[Dovecot] Dovecot SASL & Postfix

Jerry jerry at seibercom.net
Sun Mar 17 21:08:37 EET 2013 

On Sun, 17 Mar 2013 17:27:04 +0100
Reindl Harald articulated:

> 
> Am 17.03.2013 14:08, schrieb Jerry:
> >> the main benefit of dovecot SASL is that SMTP auth is
> >> using exactly the same users/passwords and auth-mechs
> >> as imap/pop3 - so i do not understand why you want create
> >> anything special
> > 
> > Because that is the way the system was originally configured. I had
> > nothing to do with it.
> 
> time to fix it or not touch it at all
> 
> > The system uses a simple format:
> > 
> > user at doman.com		password
> > 
> > The SASL mechanism presently in use uses:
> > 
> > user at hostname.domain.com		password
> 
> pff - sounds funny for the users
> whoever did set this up -> seek and punish this guy :-)
> 
> > Worse, the passwords are not the same in both instances. If I try to
> > implement one system I will have to deal with all of the present
> > users and get them all on the same page. That is not something I
> > really want to invest time in right now.
> 
> so do not touch it at all or do it right for one last time
> 
> > If dovecot could be told to use a specific file then that would
> > simplify things greatly. Besides, the SASL file does not need all
> > of the information contained in the regular Dovecot user/passwd
> > file. Otherwise, I might just give up on this entire endeavor.
> 
> how should it be told?
> 
> dovecot has it's passwords and usernames, they are still used for
> IMAP/POP3 if postfix is using dovecot-SASL dovecot will take over
> SASL auth at all and is using it's usernames and passwords

From what I was told, it was originally set up so that if a user's
mailbox password was compromised, it would not also compromise their
SASL password. Actually, it does seem to make a somewhat more secure
system.

Having an optional file for use strictly with SASL in Dovecot would
seem like something that could be quite useful under the right
circumstances. In any case, I will revisit this problem when I feel
inclined to fight with the current users of the system.

-- 
Jerry ♔

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__________________________________________________________________

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://dovecot.org/pipermail/dovecot/attachments/20130317/2f9a9d03/attachment-0001.bin>

More information about the dovecot mailing list