On 21/08/20 7:15 pm, @lbutlr wrote:
On 21 Aug 2020, at 01:05, Richard Hector <richard@walnut.gen.nz> wrote:
Is that a standard interface? ie can a client like postfix talk to either dovecot or cyrus without knowing the difference?
Yes. Postfix does not care, though I find it is easier to setup and more reliable to use dovecot (I've used both, YMMV).
Thanks - is there documentation of this protocol somewhere? Though having just now had another look at the Postfix SASL_README, it appears it needs support for each compiled in, suggesting there are differences?
Are there others?
Those are the only two I have used. If there are others I've not seen them mentioned on the postfix list that I can recall.
Postfix, AFAICS, only supports the two - but I've seen references for IRC servers talking to an irc services server called anope, which provides SASL somehow?
Is there a good reference to this somewhere, short of reading the RFCs?
The best bet is
- get a real cert.
- copy and existing configuration
I'm not following - I'm not sure we're on the same page :-( I already have Postfix (with a Letsencrypt cert) using Dovecot SASL (Dovecot also uses the same cert) Or are you talking about some other kind of cert? And are you talking about the Postfix and/or Dovecot config?
And is there any option (current or proposed) to let dovecot act as a client, rather than a server?
A client for…?
A SASL client - so eg Dovecot and Postfix could both talk to the same Cyrus (or other - even another Dovecot) SASL server. One reason might be to use password hash algorithms that Dovecot doesn't know about.
Cheers, Richard