Sendmail + LMTP AUTH

Okay, I must be clueless here... I have looked through the docs, looked
through the archives, done google searches, etc.  I just plain don't
understand how to configure sendmail to do LMTP authentication correctly.
I am in need to open up the TCP port of LMTP to more than just [localhost]
and believe that LMTP AUTH is the way to do it.  We do not have tcpwrapper
support compiled in, and really need to find a way to do it without having
to recompile lmtpd.

In the cyrus config file, I have the following config lines:

 # LMTP is required for delivery
 #lmtp         cmd="lmtpd -a" listen="localhost:lmtp"
 lmtp          cmd="lmtpd" listen="lmtp"
 lmtpunix      cmd="lmtpd" listen="/var/imap/socket/lmtp"

We were running with the "-a" option forced to localhost.  I removed it
and removed the localhost reference.  The lmtpunix line is there in case
anyone uses the deliver program to deliver a message.

As far as the sendmail configuration goes, I have the following:

 dnl server configuration for SMTP AUTH
 define(`confAUTH_MECHANISMS', `PLAIN')dnl
 TRUST_AUTH_MECH(`PLAIN')
 define(`confAUTH_OPTIONS', `p,y')dnl

 dnl server configuration for SMTPS
 DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')

 dnl cyrus configuration
 define(`confLOCAL_MAILER', `cyrus')

 MAILER(`local')
 MAILER(`smtp')

 MAILER_DEFINITIONS
 Mcyrus, P=[IPC], F=lsDFMnqAwW@/:|SmXz, E=\r\n,
         S=EnvFromL, R=EnvToL/HdrToL, T=DNS/RFC822/X-Unix,
         U=cyrus:mail, A=TCP [localhost] lmtp

Note:  This is obviously not the full file, but hopefully just the parts
relevant to the discussion.

Now, what do I need to change in order to get LMTP AUTH working?  I do
have some questions regarding how LMTP AUTH actually occurs... First,
what username/password gets used for the authentication?  Is it going to
be "postman", like it is for when lmtpd is ran with the "-a" option?  I
can only guess that this might be the case, since delivery of email is
coming from an anonymous source and not a physical user on the system.
If this is the case, then what about the password?  Is it stored in the
config file, or cached or what?  Secondly, I assume this occurs in the
plain-text format, so, should I be setting up LMTP to be done over SSL?
Will sendmail use SSL to LMTP correctly?  If this is the case, how do I
change the above setup to make SSL LMTP work?

By the way, please note that I have "allowplaintext: 1" in the imapd.conf
file, so authenticating over a plain-text connection for IMAP and POP is
not allowed... they have to authenticate over an SSL/TLS connection first.
Since this is set, won't this affect LMTP authentication as well?

Okay, lots of questions... I hope I can get some answers... I feel that I
am pouring more time and energy into this problem than I need, and really
need to turn my attention elsewhere...

Thanks!
Scott
--
+-----------------------------------------------------------------------+
     Scott W. Adkins                http://www.cns.ohiou.edu/~sadkins/
  UNIX Systems Engineer                  mailto:adkinss@xxxxxxxx
       ICQ 7626282                 Work (740)593-9478 Fax (740)593-1944
+-----------------------------------------------------------------------+
    PGP Public Key available at http://www.cns.ohiou.edu/~sadkins/pgp/

pgpcWIWkgAqwn.pgp
Description: PGP signature