Hello!
On Tue, Jan 15, 2013 at 01:56:54PM +0000, Andy D'Arcy Jewell wrote:
> Hi all,
>
> Can anyone throw some light on this for me please?
>
> Looking at: http://wiki.nginx.org/Faq#How_can_Nginx_be_deployed_as_an_SMTP_proxy.2C_with_a_Postfix_backend.3F
>
> It says "The example is for unauthenticated e-mail as you can see",
> but the example clearly shows authentication:
>
> ---------------------------------------------------------
> mail { server_name mail.somedomain.com;
> auth_http localhost:8008/auth-smtppass.php;
> ---------------------------------------------------------
>
> So I'm confused - should this be in there? Because if so, I'm
> obviously missing something about what unauthenticated means...
The "auth_method none" still doesn't mean there is no
authentication/authorization at all, it means that it's done
without requiring a user to provide login/password. Auth script
is still expected to do some form of authorization, e.g. by
checking ip and source/destination addresses provided.
--
Maxim Dounin
http://nginx.com/support.html
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
On Tue, Jan 15, 2013 at 01:56:54PM +0000, Andy D'Arcy Jewell wrote:
> Hi all,
>
> Can anyone throw some light on this for me please?
>
> Looking at: http://wiki.nginx.org/Faq#How_can_Nginx_be_deployed_as_an_SMTP_proxy.2C_with_a_Postfix_backend.3F
>
> It says "The example is for unauthenticated e-mail as you can see",
> but the example clearly shows authentication:
>
> ---------------------------------------------------------
> mail { server_name mail.somedomain.com;
> auth_http localhost:8008/auth-smtppass.php;
> ---------------------------------------------------------
>
> So I'm confused - should this be in there? Because if so, I'm
> obviously missing something about what unauthenticated means...
The "auth_method none" still doesn't mean there is no
authentication/authorization at all, it means that it's done
without requiring a user to provide login/password. Auth script
is still expected to do some form of authorization, e.g. by
checking ip and source/destination addresses provided.
--
Maxim Dounin
http://nginx.com/support.html
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx