[Dovecot] Dovecot SASL & Postfix

Jerry jerry at seibercom.net
Sun Mar 17 21:08:37 EET 2013

On Sun, 17 Mar 2013 17:27:04 +0100
Reindl Harald articulated:

> Am 17.03.2013 14:08, schrieb Jerry:
> >> the main benefit of dovecot SASL is that SMTP auth is
> >> using exactly the same users/passwords and auth-mechs
> >> as imap/pop3 - so i do not understand why you want create
> >> anything special
> > 
> > Because that is the way the system was originally configured. I had
> > nothing to do with it.
> time to fix it or not touch it at all
> > The system uses a simple format:
> > 
> > user at doman.com		password
> > 
> > The SASL mechanism presently in use uses:
> > 
> > user at hostname.domain.com		password
> pff - sounds funny for the users
> whoever did set this up -> seek and punish this guy :-)
> > Worse, the passwords are not the same in both instances. If I try to
> > implement one system I will have to deal with all of the present
> > users and get them all on the same page. That is not something I
> > really want to invest time in right now.
> so do not touch it at all or do it right for one last time
> > If dovecot could be told to use a specific file then that would
> > simplify things greatly. Besides, the SASL file does not need all
> > of the information contained in the regular Dovecot user/passwd
> > file. Otherwise, I might just give up on this entire endeavor.
> how should it be told?
> dovecot has it's passwords and usernames, they are still used for
> IMAP/POP3 if postfix is using dovecot-SASL dovecot will take over
> SASL auth at all and is using it's usernames and passwords

From what I was told, it was originally set up so that if a user's
mailbox password was compromised, it would not also compromise their
SASL password. Actually, it does seem to make a somewhat more secure

Having an optional file for use strictly with SASL in Dovecot would
seem like something that could be quite useful under the right
circumstances. In any case, I will revisit this problem when I feel
inclined to fight with the current users of the system.

Jerry ♔

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://dovecot.org/pipermail/dovecot/attachments/20130317/2f9a9d03/attachment-0001.bin>

More information about the dovecot mailing list