Hello, Is it possible to disable the requirement for authentication on the submission service? I'm trying to require authentication for all, except for a handful of IP addresses. Thank you. ehlo test.com 250-aaa 250-AUTH PLAIN LOGIN 250-BURL imap 250-CHUNKING 250-DSN 250-ENHANCEDSTATUSCODES 250-SIZE 250 PIPELINING MAIL FROM:<test at test.com> 530 5.7.0 Authentication required.
I am quite curious about the circumstances of this question. I was not aware that Dovecot actually offered mail submission service. If Dovecot does offer such a service, then it will have to relay the submitted mail to the real MTA, which is very likely not Dovecot. At the moment I have Postfix set up as MTA for that purpose ? Relaying on port 25 is usually quick and easy to whitelist for certain permitted hosts, but otherwise port 587, optionally with STARTTLS, and/or port 465 with SSL/TLS is generally set up for user authenticated mail submissions. See also: https://www.mailgun.com/blog/which-smtp-port-understanding-ports-25-465-587/ On July 28, 2021 6:10:28 AM AKDT, Dan Conway <darkc0de at archnix6.net> wrote:>Hello, > >Is it possible to disable the requirement for authentication on the >submission service? I'm trying to require authentication for all, >except >for a handful of IP addresses. > >Thank you. > > >ehlo test.com >250-aaa >250-AUTH PLAIN LOGIN >250-BURL imap >250-CHUNKING >250-DSN >250-ENHANCEDSTATUSCODES >250-SIZE >250 PIPELINING >MAIL FROM:<test at test.com> >530 5.7.0 Authentication required.-- Sent from my Android device with K-9 Mail. Please excuse my brevity. -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20210728/419770ad/attachment.html>
Making no assertions\judgements as to the goal or intended path to get there?just helping with the original question? Based on the submission server link below, it appears you will need to use the same auth mechanisms for submission as you do for imap\pop. So essentially, the same type of config for allowing no auth imap\pop connections should be how you cfg no auth submission connections. In addition to the following links, I would also take a look at Dovecot?s default auth config file for more details on how to allow access without auth? https://doc.dovecot.org/admin_manual/submission_server/ https://doc.dovecot.org/configuration_manual/authentication/ - - - On 28 Jul 2021, at 7:10, Dan Conway wrote:> Hello, > > Is it possible to disable the requirement for authentication on the > submission service? I'm trying to require authentication for all, > except for a handful of IP addresses. > > Thank you. > > > ehlo test.com > 250-aaa > 250-AUTH PLAIN LOGIN > 250-BURL imap > 250-CHUNKING > 250-DSN > 250-ENHANCEDSTATUSCODES > 250-SIZE > 250 PIPELINING > MAIL FROM:<test at test.com> > 530 5.7.0 Authentication required.-------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20210728/ba1608fe/attachment.html>