System command
auth.external module for authentication using external helper binary. It looks for binary
named maddy-auth-helper in $PATH and libexecdir and uses it for authentication
using username/password pair.
The protocol is very simple: Program is launched for each authentication. Username and password are written to stdin, adding \n to the end. If binary exits with 0 status code - authentication is considered successful. If the status code is 1 - authentication is failed. If the status code is 2 - another unrelated error has happened. Additional information should be written to stderr.
auth.external {
helper /usr/bin/ldap-helper
perdomain no
domains example.org
}
Configuration directives
helper file_path
Required.
Location of the helper binary.
perdomain boolean
Default: no
Don't remove domain part of username when authenticating and require it to be present. Can be used if you want user@domain1 and user@domain2 to be different accounts.
domains domains...
Default: not specified
Domains that should be allowed in username during authentication.
For example, if 'domains' is set to "domain1 domain2", then username, username@domain1 and username@domain2 will be accepted as valid login name in addition to just username.
If used without 'perdomain', domain part will be removed from login before check with underlying auth. mechanism. If 'perdomain' is set, then domains must be also set and domain part will not be removed before check.