[Dovecot] Passwordless auth?
Ben Morrow
ben at morrow.me.uk
Fri May 24 02:43:11 EEST 2013
At 4PM -0700 on 23/05/13 you (Dan Mahoney, System Admin) wrote:
>
> I'm in the process of writing some scripts which I want to be able to take
> actions on my local mailbox. (For example, to move a subset of messages
> to the trash over time, if unread for a week. To act on messages in my
> learn-spam folder and then delete them).
http://wiki2.dovecot.org/PreAuth
You can also use doveadm for quite a lot of this sort of administration;
this may be easier if you're scripting in shell rather than something
more sophisticated.
> I'd definitely consider something like an SSH key with a forced
> command (I do see questions in the FAQ about making dovecot work over a
> socket connection), but that forgoes using standard imap clients.
Well, I'm not sure what you consider 'standard' here, but there are both
Perl and Python IMAP libraries which will connect to a command rather
than a socket. If you're using a client which insists on connecting to
an (INET) socket, it's a little harder; while you can obviously connect
preauthed imap to a listening socket with netcat, that's not remotely
secure.
> I could also create a dovecot-only user with my UID and no other login
> privileges, but I'd like this to "just work" for anyone.
I believe with the latest 2.2 you can also do this with Kerberos
principals, if you're running Kerberos; I haven't looked into this yet,
but I mean to (for much the same reason).
Ben
More information about the dovecot
mailing list