Yes, you would need to use the dovecot submission server for this:
https://doc.dovecot.org/admin_manual/submission_server/
Most people, however, use their MTA's submission server but use dovecot for the authentication backend:
https://doc.dovecot.org/configuration_manual/howto/simple_virtual_install/#s...
Peter
On 19/04/24 13:27, karl.l--- via dovecot wrote:
Hi,
This is my dovecot version:
root@freebsdsvr:~ # dovecot --version 2.3.21 (47349e2482)
I'm having trouble in making dovecot as proxy to the mail server when using ntlm authentication. My setup looks like this: email client ------> dovecot (will act as proxy) -------> mail server so basically the email client will connect to dovecot but dovecot will forward it to the mail server.
Proxying using auth_mechanism as PLAIN is working but if I use ntlm authentication it just connects into the dovecot server and dovecot server does not proxy to to the mail server.
I tried using passdb driver = sql, passdb driver = static, passdb driver = lua and all of them are working when the email client connects using plain auth, once dovecot authenticates the user it will proxy it to the mail server but when I use ntlm authentication it just connects to dovecot and does not do a proxy to the mail server.
You seem to be confusing IMAP with submission. The IMAP protocol is good for fetching mail and as a general interface to the mail storage (or mailbox). IMAP is not used for submitting new mail (except usually for storing a copy in the user's "Sent" folder).
Mail submission is done via the "submission" or (the implicit TLS version) "submissions" protocols. This is usually a function of your MTA (e.g. Postfix, exim, Sendmail, etc but generally not Dovecot). So any attempt to submit mail to the IMAP port is flawed.
All that said, Dovecot does come with a submission server that can "proxy" mail through to the submission service on your MTA. This can be used in the way you describe (but again it's not IMAP):
https://doc.dovecot.org/admin_manual/submission_server/
Most people, however, use their MTA's submission server but use dovecot for the authentication backend. This means that just the authentication credentials are passed through from your MTA to Dovecot and Dovecot answers with a yes/no to the MTA on whether it should allow the submission to proceed. In this case Dovecot is still doing the authentication but no proxy is needed for the actual submission:
https://doc.dovecot.org/configuration_manual/howto/simple_virtual_install/#s...
The latter solution is my recommendation unless you have a specific need for using the Dovecot submission server (e.g. BURL support).
Peter