19 May
2023
19 May
'23
5:54 a.m.
We are indeed listening. And Dovecot actually can check the name on the certificate, if you ask it to do so.
https://doc.dovecot.org/settings/core/#core_setting-auth_ssl_username_from_c...
I've been studying the code, looking for any way the "auth_ssl_username_from_cert" setting could be used by the LMTP server and have been unable to find any. Could someone at least confirm that Dovecot, in it's present form, CAN NOT in fact check the name on a client certificate presented to the LMTP server. If nothing else, this misleading post needs to be corrected.
-- This email has been checked for viruses by AVG antivirus software. www.avg.com