[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ZMailer + Radius user existence verification

On Sat, Apr 01, 2000 at 04:27:52PM +0300, Vladimir Lazarenko wrote:
> Hi!
> Is it posiible to make Zmailer's mailbox transport agent verify user's
> existence using Radius server?

	My first reaction was:  "yes, trivial, supply your own library
				 implementing   getpwnam()  which calls
				 radius, and you are done."

	HOWEVER, you need rather special Radius server for that too.
	In normal case the Radius server is used to AUTHENTICATE user,
	that is, the Radius request contains username + password.
	That latter the mailbox can't know.

	All in all, Radius isn't good protocol for user profiling
	(e.g. "yes, the user exists, here are some parameters"),
	which things like mailbox need.

	The underlying assumption in Radius AUTHENTICATE is that
	there is a password which is verified before profile data
	is returned.

	Having a custom server with a new type of request; say USERPROFILE,
	could help the thing, but naturally such server must strictly limit
	who can query it (like with Radius all the time.)

	Perhaps LDAP would be better approach ?

> --
> Sincerely Yours, Vladimir Lazarenko.
> CIT "Vostok" IT Manager

/Matti Aarnio	<mea@nic.funet.fi>