On Mon, Jul 02, 2001 at 06:32:34PM +0200, Henning Brauer wrote:
> and this "somewhere" is the problem IMHO.
> I don't really like the idea of logging in using the email adress' local
> part only.
>
By somewhere I meant a file or an environment variable.
> > An ideal way, IMO is to look at the client's IP address, match
> > it, and append appropriate @domain for LDAP search.
>
> Come on. I don't know which client IP belongs to which virtual domain. If
> you have roaming users (except staff we don't have another user type...)
> this is simply impossible.
>
Good point. But the possibilities are not exhausted yet. What if the
pop3 server had an IP address-based virtual support as a stand-alone
daemon. It would listen on separate IP addresses where each IP address
would mean a different @domain part. Depending on which IP address
the connection comes in, the search would be done accordingly. Another
scheme could be different base DNs for subtree or one level search
for different IP addresses.
I have been planning to write a scalable enterprise-quality POP3 server
for a long time, and actually have done some preliminary work but really
don't have time to complete it.
> > Different attributes for smtp and pop3 authentication are stupid.
>
> Huh?? smtp authentication? stock qmail-ldap doesn't have this feature.
> I never talked about different auth attributes. If the mail and
> mailalternateaddress attributes are valid login ids they should be valid
> everywhere of course.
I misspoke here. What I meant was that smtp information in the database
doesn't have a problem because it's already stored in the
username@domain format. By contrast pop3 information leaves a hole.
