I can’t find anything about users authenticating themselves before being able to send mail to Lamson. The only SSL/TLS mention I found is in Relay class, which I understand runs after Lamson finishes processing the message. I want Lamson to check LDAP credentials before it does any processing, but I don’t want passwords sent over the network unencrypted. I can handle the LDAP part provided there are auth handlers of some sort, which I also didn’t find.
I haven’t written any code yet, just exploring options by reading docs for now.
The answer is that Lamson does not support SMTP AUTH (the SMTP extension which would require users to authenticate before an email is accepted by the server) simply because it is build on top on the Python standard library
smtpdmodule, which itself does not support SMTP AUTH.You can verify this yourself by looking at the source for
lamson.server.SMTPReceiver(this is the class which implements the incoming SMTP server in Lamson and which inherits fromsmptd.SMTPServer) andsmtpd.SMTPChannel(which is the class that initially processes an incoming SMTP message before passing it on tosmtpd.SMTPServer.process_message()).However, all is not lost, this project is a spin-off of the standard library’s
smptdwhich aims to provide support for SMTP AUTH and SSL (covering both your requirements).So you could write a new class derived from the above project’s
SMTPServerand which emulates the behaviour of Lamson’sSTMPReceiver. Then, in Lamson’sconfig/boot.py, you would need to change the line:To:
replacing
my_moduleandmy_classas appropriate to load your newly written class.This would then ensure that user authentication is performed at the time an email message is received by Lamson before any further processing takes place. Of course, you’ll have ensure connections are enabled only over SSL and implement, as you said, the LDAP part (unless that’s provided by some SASL implementation or other).
I think that pretty much covers it. Good luck 🙂