[Dovecot] [Postfix] SASL Auth. using Dovecot with password forwarding proxy configuration

Timo Sirainen tss at iki.fi
Fri Aug 31 17:11:07 EEST 2012


On 31.8.2012, at 5.51, Adi Pircalabu wrote:

> I'm relatively new to Dovecot and I did a bit of search but couldn't
> find a possible solution for the particular setup I'm working on.
> Basically I have an SMTP/POP/IMAP proxy setup running Postfix &
> Dovecot. IMAP/POP authentication is done using the password proxy
> feature, where the login credentials are passed to the backend server
> after a db lookup, which does the actual authentication.

POP/IMAP logs the user in and Dovecot proxies it.

> The POP/IMAP part is working fine. What I'm trying to do is to use
> Dovecot SASL implementation in Postfix to do SMTP authentication in a
> similar manner. The problem I have with my current configuration is that
> SMTP authentication succeeds if only the username matches, because
> password forwarding works if the authentication succeeds with any given
> password, as documented at
> http://wiki.dovecot.org/PasswordDatabase/ExtraFields/Proxy

Dovecot has no SMTP proxy (currently). And anyway Postfix doesn't use SMTP to do authentication, Postfix authenticates using Dovecot's internal protocol, which replies that Postfix should do the proxying, which it of course doesn't do.

> My question is, given the above: is there a way to get SMTP
> authentication properly in this scenario?

Make Postfix authenticate against the backend Dovecot server. You'll need to setup service auth { inet_listener } to some port for it.


More information about the dovecot mailing list