Yes Dovecot will proxy the connection to the real MTA. My question is why authentication is /always/ required on Dovecot when submission is used, as MTAs usually have an option to allow non-authenticated relaying.
On 7/28/21 10:19 AM, justina colmena ~biz wrote:
I am quite curious about the circumstances of this question. I was not aware that Dovecot actually offered mail submission service. If Dovecot does offer such a service, then it will have to relay the submitted mail to the real MTA, which is very likely not Dovecot. At the moment I have Postfix set up as MTA for that purpose —
Relaying on port 25 is usually quick and easy to whitelist for certain permitted hosts, but otherwise port 587, optionally with STARTTLS, and/or port 465 with SSL/TLS is generally set up for user authenticated mail submissions.
See also: https://www.mailgun.com/blog/which-smtp-port-understanding-ports-25-465-587/ https://www.mailgun.com/blog/which-smtp-port-understanding-ports-25-465-587/
On July 28, 2021 6:10:28 AM AKDT, Dan Conway darkc0de@archnix6.net wrote:
Hello, Is it possible to disable the requirement for authentication on the submission service? I'm trying to require authentication for all, except for a handful of IP addresses. Thank you. ehlo test.com 250-aaa 250-AUTH PLAIN LOGIN 250-BURL imap 250-CHUNKING 250-DSN 250-ENHANCEDSTATUSCODES 250-SIZE 250 PIPELINING MAIL FROM:<test@test.com> 530 5.7.0 Authentication required.-- Sent from my Android device with K-9 Mail. Please excuse my brevity.