[exim-dev] [Bug 1668] New: RFE: sasl_user_exists condition

Top Page
Delete this message
Reply to this message
Author: admin
Date:  
To: exim-dev
New-Topics: [exim-dev] [Bug 1668] RFE: sasl_user_exists condition, [exim-dev] [Bug 1668] RFE: sasl_user_exists condition, [exim-dev] [Bug 1668] RFE: sasl_user_exists condition, [exim-dev] [Bug 1668] RFE: sasl_user_exists condition, [exim-dev] [Bug 1668] RFE: sasl_user_exists condition, [exim-dev] [Bug 1668] RFE: sasl_user_exists condition, [exim-dev] [Bug 1668] RFE: sasl_user_exists condition, [exim-dev] [Bug 1668] RFE: sasl_user_exists condition
Subject: [exim-dev] [Bug 1668] New: RFE: sasl_user_exists condition
https://bugs.exim.org/show_bug.cgi?id=1668

            Bug ID: 1668
           Summary: RFE: sasl_user_exists condition
           Product: Exim
           Version: 4.85+ HEAD
          Hardware: All
                OS: All
            Status: NEW
          Severity: wishlist
          Priority: medium
         Component: String expansion
          Assignee: nigel@???
          Reporter: bob@???
                CC: exim-dev@???


Created attachment 827
--> https://bugs.exim.org/attachment.cgi?id=827&action=edit
Patch to implement cyrus_sasl_user_exists expansion

Exim currently has support to perform authentication tests using libsasl2, for
the purposes of SMTP authentication. It's missing the ability to query whether
a local user exists, for the purpose of determining whether to reject a RCPT.

In general, the thing to do in this case is to perform an LMTP callout in order
to determine whether there is a mailbox that exists for the given recipient.

However, Cyrus IMAP now has a feature that allows mailboxes to be automatically
created upon successful login, or a delivery is made to a mailbox that doesn't
exist yet.

It would be exceedingly convenient to test for the existence of a local user in
the same SASL DB that Cyrus looks for users, rather than via LMTP so that we
can turn this automatic mailbox creation feature on without arbitrarily
creating a new mailbox for addresses no one will ever log into. This patch for
your consideration, allows for that by introducing a new string expansion
called "cyrus_sasl_user_exists", that expects a username, optional service, and
optional realm. Adding the condition to your LMTP router will let you specify:

acl_check_rcpt:

accept domains =    +local_domains
                    verify = recipient


begin routers

cyrus:
    driver = accept
    domains = +local_domains
    condition = ${if cyrus_sasl_user_exists{{$local_part}{$domain}}{1}}
    transport = lmtp
    no_more


--
You are receiving this mail because:
You are on the CC list for the bug.