[Dovecot] Passwordless auth?
Dan Mahoney, System Admin
danm at prime.gushi.org
Fri May 24 02:10:01 EEST 2013
Hey all,
I'm in the process of writing some scripts which I want to be able to take
actions on my local mailbox. (For example, to move a subset of messages
to the trash over time, if unread for a week. To act on messages in my
learn-spam folder and then delete them).
What occured to me as being a Neat Idea is if Dovecot could honor ident
(rfc1413) lookups, from trusted hosts (i.e. 127.0.0.1). In this way I get
all the benefits of dovecot's indexing being updated and nice locking, but
I don't have to leave my password laying around in a plaintext file.
(Yes, this assumes I'm running a shell on the mail server. I'm not
concerned about the same level of security when you could simply cat my
mail spool).
I'd definitely consider something like an SSH key with a forced
command (I do see questions in the FAQ about making dovecot work over a
socket connection), but that forgoes using standard imap clients.
I could also create a dovecot-only user with my UID and no other login
privileges, but I'd like this to "just work" for anyone.
I don't know anything about if dovecot supports X509 auth, but this
would require the client libraries to support such a thing, which not all
do.
I'd love to hear about any other ways people have thought about to do
this. Any ideas?
-Dan Mahoney
--
--------Dan Mahoney--------
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144 AIM: LarpGM
Site: http://www.gushi.org
---------------------------
More information about the dovecot
mailing list