Sv: 2FA/MFA with IMAP & postfix/submission
Alex
mysqlstudent at gmail.com
Thu Jul 15 17:49:03 EEST 2021
Hi,
> > Unfortunately the best way to do multifactor authentication today is
> > to use OAUTH2, which isn't currently supported for own installations.
> > Or you can use client certs.
> >
> > If you want to use some kind of MFA with tokens, you end up having to
> > feed your token all the time. So the best option, for now, is device
> > passwords.
>
> speculating :=)
>
> weekforce policy server with 2fa, that just update allow_nets in dovecot
> user dict table, so all dovecot do is to check allow nets pr user from
> dict, i dont know if that is possible so imap / pop3 / lmtp and other
> service in dovecot dont need to mess with oauth2 or other complicated
> login system not supported everywhere
Yeah, I'm not sure we can use something that appears to be so experimental.
What about client certs? Wouldn't that solve the problem?
Does Outlook for Windows include any type of MFA? It appears
inextricably linked to Office 365.
What about something like what we used to do with pop-b4-smtp to at
least restrict by IP address?
More information about the dovecot
mailing list