Securing postfix to dovecot (SASL) auth
Patrick Ben Koetter
p at sys4.de
Fri Sep 29 12:55:36 EEST 2017
* Aki Tuomi <aki.tuomi at dovecot.fi>:
>
>
> On 27.09.2017 13:21, Peter wrote:
> > On 27/09/17 20:35, Thomas Bauer wrote:
> >> service auth {
> >> inet_listener{
> >> address=192.0.0.1
> >> port=10001
> >> ssl=yes
> >> }
> >> }
> > ssl=yes is not documented to work for the auth service and it's highly
> > likely that it is simply ignored.
>
> It is documented for inet_listener's in general and is not ignored. Any
> dovecot inet_listener can be given this flag.
However AFAIK Postfix does not honor an SSL encrypted layer for SASL auth.
> You could use stunnel on the other end.
That's what we usually do.
p at rick
--
[*] sys4 AG
https://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG,80333 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief
Aufsichtsratsvorsitzender: Florian Kirstein
More information about the dovecot
mailing list