[Dovecot] OTP?

Frank Cusack fcusack at fcusack.com
Wed Feb 7 02:23:42 UTC 2007


On February 6, 2007 4:12:02 PM -0800 Micah Cowan <micah at cowan.name> wrote:
> I was wondering where I might find more information about using OTP as an
> authentication protocol with dovecot.

I found that some (all?) clients login multiple times in a single user
visible "session".  This makes sense for multithreaded clients, I guess.

So having dovecot do OTP directly is a bit of a chore.  What I did was
use the auth cache so that an OTP is valid for x amount of time.  Works
like a charm.

I'm just using PAM with pam_otp_auth (www.tri-dsystems.com).

A better solution might be to require an OTP-authenticated VPN session
to get to the IMAP server.

-frank


More information about the dovecot mailing list