3. Authentication

When GNU Anubis accepts an incoming connection, it first has to identify the remote party, i.e. determine whether it has the right to use Anubis resources and, if so, what configuration settings should be used during the session. We call this process authentication. The exact method of authentication depends on Anubis operation mode. Currently there are two modes:

transparent

This is the default mode. It is compatible with versions of GNU Anubis up to 3.6.2. In this mode, Anubis relies on AUTH service (identd) to authenticate users.

auth

This mode uses SMTP AUTH mechanism to authenticate incoming connections. See section Pixie & Dixie, this is the first draft description of this mode.

Both modes have their advantages and deficiencies, which you have to weigh carefully before choosing which one to use. These are discussed below:

Transparent (‘traditional’) mode.

Deficiencies:

1. The user must have identd installed on his machine.
2. Each user must have a system account on the machine where GNU Anubis runs (though the system administrator may relax this limitation using user name translation, see section TRANSLATION Section).

Advantages:

1. Relative simplicity. You don't have to create your users database.
2. Authentication is performed immediately after the connection.

Auth mode.

Deficiencies:

1. You have to maintain your users database
2. User's MUA must be able to perform ESMTP AUTH.(1)

Advantages:

1. Better reliability.
2. Users do not have to run identd on their machines.
3. Users are not required to have accounts on the machine where Anubis runs.
4. Users can remotely modify their configuration files.

This document was generated by Sergey Poznyakoff on November, 5 2007 using texi2html 1.78.