I was testing a bit this setup of putting them in different servers, since
these options are implemented. What I was not sure was if they support TLS as
well. So Postfix-Dovecot SASL AUTH is not supported. Is TLS LMTP supported
between Postfix and Dovecot? I see that Dovecot LMTP supports a TLS connection,
but not sure if Postfix can make the TLS initial request. I just could exchange
data over LMTP in plain (no TLS) between Postfix and Dovecot.
Regards,
Ibra
On Thu, 16 Nov 2023 at 12:28, Nick Lockheart <fo...@ageofdream.com> wrote:
Are Postfix and Dovecot running on the same server? If so, you might
be better served by connecting with a UNIX socket rather than TCP.
I'm not sure there is much security benefit to using TLS on the
loopback interface which is what was in your example from the
previous email.
And to clarify, Postfix supports TLS for authentication between an
email program like Thunderbird and the Postfix server, but does not
support TLS for the SASL AUTH *service* connection from Postfix to
the AUTH provider (Dovecot or Cyrus-SASL).
Also, please use the group reply function so your email goes to the
list, this email only went to me.
On Thu, 2023-11-16 at 09:38 +0000, ibra wrote:
Good Morning,
thank you for your fast response, and sorry to not answer
before, I forgot to check spam folder. Good to know that
postfix does not support SASL AUTH over TLS, because
actually I was planning to use it.
I started with Dovecot to check if auth port support tls.
For that I launched tls handshake using openssl, like this
command:
$ openssl s_client -servername mail.sample.com -connect
localhost:12345
But I got an error. (In summary Dovecot ends the
connection).
Anyway, it would be awesome that in the future both Postfix
and Dovecot could support it.
On LMTP port, tls handshake worked in Dovecot side, now I
have to configure Postfix to make the request to dovecot
LMTP over tls.
With Postfix I was able to send data to Dovecot LMTP port,
but was not over TLS. Do you know what settings should I
enable in Postfix side?
Regards
Ibra.
On Wed, 15 Nov 2023 at 11:08, Nick Lockheart
<nlockhe...@ageofdream.com> wrote:
On Wed, 2023-11-15 at 10:00 +0000, ibra wrote:
Hi,
I'm trying running tls connections for
both auth and lmtp services. For
lmtp it is ok, for auth service I
couldnt make it. I configure dovecot
with
the next configuration in file "conf.d/
10-myconfig.conf":
Which MTA are you trying to connect from? Postfix
does not support SASL AUTH over TLS, for example.
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
