Dovecot proxy: authentication best practices
William Edwards
wedwards at cyberfusion.nl
Fri Dec 27 16:02:55 EET 2019
Hi!
I have a few questions regarding Dovecot proxy:
1.
1.1 If I understand correctly, setting 'nopassword' in the proxy passdb file, authentication is completely up to the destination host. Setting 'nopassword' in no way means the proxy becomes an open relay. Is this correct?
1.2 Are there any security implications when using 'nopassword' on the proxy?
2.
2.1 I would like to avoid having to store all users in a passdb file on the proxy. I would much rather specify a domain for which Dovecot proxy will route all users to a specific host. Is there a way to let Dovecot proxy route to a destination host based on domain, so individual users don't have to be specified in the proxy passdb?
2.2 Is it correct that userdb does not have any effect on proxying and it can be left out of the config? Source: https://dovecot.org/pipermail/dovecot/2013-October/093138.html (point 2)
Met vriendelijke groeten,
William Edwards
T. 040 - 711 44 96
E. wedwards at cyberfusion.nl
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20191227/26f1f284/attachment-0001.html>
More information about the dovecot
mailing list