A new thread so as not to hijack Serg's request.

In my config, I forward deliveries to Dovecot over LMTPS. The machine (there is just one for now) forwarding the mail has a certificate from a well known and trusted CA. How can I configure Dovecot to accept mail deliveries from that one machine?

Currently I have:

protocol lmtp {
login_trusted_networks = 192.168.x.y 0011:2233:4455:6677:8899:aabb:ccdd:eeff
auth_ssl_require_client_cert = yes
ssl_verify_client_cert = yes
ssl_ca = (a private - single purpose CA)
...

The IP addresses are the addresses of the LMTPS client machine.

I have a created a CA for the sole purpose of signing the certificate of the LMTPS client. I regard this as a horrible horrible kludge.

I would like to be able to set ssl_ca to the root certificate of the public trusted CA but can't work out how to get Dovecot to check the name on the certificate.

Any help would be greatly appreciated.

   Sean.



Virus-free.www.avg.com