Actually I would include pop servers as well. The choices would be:

imap imaps pop3 pop3s.

And onle these because they are email protocols. The idea here being
that you would allow people to send who have an account to receive email.

The other protocols don't count because they aren't email related. On my
server virtual email users don't have unix accounts.

>And BTW, you haven't yet made the argument that this is the only way
>to eliminate the Cyrus SASL daemon in your own setup. exim supports
>many of the same backend databases as Dovecot, are you not using a
>common one?
>
>
>

I may be missing something but I haven't seen a lot of examples of Exim
doing fancy stuff for SASL authentication. It might be possibile to
write complex authenticators, but again, I'm looking for simplicity
here. Something like:

imap-auth:
driver = plaintext
public_name = PLAIN
protocol = imap
host = localhost

It's not that I'm not happy with Cyrus-SASL. It's fantastic. But I'm
just the kind of guy that like to eliminate steps that aren't necessary.