LMTP tcp listener with auth?
A. Schulze
sca at andreasschulze.de
Fri Sep 14 00:08:33 EEST 2018
Am 12.09.18 um 13:41 schrieb Andreas Thienemann:
> Hi Stephan,
>
> On Wed, 12 Sep 2018, Stephan Bosch wrote:
>
>> LMTP currently does not support AUTH.
>
> Bummer. Thought so.
>
>
>> What is your use case? Most people hide LMTP behind a firewall, or don't expose it through TCP/IP in the first place.
>
> The port is currently only available to a few trusted machines, but having auth available would have been a nice benefit in case the firewall gets misconfigured.
> Cyrus for example will expose the LMTP port via TCP if configured, but expects valid user credentials.
>
> The larger use-case is a migration from cyrus to dovecot. As it's not just the MDA but also the MTA installation that is being migrated I need a way to deliver mail from the old MTA to the new MDA. LMTP comes in handy.
> https://github.com/ixs/lmtp_proxy/blob/master/README.md#minmal-downtime-migration-of-users has a rough invocation of the steps needed for that.
>
> As I said, LMTP auth isn't critical for this, but would have been a nice addition.
Hello,
I had a similar question some weeks ago: https://dovecot.org/pipermail/dovecot/2018-August/112518.html
But I tried to use tcpwrap support (which is unfortunately not available for LMTP)
My use case are docker containers: an MTA container deliver to a dovecot container via LMPT over IP.
In case of any misconfigation I would like to at least limit who could connect to the LMTP server.
I'm just using a unix socket for now...
Andreas
More information about the dovecot
mailing list