Hi Team,

Would it be possible to setup a different authentication method depending on the connection source?

I would like to use oauth2 (with mfa) for connections from internet via haproxy, whereas on the lan I run samba-dc and hence AD (krb5) is the method to use.

The latter is already setup and works fine, now I want to add oauth2 for haproxy connections (or outside lan ip-range). Here's the relevant bit of "dovecot -n":

auth_default_realm = EXAMPLE.COM auth_gssapi_hostname = mailserver.example.com auth_krb5_keytab = /etc/keytab/dovecot.keytab auth_master_user_separator = * auth_mechanisms = gssapi gss-spnego plain auth_realms = EXAMPLE.COM passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap pass = yes } passdb { driver = pam } userdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap }

• Kees.