2FA for Dovecot
lists
lists at lazygranch.com
Tue Jan 7 10:43:30 EET 2020
I block all my email ports except 25 from countries where I am not going to be sending or receiving email. I also block many datacenters, but blocking Digital Ocean, Vultur and AWS will get you 90%of the way there. You will need to use 587, that is no auth on 25. Again no blocking on 25, just block the other email ports.
I get maybe one attempt to log into my email account a week. Yeah not as good as 2FA but it isn't a research project either. Just a little firewall programming. I get the CIDRs from bgp.he.net.
I am assuming this is a personal server.
A bit extreme, but you could set up a VPN on a VPS and only allow that IP to send and receive email.
Original Message
From: lists at luigirosa.com
Sent: January 7, 2020 12:29 AM
To: dovecot at dovecot.org
Subject: Re: 2FA for Dovecot
Kees de Jong wrote on 06/01/2020 12:58:
> My goal is to protect my mail account with 2FA, which isn't a crazy
> idea in 2020. Therefore, I would like to know the possibilities of
> configuring 2FA for Dovecot.
Use an authentication backend that supports 2FA, such as oAuth:
https://wiki.dovecot.org/PasswordDatabase/oauth2
--
Ciao,
luigi
/
+--[Luigi Rosa]--
\
More information about the dovecot
mailing list