On 16 Nov 2011, at 3:49 PM, Mikael Syska wrote: > You do test my skills of all the acronyms you are using :-) > > Does this not mean that authentication in baruwa should be using ldap > to the AD? or am I missing something here. What if the mail gateway > handles mail for a few in house Exchange servers not related?
https://en.wikipedia.org/wiki/SPNEGO https://en.wikipedia.org/wiki/NTLM Baruwa's authentication is plugin based, i intend on implementing support for windows single sign on based on the above technologies. The should be no problem supporting multiple domains, the mail gateway just has to have a trust relationship with them. But like i said, i need sponsorship in terms of provisioning of MS exchange & AD software and licensing to begin working on this. This is not just for bayesian learning, its for single sign on, users on a domain served by a Baruwa gateway will not be prompted with the login screen, if they are logged into the domain when they access the interface. This makes Baruwa much more user / admin friendly in that you do not have to manage multiple accounts, all your accounts go into AD. > >> >> You can implement an approval system, for the admin but that means you would >> have to quarantine the message for the admin to be able to tell if the >> request is >> legit or not > > I'm not sure i'm following you here ... this should be a seperate > table only takings care of aproving the sa-learn actions that are send > from clients machines. You would need to store the requests some where and then alert the admin to attend to them. This is similar to the auto release, each message listed in the quarantine report gets a record in a table which holds the hash tag for the message, when a request to release comes in the table gets checked for the hash tag. > Qurantine what massage? Messages are allready in the system. baruwa > gets a json request like: {messageId: "1JKLK4Æ324.J434J32L", learn: > "spam" } and which action should be taken. Ether discard(if its maybe > a anonymous user, from a banned network), needs approval(allowed > network but needs approval) or allow (which should just queue it to > sa-learn). What i meant is you have to store all messages passing through the gateway, an anonymous user is not able to send requests, you would have to send a login request, get a session id and use that so subsequent requests, but if you have single sign on implemented they there is no need for that part. -- Baruwa - www.baruwa.org _______________________________________________ Keep Baruwa FREE - http://pledgie.com/campaigns/12056
