Preauth Option

From Messaging Server Technical Reference Wiki
Jump to: navigation, search

The preauth option (available under mmp, imapproxy, popproxy, and vdomain) enables pre-authentication by the MMP. When preauth is set to 1 (yes in legacy configuration), a user is authenticated against the LDAP server before a connection is made to the backend mailstore server. When preauth is set to 0 (no in legacy configuration), the MMP connects to the backend mailstore server and simply replays the authentication information. Because of the additional authentication step, preauth reduces the overall performance, but protects the backend mailstore servers from denial-of-service attacks by unapproved users. preauth is mandatory for the POP-before-SMTP feature of the MMP.

When using hosteddomains, the mailAccessProxyPreAuth attribute in the domain node in the LDAP server overrides this option.

The default value is: 0

See also: