

distrib > Mandriva > 2008.1 > x86_64 > by-pkgid > 172678402dc25221cbc2711090f0a934 > files > 107


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<!-- Mon Feb  9 14:16:03 2004 -->
<!-- USING HT2HTML 2.0 -->
<!-- SEE -->
<!-- User-specified headers:
Title: tmda-ofmipd HOWTO


<title>tmda-ofmipd HOWTO</title>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="generator" content="HT2HTML/2.0">
<style type="text/css">
body { margin: 0px; }
<body bgcolor="#ffffff" text="#000000"
      marginwidth="0" marginheight="0"
      link="#0000bb"  vlink="#551a8b"
<!-- start of page table -->
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<!-- start of banner row -->
<!-- start of corner cells -->
<td width="150" valign="middle" bgcolor="#afeeee" class="corner">
<center><font size="+2"
        >&gt;&gt;&gt;&nbsp;TMDA&nbsp</font></center> </td>
<td width="15" bgcolor="#cccccc">&nbsp;&nbsp;</td><!--spacer-->
<!-- end of corner cells -->
<!-- start of banner -->
<td width="90%" bgcolor="#cccccc" class="banner">
<!-- start of site links table -->
<table width="100%" border="0"
    <td bgcolor="#cccccc">
<a href="./index.html">Home</a>
    <td bgcolor="#cccccc">
<a href="./trouble.html">Help</a>
    <td bgcolor="#cccccc">
<a href="tmda-cgi">TMDA-CGI</a>
    <td bgcolor="#cccccc">
<a href="">SourceForge</a>
    <td bgcolor="#cccccc">
[    <a href="" title="Australia Mirror">AU</a> |    <a href="" title="Germany Mirror">DE</a> |    <a href="" title="Italy Mirror">IT</a> |    <a href="" title="Poland Mirror">PL</a> |    <a href="" title="USA Mirror">US</a>     mirror ]
    <td bgcolor="#cccccc">
<a href="">FAQ</a>
    <td bgcolor="#cccccc">
<a href="">Wiki</a>
    <td bgcolor="#cccccc">
<a href="">Store</a>
</table><!-- end of site links table -->

</td><!-- end of banner -->
</tr><!-- end of banner row -->
<tr><!-- start of sidebar/body row -->
<!-- start of sidebar cells -->
<td width="150" valign="top" bgcolor="#cccccc" class="sidebar">
<!-- start of sidebar table -->
<table width="100%" border="0" cellspacing="0" cellpadding="3"
<tr><td bgcolor="#191970"><b><font color="#ffffff">
<tr><td bgcolor="#cccccc">
<a href="index.html">Introduction</a>
<tr><td bgcolor="#cccccc">
<a href="history.html">History</a>
<tr><td bgcolor="#cccccc">
<a href="features.html">Features</a>
<tr><td bgcolor="#cccccc">
<a href="challengeresponse.html">Challenge / Response</a>
<tr><td bgcolor="#cccccc">
<a href="donations.html">Donations</a>
<tr><td bgcolor="#cccccc">
<a href="">Advocacy</a>
<tr><td bgcolor="#cccccc">&nbsp;
<tr><td bgcolor="#191970"><b><font color="#ffffff">
<tr><td bgcolor="#cccccc">
<a href="requirements.html">Requirements</a>
<tr><td bgcolor="#cccccc">
<a href="download.html">Download</a>
<tr><td bgcolor="#cccccc">
<a href="install.html">Installation</a>
<tr><td bgcolor="#cccccc">
<a href="upgrade.html">Upgrading</a>
<tr><td bgcolor="#cccccc">&nbsp;
<tr><td bgcolor="#191970"><b><font color="#ffffff">
<tr><td bgcolor="#cccccc">
<a href="config.html">Overview</a>
<tr><td bgcolor="#cccccc">
<a href="config-pre.html">Pre-Config</a>
<tr><td bgcolor="#cccccc">
<a href="config-server.html">Server Config</a>
<tr><td bgcolor="#cccccc">
<a href="config-client.html">Client Config</a>
<tr><td bgcolor="#cccccc">
<a href="config-vars.html">Config Variables</a>
<tr><td bgcolor="#cccccc">
<a href="config-filter.html">Filter Spec</a>
<tr><td bgcolor="#cccccc">
<a href="filter-sources.html">Filter Sources</a>
<tr><td bgcolor="#cccccc">
<a href="howto-template.html">Templates</a>
<tr><td bgcolor="#cccccc">
<a href="tmda-vdomains.html">Virtual Domains</a>
<tr><td bgcolor="#cccccc">
<tr><td bgcolor="#cccccc">
<a href="">User HOWTOs</a>
<tr><td bgcolor="#cccccc">&nbsp;
<tr><td bgcolor="#191970"><b><font color="#ffffff">
<tr><td bgcolor="#cccccc">
<a href="trouble.html">Help</a>
<tr><td bgcolor="#cccccc">
<a href="">FAQ</a>
<tr><td bgcolor="#cccccc">
<a href="">Lists &amp; Newsgroups</a>
<tr><td bgcolor="#cccccc">
<a href="">List Archives</a> 
<tr><td bgcolor="#cccccc">
<a href="">Commercial Support</a>
<tr><td bgcolor="#cccccc">
<a href="">External Docs</a>
<tr><td bgcolor="#cccccc">
<a href="">TmdaWiki</a>
<tr><td bgcolor="#cccccc">&nbsp;
<tr><td bgcolor="#191970"><b><font color="#ffffff">
<tr><td bgcolor="#cccccc">
<a href="">Mirrors</a>
<tr><td bgcolor="#cccccc">
<a href="logos.html">Logos</a>
<tr><td bgcolor="#cccccc">
<a href="" TARGET="Resource Window">Merchandise</a>
<tr><td bgcolor="#cccccc">&nbsp;
<tr><td bgcolor="#191970"><b><font color="#ffffff">
<tr><td bgcolor="#cccccc">
<a href="">TMDA Users List</a>
<tr><td bgcolor="#cccccc">
<tr><td bgcolor="#cccccc">
&copy; 2001-2004
</table><!-- end of sidebar table -->

<td width="15">&nbsp;&nbsp;</td><!--spacer-->
<!-- end of sidebar cell -->
<!-- start of body cell -->
<td valign="top" width="90%" class="body"><br>


<h2>What is it&nbsp;?</h2>
tmda-ofmipd is an async I/O based authenticated 

<a href="" TARGET="Resource Window">ofmip</a>

proxy for TMDA.  This allows users of any mail client capable of SMTP
Authentication (e.g, Outlook, Eudora, Mozilla) to "tag" their outgoing
mail as described in the

<a href="config-client.html">Client Configuration</a>

tmda-ofmipd does this by listening on an available port (e.g, 8025),
accepting SMTP connections to that port, and then "tagging" the
message according to the TMDA configuration of the authenticated user.

I call it a proxy because it's not replacing the real SMTP server.  It
only accepts the message from the client, transforms the headers, and
then sends the message by handing it off to the real SMTP server.

There are several reasons why you may want (or have to) use tmda-ofmipd to
take advantage of TMDA's client features:<br>


<li>Your mail client (MUA) doesn't support a /usr/sbin/sendmail interface, but
rather uses direct SMTP to send mail.  This includes practically all non-Unix
mail clients, and even some Unix clients such as Mozilla.<br><br>

<li>You want to maintain your TMDA configuration in one central
location instead of on your workstation and your mail server.  Unless
the two share a home directory via NFS or somesuch, this isn't
trivial.  tmda-ofmipd allows you to maintain only one set of files (on
the server).




<li>Python 2.2 or greater.  tmda-ofmipd uses some essential features
that were introduced in the 2.2 release.  If your Python is older than
this, please 

<a href="" TARGET="Resource Window">upgrade</a>.

