To Configure the MTA to Check for Permissions (Configuring Sun Java System Messaging Server MTA)

Configuring Sun Java System Messaging Server MTA

To Configure the MTA to Check for Permissions

With this information in mind, you need to configure the Messaging Server MTA as follows:

Add autherwrite 3 to the definitions of those channels for which you want to enable the check, in the imta.cnf file. This can be, for instance, the tcp_auth channel, if the messages from authenticated users are switched to that channel.

Add the following lines to the mapping file:

AUTH_REWRITE                                                                    (0)

    *|*|*|$2* $Y$2                                                              (1)
    *|*@*|*@* $CBASE|$}$4,_base_dn_{|$1@$2|$3@$4                                (2)
    BASE|*|*|* $CFOUND|$]ldap:///$0?uid?sub?(&(mail=$2)                         (3)
          (|(mailAlternateAddress=$1)(mailEquivalentAddress=$1)))[|$2
    FOUND|*|* $Y$1                                                              (4)
    BASE|*|*@*|*@* $CSECONDARY_BASE|$}$2,_base_dn_{|$1@$2|$3@$4                 (5)
    SECONDARY_BASE|*|*|* $CSECONDARY_FOUND|$]ldap:///$0?uid?sub?(&(|(mail=$1)   (6)
          (mailAlternateAddress=$1)(mailEquivalentAddress=$1))
          (mailGrantSendPermissionsTo=$2))[|$2
    SECONDARY_FOUND|*|* $Y$1                                                    (7)
    * $NYou$ have$ no$ permission$ to$ send$ mail$ on$ behalf$ of$ this$ person (8)

Note –

The numbers at the end of the lines are used for the discussion that follows. The lines (3) and the next one, and the line (6) and two following lines, should really be a single line, but they have been broken for readability.