Quoting Rob Siemborski [EMAIL PROTECTED]:
On Fri, 2 Jan 2004, Christos Soulios wrote:
Rob Siemborski wrote:
On Fri, 2 Jan 2004, Paul Boven wrote:
The only argument I currently completely understand for an IP-only based
setup is that of sites that need to distinguish ANONYMOUS
On Sat, 3 Jan 2004, Christos Soulios wrote:
You can do that in a model that still allows users to add an @ sign and a
domain to their userid.
I cannot figure out how this can be achieved. And to make it clear, I will give
an example.
I have two domains domain1.com and domain2.com which
Christos Soulios wrote:
Quoting Rob Siemborski [EMAIL PROTECTED]:
On Fri, 2 Jan 2004, Christos Soulios wrote:
Rob Siemborski wrote:
On Fri, 2 Jan 2004, Paul Boven wrote:
The only argument I currently completely understand for an IP-only based
setup is that of sites that need to distinguish
Ken Murchison wrote:
Christos Soulios wrote:
If the domain passed in the fully qualified userid matches the domain
selected
from the ipaddress, then cyrus, proceeds to authenticate user using
sasl. If it
is different, then authentication fails without even making a query to
the
authentication
Hi Christos, everyone,
Christos Soulios wrote:
Security is one thing. More than this, my opinion is that in order cyrus
to be deployed in a true multi domain environment, and thus actually be
used by ISPs, admins must be able to distribute the virtual domains
according to the name of the
Paul Boven wrote:
Hi Christos, everyone,
Security is a very important thing. And security to me means encryption,
not only of the authentication phase but of the whole session. Now with
HTTPS I know you loose the ability to support virtual domains, because
the TLS session must be setup
On Fri, 2 Jan 2004, Paul Boven wrote:
Security is a very important thing. And security to me means encryption,
not only of the authentication phase but of the whole session. Now with
HTTPS I know you loose the ability to support virtual domains, because
the TLS session must be setup before
Rob Siemborski wrote:
On Fri, 2 Jan 2004, Paul Boven wrote:
The only argument I currently completely understand for an IP-only based
setup is that of sites that need to distinguish ANONYMOUS users between
domains (and prehaps that is good enough).
What about being able to determine the virtual
On Fri, 2 Jan 2004, Christos Soulios wrote:
Rob Siemborski wrote:
On Fri, 2 Jan 2004, Paul Boven wrote:
The only argument I currently completely understand for an IP-only based
setup is that of sites that need to distinguish ANONYMOUS users between
domains (and prehaps that is good
On Wed, 31 Dec 2003 16:09:47 +0100
Christian Schulte [EMAIL PROTECTED] wrote:
How are loginrealms handled if virtdomain-support gets enabled when it was
in use before without virtdomains ?
I forgot a bit about loginrealms ... they make sense to me in a setup where
mail system is set up for
On Fri, 2 Jan 2004 13:09:43 -0500 (EST)
Rob Siemborski [EMAIL PROTECTED] wrote:
The only way to get a win out of a model that disallows that feature is to
come up with something where it actively causes problems.
Yes, and this requires active knowledge of cyrus sasl code. I think you
guys
On Fri, 2 Jan 2004, Paul Boven wrote:
Christos Soulios wrote:
Security is one thing. More than this, my opinion is that in order cyrus
to be deployed in a true multi domain environment, and thus actually be
used by ISPs, admins must be able to distribute the virtual domains
Quoting Ken Murchison [EMAIL PROTECTED]:
But authentication should fail in this case, unless the user's in two
different domains have the same userid and password.
Actually, I think that it is more efficient if cyrus-imap did all the virtual
domains handling, without the assistance of any
Jure Pear wrote:
virtdomains=ipaddr (or something)
here we need to teach server the ip-domain mapping. reverse dns? most
likely.
server accepts authenticates usernames without @domain on appropriate
interfaces (ip adresses) and it searches for username only in the domain the
ip adress the user
Christos Soulios wrote:
If the domain passed in the fully qualified userid matches the domain selected
from the ipaddress, then cyrus, proceeds to authenticate user using sasl. If it
is different, then authentication fails without even making a query to the
authentication mechanism.
