[ << ] [ < ] [ Up ] [ > ] [ >> ]         [Top] [Contents] [Index] [ ? ]

3 Authentication

When GNU Anubis accepts incoming connection, it first has to identify the remote party, i.e. to determine whether it is authorised to use Anubis resources and, if so, what configuration settings to use during the session. We call this process authentication. The exact method of authentication depends on Anubis operation mode. Currently there are three modes:


No authentication is performed. Anubis switches to the unprivileged user (see section user-unprivileged) and acts as an SMTP proxy.


Anubis relies on AUTH service (identd) to authenticate users. This is the default mode. It is compatible with versions of GNU Anubis up to 3.6.2.


This mode uses SMTP AUTH mechanism to authenticate incoming connections. See section Pixie & Dixie, original description of this mode.

Both modes have their advantages and deficiencies, which you need to weigh carefully before choosing which one to use. They are discussed below:

Transparent (‘traditional’) mode.


  1. The user must have identd installed on his machine.
  2. The user must have a system account on the machine running GNU Anubis (though the system administrator may relax this limitation by using user name translation, see section TRANSLATION Section).


  1. Relative simplicity. No user database is necessary.
  2. Authentication is performed immediately after connecting.

Auth mode.


  1. A user database is needed
  2. MUAs of the users must be able to perform ESMTP AUTH.(1)


  1. Improved reliability.
  2. Users do not have to run identd on their machines.
  3. Users are not required to have accounts on the machine where Anubis runs.
  4. Users can remotely modify their configuration files.

[ << ] [ < ] [ Up ] [ > ] [ >> ]         [Top] [Contents] [Index] [ ? ]

This document was generated on March 25, 2021 using texi2html 5.0.