fcusack at fcusack.com
Wed Feb 7 02:23:42 UTC 2007
On February 6, 2007 4:12:02 PM -0800 Micah Cowan <micah at cowan.name> wrote:
> I was wondering where I might find more information about using OTP as an
> authentication protocol with dovecot.
I found that some (all?) clients login multiple times in a single user
visible "session". This makes sense for multithreaded clients, I guess.
So having dovecot do OTP directly is a bit of a chore. What I did was
use the auth cache so that an OTP is valid for x amount of time. Works
like a charm.
I'm just using PAM with pam_otp_auth (www.tri-dsystems.com).
A better solution might be to require an OTP-authenticated VPN session
to get to the IMAP server.
More information about the dovecot