On January 7, 2023 7:44:44 AM GMT+02:00, "weihao.chen@artisantechnologies.cn" <weihao.chen@artisantechnologies.cn> wrote:
Dear Everybody: May I ask how to configure dovecot otp one-time verification login, that is, after the user logs in to the mailbox with the password + otp, he can send and receive emails without entering the password + otp again?
<snip/>
if option: auth_mechanisms = plain login Can send and receive emails successfully, but when the otp time expires, you need to re-enter the password + otp, which is unacceptable to the user
Looking forward to your reply, Tanks
-- nick(Weihao)
weihao.chen@artisantechnologies.cn
The OTP mechanism only works with special otp passwords. If you want more generic solution, use pam with suitable modules. But as you noticed, you'll end up with authenticating with otp all the time.
You should use OAUTH2 instead, unfortunately MUA support is not very good, except for webmail based solutions.
Aki