[Dovecot] Dovecot SASL Client support?

/dev/rob0 rob0 at gmx.co.uk
Tue Jan 8 19:12:25 EET 2013


On Tue, Jan 08, 2013 at 08:59:09AM -0500, Charles Marcus wrote:
> So that postfix can use dovecot-sasl for remotely authenticating
> against another SMTP server, ie, for secure relays...

I don't think this makes sense for Dovecot to implement -- maybe 
P at rick and/or Timo will correct this if I am wrong.

Server SASL is a natural offshoot of an imapd, because the same 
credentials are used, and just as with an IMAP client, the imapd 
merely has to validate the credentials.

Client SASL is different. The credentials are not necessarily in use 
by the imapd otherwise, and the job of the client SASL library is to 
generate the authentication, not to validate it.

I don't expect to see Dovecot providing client SASL.

You mention secure relays; for this I generally use OpenVPN. With a 
tunnel between the sending and relaying systems, the mail goes 
through said tunnel.

Another good choice where this might not be possible is to use TLS 
certificate authentication:

http://www.postfix.org/TLS_README.html#server_access
http://www.postfix.org/TLS_README.html#client_tls_policy
-- 
  http://rob0.nodns4.us/ -- system administration and consulting
  Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:


More information about the dovecot mailing list