Hey all,
I'm in the process of writing some scripts which I want to be able to take actions on my local mailbox. (For example, to move a subset of messages to the trash over time, if unread for a week. To act on messages in my learn-spam folder and then delete them).
What occured to me as being a Neat Idea is if Dovecot could honor ident (rfc1413) lookups, from trusted hosts (i.e. 127.0.0.1). In this way I get all the benefits of dovecot's indexing being updated and nice locking, but I don't have to leave my password laying around in a plaintext file.
(Yes, this assumes I'm running a shell on the mail server. I'm not concerned about the same level of security when you could simply cat my mail spool).
I'd definitely consider something like an SSH key with a forced command (I do see questions in the FAQ about making dovecot work over a socket connection), but that forgoes using standard imap clients.
I could also create a dovecot-only user with my UID and no other login privileges, but I'd like this to "just work" for anyone.
I don't know anything about if dovecot supports X509 auth, but this would require the client libraries to support such a thing, which not all do.
I'd love to hear about any other ways people have thought about to do this. Any ideas?
-Dan Mahoney
--