search for: postfix_and_dovecot_sasl

...ot acceptable for security reasons. > > Is it possible to add authorization in the remote MTA using submission_host? You start the auth service in dovecot, then tell the MTA to use it. For example, if you use postfix this explains how: https://doc.dovecot.org/configuration_manual/howto/postfix_and_dovecot_sasl/

When using dovecot container with sieve plugin there is no sendmail to use for sending email for sieve redirect action for example. We can use submission_host instead https://doc.dovecot.org/settings/core/#core_setting-submission_host but there is no way to specify credentials for auth in remote MTA. Submission_relay_* settings e.g. submission_relay_master_user relate to dovecot submission

...not acceptable for security reasons. > > Is it possible to add authorization in the remote MTA using submission_host? You start the auth service in dovecot, then tell the MTA to use it. For example, if you use postfix this explains how: https://doc.dovecot.org/configuration_manual/howto/postfix_and_dovecot_sasl/ -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20230117/69d09445/attachment.htm>

...in the interval between first_valid_uid and last_valid_uid. I have been able to verify this. However, when we have a postfix server on the same machine, that delegates authentication to dovecot SASL according to the configuration described at https://doc.dovecot.org/configuration_manual/howto/postfix_and_dovecot_sasl/, we can indeed log in as root on the postfix server. Proof (/var/log/mail.log with auth=debug) : Mar 13 20:16:37 ricorambo dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=smtp#011nologin#011lip=<redacted>#011rip=<redacted>#011secured#011resp=<hidden> Mar 13 20:...