On 9.4.2010, at 14.24, Mike Abbott wrote:
The patch adds the concept of "submit" users. Submit users are like master users in that they may log in as any user. However submit users can use only a limited set of commands: just URLFETCH, ID, CAPABILITY (although the capabilities are a lie since submit users can't use most commands), and LOGOUT. This restriction enables an IMAP server to allow a BURL-capable submission server to use URLFETCH commands without risking a huge security breach if a submit user's credentials are compromised. In other words, you can safely enable limited-power submit users without enabling super-user master users.
Hmm. They are quite similar though. Maybe it could internally work pretty much the same as master user, except have a single flag saying it's a submit user, and based on that deny the commands. And actually this could be merged with the support for checking if user is anonymous. So something like:
MASTER_USER=submit USER_TYPE=anonymous | normal | submit
The patch adds a non-standard X-PLAIN-SUBMIT authentication method specifically to allow plain-text submit user logins while plain-text regular user logins are not allowed. This lets the system administrator configure the same submit user and password credentials on both the submission server and the IMAP server.
With v2.0 it's possible to do:
disable_plaintext_auth = yes remote submit.domain.org { disable_plaintext_auth = no }
I think that takes care of the need for X-PLAIN-SUBMIT?