Hi, Benny Pedersen: > why should dovecot need an auth server ?, if dovecot have this its not > dovecot that use it as client, eq outside clients can use it
I'm not sure I understand what you're trying to say… > as i read it you want mta to do the lmtp auth client ? The MTA (Postfix) should authenticate itself with a TLS client certificate when it connects to Dovecot via LMTP. Dovecot (the LMTP server part) should verify the client cert against a CA certificate before allowing a client to deliver mail via LMTP. According to <https://doc.dovecot.org/2.4.1/core/summaries/settings.html#auth_ssl_require_client_cert>: If yes, authentication fails when a valid SSL client certificate is not provided. … but in my case it doesn't fail, although it should. > https://brokkr.net/2019/10/31/lets-do-dovecot-slowly-and-properly-part-3-lmt... > should be basicly, take attention on address Nothing in there says anything about SSL, TLS, or client certificates, so I don't know what point you're trying to make here. - Roland _______________________________________________ dovecot mailing list -- [email protected] To unsubscribe send an email to [email protected]
