On 2021 Jul 15, at 08:52, Alex <mysqlstudent@gmail.com> wrote:
Client certs appears to be a good solution.
A solution, certainly. A GOOD solution? Not really.
What's the process for managing them with more than a hundred client accounts?
And that's the first issue.
The second issue is "my primary device is not available, I need to login from this other computer or use my phone which is unsuitable for this task. Too bad I have no choice but to use the phone because this computer doesn’t have the cert."
And then you have the "now that I've installed this cert, theis computer is considered trusted" which is another issue.
2FA is a lot more flexible and robust.
OATH works well. SQRL looks promising though it requires a web UI I to do the authentication (and SQRL does away with passwords as well).
I believe the problem they are trying to solve is hacked accounts from compromised passwords. Does client certs solve that problem?
Maybe. Depends on if the hacker can get access to the user's machine or not.
Perhaps there are dovecot (and postfix submission) options to at least restrict access by IP?
It is certainly possible in Postfix, but that opens up its own issues. It may be acceptable in some corporate environs, but in most situations being able to access your email wherever you are is a requirement.
-- The wages of sin is death, but so is the salary of virtue, and at least the evil get to go home early on Fridays. --Witches Abroad