Hi Sidsel, thank you for the work your company is doing with Dovecot - much appreciated!
Getting Dovecot to work with OAUTH is not a problem. We already did this a long time ago and your instructions are more than clear. The problem is the mail clients. I'll see if I can attend in Vancouver and/or find out what else we can do to help as well. We need a solution asap. Cheers, Scott On Tuesday, 16/07/2024 at 09:18 Sidsel Jensen via mailop wrote: Hi Andreas We have some documentation here: https://documentation.open-xchange.com/8/middleware/mail/dovecot/oauth_2.0_with_postfix_and_dovecot.html but a good HowTo sounds like a really good idea, to further the adoption. If you need help let me know :) To answer Scott in terms of the wider discussion, there are some things in motion currently. I know that https://datatracker.ietf.org/doc/draft-jenkins-oauth-public/ is to be discussed at the next IETF meeting in Canada. There is also work ongoing regarding https://datatracker.ietf.org/doc/draft-bucksch-autoconfig/ What could be nice is contact points to some of the bigger mail clients for them to support it. There are people that are trying to work on this topic in M3AAWG and have been for some time. If you can - please create feature requests for those clients - that could be a good starting point to let the companies know that there is in fact customer demand for this. Kind Regards, Sidsel Jensen > On 07/14/2024 5:21 PM CEST A. Schulze via mailop wrote: > > > Am 10.07.24 um 04:07 schrieb Scott Q. via mailop: > > What exactly is missing for broad acceptance ? > > > > https://openid.net/specs/openid-connect-discovery-1_0.html defines some pretty clear ways to autodiscover the endpoints. > > > > MS & Google and Keycloak both offer this URL: > > > > https://login.microsoftonline.com/domain.com/.well-known/openid-configuration > > https://accounts.google.com/.well-known/openid-configuration > > All, > > maybe off topic, but as Scott asked "What exactly is missing for broad acceptance": here are my thoughts: > > I'm aware of many operators of smaller email systems for less then 1k users. > There the preferred software is mostly postfix, dovecot and keycloak. > > dovecot and keycloak offer oauth2. What's missing is how to glue them together to play with oauth. > There were question on dovecot- and keycloak-mailing lists [1], [2] and [3] but they are still unanswered. > > I would collect and combine that for a howto but I also lack some oauth2 skills... > > Andreas > > [1] https://dovecot.org/mailman3/hyperkitty/list/dove...@dovecot.org/thread/JJEEJG3JR5GT3H2MQEUDRLNEAA4US4KP/ > [2] https://dovecot.org/mailman3/hyperkitty/list/dove...@dovecot.org/thread/3NM5CX4BFPBFLMG7QLFK7JV6I4OCUVM3/ > [3] https://groups.google.com/g/keycloak-user/c/IKfCm4UuOVg/m/iouuRv8HAQAJ > _______________________________________________ > mailop mailing list > mailop@mailop.org > https://list.mailop.org/listinfo/mailop _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop