why is dovecot "Allowing any password"

Jochen Bern jochen.bern at binect.de
Thu Mar 22 12:34:44 EET 2018


On 03/22/2018 09:34 AM, Aki Tuomi wrote:
>>> I have no idea why you would have nopassword=y set in the first
>>> place, so it seems the simplest way to eliminate this problem is to
>>> take that out and have a secure environment for sending mail.
>>
>> Yes, however, for SOGo with Native Outlook compatibility or SAML
>> logon, the config is required.
> 
> I have no idea *WHY* it is required by SOGo. It does not make sense.

The configuration guide describes (in 4.3.) a scenario where SOGo's user
population backend (LDAP) is set up from scratch, which implies that the
preexisting IMAP server supposedly is *not* using the same
backend/data/passwords.

I'ld guess that *if* you have the IMAP server configured to look up the
same backend/data (including support for exotic authentication methods,
"Exchange style" cross-user access rights management, yadda yadda), the
requirement to defeat authentication from SOGo to the IMAP server may
become moot.

But until then - Exchange takes its entire auth from AD, and SOGo's
LDAP, *not* the IMAP server's passdb, is the analogue of that.

Regards,
-- 
Jochen Bern
Systemingenieur

www.binect.de
www.facebook.de/binect

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4278 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://dovecot.org/pipermail/dovecot/attachments/20180322/836624b5/attachment.p7s>


More information about the dovecot mailing list