[Dovecot] exporting client socket to postfix

zhong ming wu mr.z.m.wu at gmail.com
Sat Feb 20 15:15:16 EET 2010

Dear List,

I have a few questions regarding dovecot sasl authentication that are
somewhat related to each other.

I have a working dovecot config with
ssl_verify_client_cert = yes
 ssl_require_client_cert = yes
 ssl_username_from_cert = yes
(With this set up I need not set a correct user name in my mail client
so long as
I have it correctly in cert.)

It turns out that I cannot export client socket to postfix to do smtp
authentication unless I comment out ssl_require_client_cert=yes

Does it mean that postfix is not passing to dovecot any information
about certificate?  Is passing certificate
information not part of sasl framework?  If so I won't be able to use
it with a different sasl implementation.

Also if I comment out ssl_require_client_cert=yes, then I can no
longer use username from cert to log in to retrieve my pop mail.

I prefer to get username this way otherwise my thunderbird mailbox
reads user at domain.org@domain.org; I could have more than one domain
in my dovecot servers.



More information about the dovecot mailing list