Can you
Am Mittwoch, 31. Dezember 2003 02:47 schrieb Jure Pear:
On Tue, 30 Dec 2003 13:33:37 -0500
Ken Murchison [EMAIL PROTECTED] wrote:
Its not a problem to implement it. I'd like to get some more discussion
on how the two methods can/should interact.
Let me share my point of view:
I just committed some code to CVS which changes the virtdomains option
from a SWITCH to an ENUM having 3 options:
off/no/0/false/f (disabled)
userid(fully qualified userids only)
on/yes/1/true/t (current behavior)
What this means (hopefully) is
This means that there is no choice for an administrator who might want
to distribute users to the domains _only_ according to the IP address of
the server that users connect to? I would not like my users to have the
ability to choose a domain only by appending a @domain to their userid.
Are
On Tue, 30 Dec 2003, Christos Soulios wrote:
This means that there is no choice for an administrator who might want
to distribute users to the domains _only_ according to the IP address of
the server that users connect to? I would not like my users to have the
ability to choose a domain
On Tue, 30 Dec 2003 13:33:37 -0500
Ken Murchison [EMAIL PROTECTED] wrote:
Its not a problem to implement it. I'd like to get some more discussion
on how the two methods can/should interact.
Let me share my point of view:
virtdomains=off:
server accepts authenticates usernames without
Ken Murchison wrote:
Kendrick Vargas wrote:
Hi folks,
I asked earlier how I could get users within the primary (default)
domain hashed into the domain/ subdirectories of the imap spool
instead of being right at the toplevel without any real domain
association. I was told that the
Sweeet, but I think i'll wait till the next full release to test it, since
the target system is sorta production. Thanks :-)
-peace
On Mon, 29 Dec 2003, Ken Murchison wrote:
Ken Murchison wrote:
Kendrick Vargas wrote:
Hi folks,
I asked earlier how I could
On Mon, 29 Dec 2003, Ken Murchison wrote:
Ken Murchison wrote:
Kendrick Vargas wrote:
Hi folks,
I asked earlier how I could get users within the primary (default)
domain hashed into the domain/ subdirectories of the imap spool
instead of being right at the toplevel without any
Igor Brezac wrote:
On Mon, 29 Dec 2003, Ken Murchison wrote:
Ken Murchison wrote:
Kendrick Vargas wrote:
Hi folks,
I asked earlier how I could get users within the primary (default)
domain hashed into the domain/ subdirectories of the imap spool
instead of being right at the toplevel
Hi list.
It would be very helpful if I could choose _only_ one from these
options. You see, with current code for virtual domains, I faced the
following frustrating situation.
Provided that I have set up two domains foo.com and bar.com in my dns
server and that I have given 2 IP addresses to
I vote for the config option.
I'm always in favour of less hard coded behaviour and more configuration options (with sane defaults). :)
Regards
On Mon, 2003-12-29 at 00:40, Christos Soulios wrote:
Hi list.
It would be very helpful if I could choose _only_ one from these
options. You see,
Kendrick Vargas wrote:
Hi folks,
I asked earlier how I could get users within the primary (default) domain
hashed into the domain/ subdirectories of the imap spool instead of being
right at the toplevel without any real domain association. I was told that
the defaultdomain option was meant to
On Fri, 26 Dec 2003, Ken Murchison wrote:
Kendrick Vargas wrote:
Hi folks,
I asked earlier how I could get users within the primary (default) domain
hashed into the domain/ subdirectories of the imap spool instead of being
right at the toplevel without any real domain association. I
On Fri, 26 Dec 2003, Ken Murchison wrote:
Kendrick Vargas wrote:
Hi folks,
I asked earlier how I could get users within the primary (default) domain
hashed into the domain/ subdirectories of the imap spool instead of being
right at the toplevel without any real domain association. I
29 matches
Mail list logo
