Thanks for the reply, postfix + dovecot sasl configured and working properly. My question is about "adding dovecot authentication when sending emails via submission_host".
Let's say we have dovecot + sieve plugin container. Dovecot configured to use remote SMTP submission host to send messages: submission_host = postfix.example.com:587 User [email protected] has the following sieve script: require ["fileinto", "copy", "vacation", "date", "relational"] ; redirect :copy "[email protected]"; keep; [email protected] sending email to [email protected] dovecot lmtp log: lmtp([email protected])<7670><QTsrNZjdxmP2HQAAaVGrHw>: Info: sieve: msgid=<[email protected]>: redirect action: failed to redirect message to <[email protected]>: smtp(postfix.example.com:587): RCPT TO failed: 554 5.7.1 <[email protected]>: Recipient address rejected: Access denied (permanent failure) lmtp([email protected])<7670><QTsrNZjdxmP2HQAAaVGrHw>: Info: sieve: msgid=<[email protected]>: stored mail into mailbox 'INBOX' lmtp([email protected])<7670><QTsrNZjdxmP2HQAAaVGrHw>: Info: sieve: Execution of script /var/dovecot/example.com/foo/foo.sieve failed, but implicit keep was successful (user logfile /var/dovecot/example.com/foo/foo.sieve.log may reveal additional details) sieve.log error: msgid=<[email protected]>: redirect action: failed to redirect message to <[email protected]>: smtp(postfix.example.com:587): RCPT TO failed: 554 5.7.1 <[email protected]>: Recipient address rejected: Access denied (permanent failure). postfix log: NOQUEUE: reject: RCPT from unknown[10.0.1.4]: 554 5.7.1 <[email protected]>: Recipient address rejected: Access denied; from=<[email protected]> to=<[email protected]> redirect :copy action failed, its expected behavior, dovecot do not auth when sending email via submisson_host. If there is setting like submission_host_master_user = [email protected] submission_host_master_password = masterpass to do authentication as master user in postfix who can send email as any user... ________________________________ От: dovecot <[email protected]> от имени [email protected] <[email protected]> Отправлено: 17 января 2023 г. 18:25 Кому: [email protected] <[email protected]> Тема: Re: submission_host auth > When using dovecot container with sieve plugin there is no sendmail to use > for sending email for sieve redirect action for example. We can use > submission_host instead > https://doc.dovecot.org/settings/core/#core_setting-submission_host but there > is no way to specify credentials for auth in remote MTA. Submission_relay_* > settings e.g. submission_relay_master_user relate to dovecot submission > service. Using something like permit_mynetworks in remote MTA is not > acceptable for security reasons. > > Is it possible to add authorization in the remote MTA using submission_host? You start the auth service in dovecot, then tell the MTA to use it. For example, if you use postfix this explains how: https://doc.dovecot.org/configuration_manual/howto/postfix_and_dovecot_sasl/
