[Postfixbuch-users] Postfix. smtpd-auth mit sasl

Patrick Ben Koetter p at state-of-mind.de
Fr Aug 18 09:46:58 CEST 2006


* Ralf Hildebrandt <Ralf.Hildebrandt at charite.de>:
> * Patrick Ben Koetter <p at state-of-mind.de>:
> 
> > Externe Mechanismen sind entweder eine TLS-Verbindung oder ein SWAN-Tunnel.
> 
> VPN Tunnel. SWAN ist nur ein "Produkt".

Dann halt ganz genau... ;)


7.4.  External mechanism

   The mechanism name associated with external authentication is
   "EXTERNAL".

   The client sends an initial response with the authorization identity.

   The server uses information, external to SASL, to determine whether
   the client is authorized to authenticate as the authorization
   identity.  If the client is so authorized, the server indicates
   successful completion of the authentication exchange; otherwise the
   server indicates failure.

   The system providing this external information may be, for example,
   IPsec or TLS.

   If the client sends the empty string as the authorization identity
   (thus requesting the authorization identity be derived from the
   client's authentication credentials), the authorization identity is
   to be derived from authentication credentials which exist in the
   system which is providing the external authentication.
   <http://www.ietf.org/rfc/rfc2222.txt>



-- 
Das Postfix-Buch
<http://www.postfix-buch.com>
saslfinger (debugging SMTP AUTH):
<http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>



Mehr Informationen über die Mailingliste Postfixbuch-users