Maybe someone can explain this to me, but are there any other options to getting ACL functionality working correctly, besides using Sendmail? Maybe im wrong, but im thinking Sendmail is our only option.
If you want to use the Cyrus ACLs to control who can send email (post) to a mailbox, you have no choice but to have the MTA pass the userid of the poster to lmtpd (via AUTH=). This is the only way that lmtpd knows who is sending the message (looking at the headers or the envelope is unreliable because they can be easily forged).
I don't know much about Postfix, but I would imagine that you could restrict posting by using some kind of external lookup (LDAP, SQL, etc). This obviously has the downside of requiring a set of "posting" ACLs
which are separate from the rest of the mailbox ACLs.
-- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp --- Home Page: http://asg.web.cmu.edu/cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
