Disable authentication for submission service
John Stoffel
john at stoffel.org
Wed Jul 28 21:18:12 EEST 2021
>>>>> "Dan" == Dan Conway <darkc0de at archnix6.net> writes:
Are you sure? I know that postfix can use the same backend database
for authentication as dovecot, and dovecot can be the master, but dovecot
does NOT listen on port 25 or 587 at all, those are all just used by
Postfix.
Dan> Yes Dovecot will proxy the connection to the real MTA. My
Dan> question is why authentication is always required on Dovecot when
Dan> submission is used, as MTAs usually have an option to allow
Dan> non-authenticated relaying.
Dan> On 7/28/21 10:19 AM, justina colmena ~biz wrote:
Dan> I am quite curious about the circumstances of this question. I was not aware that Dovecot
Dan> actually offered mail submission service. If Dovecot does offer such a service, then it will
Dan> have to relay the submitted mail to the real MTA, which is very likely not Dovecot. At the
Dan> moment I have Postfix set up as MTA for that purpose —
Dan> Relaying on port 25 is usually quick and easy to whitelist for certain permitted hosts, but
Dan> otherwise port 587, optionally with STARTTLS, and/or port 465 with SSL/TLS is generally set up
Dan> for user authenticated mail submissions.
Dan> See also:
Dan> https://www.mailgun.com/blog/which-smtp-port-understanding-ports-25-465-587/
Dan> On July 28, 2021 6:10:28 AM AKDT, Dan Conway <darkc0de at archnix6.net> wrote:
Dan> Hello,
Dan> Is it possible to disable the requirement for authentication on the
Dan> submission service? I'm trying to require authentication for all, except
Dan> for a handful of IP addresses.
Dan> Thank you.
Dan> ehlo test.com
Dan> 250-aaa
Dan> 250-AUTH PLAIN LOGIN
Dan> 250-BURL imap
Dan> 250-CHUNKING
Dan> 250-DSN
Dan> 250-ENHANCEDSTATUSCODES
Dan> 250-SIZE
Dan> 250 PIPELINING
Dan> MAIL FROM:<test at test.com>
Dan> 530 5.7.0 Authentication required.
Dan> --
Dan> Sent from my Android device with K-9 Mail. Please excuse my brevity.
More information about the dovecot
mailing list