sasl service for other app
Michael Peddemors
michael at linuxmagic.com
Thu Dec 8 20:11:20 UTC 2022
On 2022-12-07 20:53, Henry R wrote:
> can dovecot run as a general sasl service for other apps? such as webdav.
>
> Thanks.
Almost anything can use dovecot (or any other system) as an
authentication SASL service, but it is the 'gotchas' that you have to
think about.
* Does this open your SASL mechanism to new brute force attacks?
* How do you pass additional information to the SASL, eg country of
origin, IP Address
* How do you pass 2FA through?
* Rate Limiting?
* What about policies such as the use of TOR Proxies?
* Will this create excessive demand on dovecot?
On the surface, the authentication part is the most simple.
However, you might want to consider connecting directly to the
underlying mechanism that your dovecot is using. With a middle layer of
course, that addresses all of the other issues.
--
"Catch the Magic of Linux..."
------------------------------------------------------------------------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
------------------------------------------------------------------------
604-682-0300 Beautiful British Columbia, Canada
This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.
More information about the dovecot
mailing list