<li>An MUA that supports RFC 2554 SMTP Authentication (i.e, username/password).
TMDA <a href="">FAQ 5.6</a> contains a 
preliminary list of MUAs known to work with tmda-ofmipd.<br><br>
NOTE: If your MUA only supports a sendmail command-line interface, but you still
want to use tmda-ofmipd, see below for some options.




tmda-ofmipd implements the minimal SMTP protocol as defined in RFC
2821, the ESMTP EHLO command defined in RFC 1869, and SMTP
Authentication (PLAIN, LOGIN, CRAM-MD5 methods) as defined in RFC
2554.  The proxy <strong>cannot</strong> be used by an unauthenticated user.

<h4>Authentication Sources</h4>
tmda-ofmipd can get its authentication information from several different sources.

<li>From a "password"
file that you create.  The format of this file is simple.  Each line
of the file should contain a username and password separated by a
colon; one entry per line.  e.g,



The username fields should match the usernames of the TMDA users on your mail

The passwords need not be the same as any other passwords on the system.
In fact, for security reasons, they should remain distinct!

The default location for the authentication file /etc/tofmipd if
running in global mode (see below), otherwise ~user/.tmda/tofmipd.
These defaults can be overridden using tmda-ofmipd's `-a' flag.

The authentication file must be chmod 600 or 400, and be owned by the
user running the daemon.  tmda-ofmipd will fail to start otherwise.

A checkpassword compatible programs such as 
<a href="" TARGET="Resource Window">checkpassword-pam</a>.
This would allow you to utilize your existing password database.
Use tmda-ofmipd's `-A' flag to specify the program and arguments.  The help output
contains such an example.

<li>Against a remote resource such as POP3, IMAP, or LDAP server.
Use tmda-ofmipd's `-R' flag to specify the protocol, and optionally
the hostname and port of the server.  See the help output for supported
protocols and example usage.



Familiarize yourself with tmda-ofmipd's command-line options by reading
the output of:

tmda-ofmipd --help


tmda-ofmipd can be run in two modes.  "Personal" by your
non-privileged TMDA user account for your own personal use, or
"Global" by your system administrator to serve multiple TMDA users on the
system with once instance of the daemon.

<h4>Personal mode</h4>
<li>Create an authentication file as described above in ~/.tmda/tofmipd.

<h4>Global mode</h4>
<li>Create an authentication file as described above in /etc/tofmipd.

<li>Create a non-priveleged user account for tmda-ofmipd to run under.  The
following creates an account for user `tofmipd', group `tofmipd'
under FreeBSD:

# pw groupadd tofmipd
# pw useradd tofmipd -g tofmipd -s /nonexistent


If you choose a name other than `tofmipd', make sure to start
tmda-ofmipd with the `-u' option.

<h4>Starting tmda-ofmipd</h4>

$ tmda-ofmipd -d -f
tmda-ofmipd started at Mon Feb 3 13:55:37 MST 2003
        Listening on

tmda-ofmipd is now listening in the foreground for
connections on port 8025 of your server.

$ telnet hrothgar 8025
Connected to
Escape character is '^]'.
220 ESMTP tmda-ofmipd
221 Bye
Connection closed by foreign host.


The host:port combination can be changed using the `-p' option.  The `-d'
option prints debugging information to stderr which might be useful until
you get tmda-ofmipd working as you want it to. Leave off the `-f' option,
and tmda-ofmipd will detach and run in the background.


<h2>MUA Configuration</h2>

You must now configure your MUA to use a port other than 25 to send
outgoing mail (by default, tmda-ofmipd runs on port 8025).
Configuring your mail client to use an alternate SMTP port to send
outgoing mail differs for every client, and is beyond to scope of this
document. However, see the following link for examples of how to do this
for some of the more popular clients.

<li><a href="" 
TARGET="Resource Window"></a>


If your MUA only supports a sendmail interface for sending mail, see 
TMDA <a href="">FAQ 5.7</a>
for some options.

</td><!-- end of body cell -->
</tr><!-- end of sidebar/body row -->
</table><!-- end of page table -->