Conditional SASL authentication

Reindl Harald h.reindl at thelounge.net
Tue Feb 24 17:56:03 UTC 2015


Am 24.02.2015 um 18:28 schrieb Luciano Mannucci:
> I have a few users that are often hit by a trojan virus that steals
> e-mail user and password. Having a very little (if not null) power on
> their machines, I need to be able to block the outgoing mail wich is
> handled by postfix via dovecot SASL.
> Blocking it at dovecot level would be optimal, for the virus doesn't
> necessarily use the e-mail of the user as its from, just the user and
> password for the authentication phase.
>
> Is it feasible?

not sure what you try to achieve

* if you cahnge the pwd SASL auth is taken away
* if you don't want enforce SASL per IP mynetworks is your friend

but nobody really wants to place foreign machines in mynetworks and 
allow to send mail unauthenticated from a machine he don't own - and if 
it si only because in most configurations more restrictions than with 
SASL are bypassed

it's anyways not a dovecot question

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20150224/cab42898/attachment.sig>


More information about the dovecot mailing list