On 31.8.2012, at 5.51, Adi Pircalabu wrote:
I'm relatively new to Dovecot and I did a bit of search but couldn't find a possible solution for the particular setup I'm working on. Basically I have an SMTP/POP/IMAP proxy setup running Postfix & Dovecot. IMAP/POP authentication is done using the password proxy feature, where the login credentials are passed to the backend server after a db lookup, which does the actual authentication.
POP/IMAP logs the user in and Dovecot proxies it.
The POP/IMAP part is working fine. What I'm trying to do is to use Dovecot SASL implementation in Postfix to do SMTP authentication in a similar manner. The problem I have with my current configuration is that SMTP authentication succeeds if only the username matches, because password forwarding works if the authentication succeeds with any given password, as documented at http://wiki.dovecot.org/PasswordDatabase/ExtraFields/Proxy
Dovecot has no SMTP proxy (currently). And anyway Postfix doesn't use SMTP to do authentication, Postfix authenticates using Dovecot's internal protocol, which replies that Postfix should do the proxying, which it of course doesn't do.
My question is, given the above: is there a way to get SMTP authentication properly in this scenario?
Make Postfix authenticate against the backend Dovecot server. You'll need to setup service auth { inet_listener } to some port for it.