Quoting Russ Allbery <[EMAIL PROTECTED]>: >> email (qmail or postfix) I just bumped into a document >> saying postfix supports sasl/gssapi, and qmail has a >> qmail-ldap version but not sure with qmail-kerberos. > > I don't *think* there's a qmail-smtpd that supports GSSAPI authentication, > but I'm not sure.
In theory it should work with the additional QmailLDAP/Controls patch. I DID so some very quick tests when I added SASL support to the patch, but I never run it for extensive periods... > Your problem here will be more on the client side > anyway; it's hard to find clients other than Eudora that support GSSAPI > authentication for SMTP. You can, however, support Kerberos username and > password over SSL with any server that uses SASL (even though it's ugly > and ideally you don't want to do that). Oh, my patch don't support THAT, only SASL between Qmail and the LDAP server. Good idea though. I'll see what I can do... > No. You really do not want to have two password repositories that you > have to keep in sync. You *can* get LDAP to refer its authentications to > Kerberos, but my understanding is that this is not the fastest thing in > the world to do. It isn't much slower. In theory, a couple of microseconds (depending on hardware of course - if you run old crap as i do, it's about half to a quarter of a second per bind :). ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos