On 26 Oct 2017, at 14:24, cac...@quantum-equities.com wrote:
So, passwords -can- be used with virtual users for SMTP?
Yes. Any authentication identity can be used for Postfix's SMTP/Submission authentication because Postfix doesn't really do the authentication.
Authentication in Postfix is entirely managed by external SASL libraries: either Cyrus or Dovecot. Authentication does not even intrinsically require a deliverable address and not all deliverable addresses (e.g. aliases, usually) will be valid authentication identities. For example, on my personal system the "virtual" address that I use for Dovecot (and hence Postfix) authentication is in fact tied to a real OS user with a username that is never published as an email address and which actually can't receive mail via SMTP except via addresses in virtual domains. Unless you have smtpd_sender_login_maps defined, the authentication identity you use is not bound to any particular sender address or set of sender addresses. It is merely a username that the SASL subsystem has authenticated.
