Re: Delivering locally through the Submission Server
On 03/11/2020 12:31 Piotr Auksztulewicz dcml@hasiok.net wrote:
On Mon, Nov 02, 2020 at 09:33:08PM +0100, R. Diez wrote:
OK, so I gather that the Submission Server cannot do that (yet).
And probably would never do. It isn't its job description.
Actually, it is just a convenience/workaround feature, which comes handy only if your own MTA cannot handle dovecot's SASL authentication (must be something real strange) or there are some integration/security/policy issue perceived (but I cannot think of any, actually). In this case you can set up dovecot's submission server, which uses dovecot's authentication settings, so you have single source of authentication, and whitelist dovecot IP address in your MTA so it accepts anything that dovecot's submission server lets through. But I don't think it is a good idea personally, it is more open to exploitation this way, unless the address is 127.0.0.1, in which case you can simply set up SASL over Unix sockets, which is as secure as your host server is.
Submission service is not only a proxy, it
- provides authentication natively from Dovecot
- provides features like BURL, and maybe in future outbound Sieve
but it does require real MTA behind.
-- Aki
On Tue, Nov 03, 2020 at 12:37:07PM +0200, Aki Tuomi wrote:
Submission service is not only a proxy, it
- provides authentication natively from Dovecot
- provides features like BURL, and maybe in future outbound Sieve
I didn't know about BURL, thanks. Looks interesting. I am sometimes really annoyed by double upload when sending big files. I wonder if my mail clients support this... need to check. Maybe then I'll configure dovecot sumbission just for BURL sake.
-- Piotr "Malgond" Auksztulewicz firstname@lastname.net
participants (2)
-
Aki Tuomi
-
Piotr Auksztulewicz